back to article 'We're having panic attacks' ... Sony staff and families now threatened in emails

Sources within Sony Pictures have told The Register that employees received bizarre emails on Friday threatening them and their families if they don't take the side of hackers who raided the firm's corporate servers. The hackers, working under the moniker Guardians of Peace or GOP, have spent the past week dumping onto file- …

  1. Vociferous

    Whoever wrote that sure sounds like...

    ...the guy who wrote the manual to my Korean-made coffee making machine.

    1. Anonymous Coward
      Anonymous Coward

      Re: Whoever wrote that sure sounds like...

      You beat me too it. Whoever wrote that was clearly clinging to the principles of the Juche Idea (for dear life, Dear Leader and the disembodied soul of Great Leader).

      Best regards,

      AC

      1. Destroy All Monsters Silver badge

        Re: Whoever wrote that sure sounds like...

        Juche? No, just to poor grammar and S&M porn movies.

        1. KA1AXY

          Re: Whoever wrote that sure sounds like...

          All your base are belong to us!

          You have no chance. Make your time!

          1. Mike Flugennock
            Coffee/keyboard

            Re: Whoever wrote that sure sounds like...

            BWAH HA HA HA HA HA HAHHHH.

            I regret that I have but one upvote to give to that post.

        2. Anonymous Coward
          Headmaster

          Re: Whoever wrote that sure sounds like...

          @DAM

          It's too poor grammar.

    2. Anonymous Coward
      Anonymous Coward

      Clearly, it was Reg favorite commentard amanfrommars1

      I've noticed his posts have been getting a bit more lucid over time, presumably the AI is improving as it grows. He is now able to carry out complex hacks, maybe he's the one Hawking and Musk are worried about.

    3. Oninoshiko

      Re: Whoever wrote that sure sounds like...

      agreed, these are definitely criminals. for crimes against the English language!

    4. Anonymous Coward
      Anonymous Coward

      Re: Whoever wrote that sure sounds like...

      It's be interesting to see what language(s) those word choices and grammar that e-mail maps to.

    5. Anonymous Coward
      Anonymous Coward

      Re: Whoever wrote that sure sounds like...

      It's possible the crazy English is intentional, so that the feds can't use pattern recognition to identify the perpetrator (who is highly likely to be a disgruntled ex employee)

      1. Sarev

        Re: Whoever wrote that sure sounds like...

        It does not mean it is difficult to hide the origin of your text . Simply translated into Japanese and then in English back Google is .

  2. Florida1920
    Stop

    Too far, on both sides

    Maybe Sony deserves to be punished for its sins but, for the benefit of any GOP types, this is too much. Whatever scant amount of justification you may have had just evaporated.

    That said, you really have to wonder about a major studio making a movie -- a comedy, even -- about an assassination attempt on a living head of state. Was that the best script they had on hand? This whole affair makes it appear the human race has taken several giant steps backward.

    1. Destroy All Monsters Silver badge

      Re: Too far, on both sides

      This whole affair makes it appear the human race has taken several giant steps backward.

      Err... anon... let me tell you about that Saddam Hussein business.... currently in the "extended blowback" phase...

    2. Eric Olson

      Re: Too far, on both sides

      If I was an employee, I would be working with all the lawyers to sue the company, the individuals involved in security, and maybe even the consulting firm and activist shareholders who pushed Sony Entertainment down these paths. No one should be spared and as an employee, I would care little over who got screwed in the end; the only appropriate punishment for such malpractice and negligence is hefty legal bills, settlements, and a PR nightmare that might rock the foundation of the current practice of blaming the fish for being eaten by the sharks.

      That's not to say that each defendant would be responsible, but it would set off a nice merry-go-round of recriminations, investigations, and perhaps even a few ruined careers. If the C-suite, management firms, activist shareholders, etc. want to justify their huge salaries, returns, and power, a little responsibility (and associated consequence) should go a long way towards ensuring that if nothing else, they are paying through the nose for personal liability insurance.

      It seems the only way we can ensure that people play by the rules is to make the punishments much greater than the profit. This is a lesson we've been learning for since 2008 and will continue to learn as long as we allow people and entities the ability to get away with negligence or outright malfeasance for a minor penalty that still made the behavior profitable.

      </rant>

      1. John Brown (no body) Silver badge
        Pirate

        Re: Too far, on both sides

        "activist shareholders who pushed"

        Yes, that caught my attention too. The biggest private shareholder, who forced Sony to cut costs, streamline, make people redundant and has since sold off his shares. Looks like he bought in cheap after a few flops, forced changes to up the value in the eyes of the Wall St. sharks then bailed before the cuts took real effect. Sounds like he's a typical robber capitalist of the Gordon Gecko mold.

        Icon for Daniel Loeb. He's probably cost Sony Pictures a shit load more in cash and value than any video pirate ever did.

      2. Anonymous Coward
        Anonymous Coward

        Re: Too far, on both sides

        'taint gonna happen. Sadly they own all the agents that could hold them responsible.

    3. Mike Flugennock
      Facepalm

      Re: Too far, on both sides

      "...That said, you really have to wonder about a major studio making a movie -- a comedy, even -- about an assassination attempt on a living head of state..."

      I was thinking that, myself. Perhaps whoever it was, was motivated by the old "everybody's a critic" principle... dear GOD, a COMEDY? Are they kidding us? What a piece of crap! Let's take 'em down, guys!

      I can't pretend I'm not enjoying this.

    4. Anonymous Coward
      Anonymous Coward

      Re: Too far, on both sides

      I upvoted you. But, still I think against raising a concern of someone who is threatening individuals of their families. Do this some other day. My company (employer) has no canon on its gates, due to budget constraints. This doesn't mean I should be threatened a backlash.

      1. 's water music

        No canon on the gates

        How do you resolve which aspects of the gates are genuine? Who does the blessings? My company has a bishop on our gates. His expenses are tax deductible and if you need to relieve workplace stress he is always up for a quick game of five finger fillet.

  3. Hollerith 1

    Cojones...

    Sony needed some testicular courage if it was going to face up to Loeb. He gets them to make themselves look mean and lean and then cashes out -- why heed anyone who is in it to make a quick killing? What does he know of about a well-run business, or how to build one?

    That being said, Sony is clearly a mess, and now a disembowelled mess.

    1. Ben Tasker

      Re: Cojones...

      Yup, and people like that really piss me off for some reason, take this;

      who had described Sony's entertainment businesses as "poorly managed" and "characterized by a complete lack of accountability and poor financial controls."

      Poor management tends to cost us as the consumer more as the cost of producing is increased by the inefficiency. Except of course, these twats don't see it that way, they want the efficiency increase to produce higher profit margins (we were already paying that amount, so why lower prices?) and increase the share price for their eventual sell-out

  4. Anonymous Coward
    Anonymous Coward

    You have a problem with a person, you raise it with that person & whatever happens win/lose or draw it ends there. There is never any justification for targetting the immediate or extended family of anyone you may have a problem with, ever. Doing so is the act of a completely morally bankrupt coward!

    Considering the scope of the data breach, Sony have to consider this a credible threat against their employees & their employees immediate & extended families. While I stand against the shenanigans the Alphabet Agencies have been allowed to get away with, one can only hope they will be encouraged to bring their investigative powers to this & actually snoop on those who deserve it for a change

    1. Naughtyhorse

      morally bankrupt coward!

      you do know this is the norks right?

      1. Anonymous Coward
        Anonymous Coward

        Re: you do know this is the norks

        No. Do you?

  5. Destroy All Monsters Silver badge
    Alien

    The size of the team and the fact that passwords were listed unencrypted in files named "passwords" is worrying to some.

    Only to some?

    This industry, much to learn, it has!

    1. Uffish
      Headmaster

      Some people!

      It's called understatement, and is often used sarcastically (as in this case).

      The understatement comprises both the number of people likely to be worried and also the enormity of the errors being reported.

    2. Tom 35

      Not just the size of the team...

      11 people – mostly managers

    3. Suricou Raven

      Not just passwords.

      They also kept a convenient list of company credit cards details. Card numbers, end dates, even the PINs. And another file with the login details for various external services. I imagine it's all revoked by now.

  6. Anonymous Coward
    Anonymous Coward

    WIPEOUT 2014

    An ironic addition to the futuristic racer series?

  7. Anonymous Coward
    Anonymous Coward

    If Sony had proper security in place, I would feel sorry for the company, because as we all know there's no such thing as 100% secure.

    However, some of the sources seem to suggest that security wasn't important at all. As a consequence of that, I can only say: tough luck; you get what you deserve.

    Maybe Sony (and hopefully a lot of other companies) start to realise that any amount spent on IT security and prevention is *always* cheap in comparison to the results of a serious breach like this.

    I do feel for all the employees (and their families), who are affected by this. They didn't deserve any of this. Management, their bean counters (and to a certain extent pushy shareholders) are to blame.

    1. elip

      I'm somewhat surprised that Sony is taking this so seriously. After all, they clearly did not place any value in the pilfered data.

  8. Doctor Syntax Silver badge

    Whoever was actually responsible, weak security and massive cuts don't sound like a good combination.

  9. sjsmoto

    having panic attacks

    Boo hoo. I'm sure the grandmas and preteens sued for thousands of dollars by RIAA were also having panic attacks but the likes of Sony didn't care, so I'm not about to care what happens to them.

    1. Eric Olson

      Re: having panic attacks

      Unless they themselves were the architects of that behavior, your logic is at the same grade-level of the logic used by screwballs the world over to justify collateral damage.. including many world governments: Hey, they should have known better than to be born in a country associated with a few idiots with guns.

      It's called guilt by association; it is never reasonable and is often reprehensible.

      1. sjsmoto

        Re: having panic attacks

        Sony is a member of RIAA [1] and makes up 22% of their board of directors [2]. I can't imagine them NOT having a say in that behavior.

        [1] http://www.riaa.com/aboutus.php?content_selector=aboutus_members&f=s

        [2] http://www.riaa.com/aboutus.php?content_selector=who_we_are_board

        Oh, and please search for the word Sony on this page:

        https://www.eff.org/wp/riaa-v-people-five-years-later

      2. boba1l0s2k9

        Re: having panic attacks

        "guilt by association; it is never reasonable" If you have completely certain knowledge of a nuclear weapon about to be launched at a city which will guarantee the death of 10 million innocent people and the only action available to you is to bomb the area where the nuke is and kill the bad actors, their equipment, and also 1 person you know is completely innocent....isn't the collateral damage acceptable? To say you'd choose to save 1 innocent life at the expense of 10,000,000 innocent lives doesn't sound reasonable. If you grant this, then you're granting the reasonableness of collateral damage as a principle. You might argue that some metaphorical panic attacks of innocents are too great a cost against a structure that caused great suffering through mismanagement (e.g. resulting from lost jobs, positive ventures never pursued, etc), but you can't say that such a thing is "never reasonable" -- that's hyperbole. If you truly would choose to save 1 instead of 10 million, then I want you to consider that you're in a very small minority, the kind most people wouldn't want making decisions.

        1. solo

          Re: Nukes

          No. Wrong analogy. it is not like only nuking them. It's like sending butcher teams with knives afterwards to enter each home and killing them and the kids and the grannies and the sheeps.

  10. Mark 85
    FAIL

    risk-based decisions?

    I guess they decided profit and quieting the former investor as more needed than good IT security.

    If they go under, than it's the board's fault for not doing what was needed and giving into the "return shareholder value" we hear so often. I suspect that there are more companies in line for a similar rude awakening.

  11. Anonymous Coward
    Anonymous Coward

    Why it seems only yesterday Sony was shipping CDs with autorun rootkits! Karma?

    1. Anonymous Coward
      Anonymous Coward

      You beat me to it. However -amusing as this might be to people who haven't forgiven them for that fucking rootkit and boycott their products to this day- it does raise a further point in that there is no possible way that Sony can claim to be ignorant of the field of IT security. They got their games network thoroughly pwned fairly recently (Apil 2011) and have also had a go -as a corporation, mind you, not a "independently operating loose cannon from within their ranks"; at hacking other people themselves.

      Arguably, Sony's hacking attempt was the more heinous in principle, because it was targeting innocents; whereas you'd reasonably expect a corporation (with a gamer network yet!) to have some defences, expertise and personnel to throw at the subject.

      I feel sorry for the victims, but no sympathy whatsoever for Sony. It'll be interesting to see how they try and wriggle out of it when the inevitable lawsuits come flooding in

  12. CarbonLifeForm

    Could somebody explain this?

    How did Sony Pictures effect such ideological tumescence in this group of hackers? What are they mad about exactly? Of all the entities in the world to get exercised about, why pick Sony? Sorry, I guess I've been living under a rock or something - the article is written such that it seems everyone should know.

    1. Naughtyhorse

      Re: Could somebody explain this?

      They are planning a movie that takes the piss out of kim jong ill (bloated son of the great pointer) in which he gets offed. the norks are pretty pissed about it.

      well one nork is pissed off about it, but he's the only nork who's opinion matters.

      Someday soon the Chinese will work out what the fall of sony would do to their domestic counterfeiting business and said nork will be told to 'wind his neck in' in no uncertain terms :-)

      1. Naughtyhorse

        Re: Could somebody explain this?

        PS

        I do hope the norks dont find out that norks means tits to us.

        they will be livid

        1. Anonymous Coward
          Anonymous Coward

          Re: Could somebody explain this?

          I don't know, Victoria Coren referred in print to her "norks" and I had to go and lie down in a dark room with a cold water bottle.

      2. YetAnotherLocksmith Silver badge

        Re: Could somebody explain this?

        Seriously?

        North Korea has nothing to do with this. Seriously. One guy comes up with one half-baked idea, and suddenly it's the "truth"? Half the world seems to have repeated this.

        In my opinion, there are two answers to this:

        Either someone decided that Sony was threatening the US dominance of "Hollywood" a bit too much, or, it was a bunch of pissed off people who were let go from Sony over the last year or so.

        At first I was for the first answer, but with facts like Sony being over 1/5th of the RIAA board, the swinging staff cuts, etc. I'm now leaning more towards the latter - they would still have physical access, and that's what you need when you are taking 11 TERABYTES of data away with you - where would you even store that, if you were a disgruntled employee? And you'd certainly not be able to pull it over the network to your home DSL connection, even without an IDS to notice!

        So I figure a bunch of pissed employees worked together with a hacker group.

  13. asdf
    Megaphone

    IT industry

    Guess in a sad way this is good news for people (outside Sony) in the IT industry (at least if they are competent). My guess is after a few more near collapses of corporations due to lax security and crap management outsourcing, IT people will get less of the lecture off how they are just a cost and are of little benefit to the business as a whole. More important hopefully IT salaries start increasing more as seems to be the case recently at least in the US.

    1. JeffUK

      Re: IT industry

      LOL

  14. Boris the Cockroach Silver badge

    Hmmm

    that rant smells of someone recently fired from the company and wanting to take his revenge

    Any takers on the whole thing is an inside job because a former employee knew how crappy the IT security was ?

    1. John Tserkezis

      Re: Hmmm

      "that rant smells of someone recently fired from the company and wanting to take his revenge"

      Well, it certainly wasn't his exemplary command of the English language that kept him employed there....

      Or "her", hey, I'm not judging.

      "Any takers on the whole thing is an inside job because a former employee knew how crappy the IT security was ?"

      I'm not so sure, aside from there being other evidence, you don't need to be a Sony employee to see how slack their security was.

  15. Cynicalmark
    FAIL

    Always the accountants

    companies have been screwed up by bean counters too long. Overheads in IT & Engineering are always the first to suffer as they 'produce no discernable, visible benefit'. Yup thats what I was told. I left to work for someone less moronic - thats what Sony employees should do to their greedy execs.

    1. Dave Harvey

      Re: Always the accountants

      The more I look at this, the more I suspect that it was not the "norks" at all, but more likely a pissed-off, outsourced, and now out of a job ex-security-bod from Sony, who decided to take things a little further than just leaving the job in a huff. The extent of both access AND perhaps more importantly the knowledge of exactly where in the network to go and get the most damaging, embarrassing, and value-destroying data, sure makes an "inside job" seem the most likely explanation to me.

      1. Mark 85

        Re: Always the accountants

        It may not even be an "ex".... just someone pissed off enough and with enough knowledge to hand the keys to the postern gate over to the right people as well as the map of where the important stuff was kept.

  16. Mike Flugennock

    Oh, for Christ's sake...

    Did whoever this was actually expect people to be fear-stricken on receiving this message?

    I won't speak for any Sony employees, but I personally would be laughing my ass off instead.

    Seriously, man... "All your base..."

    1. Where not exists

      Re: Oh, for Christ's sake...

      While the message reads like a typical spam mail that I delete after reading the first two words, the fact that whoever sent it also has the recipient's home address, phone numbers, social security number, date of birth, income, bank account info (if they had direct deposit), probably the names and ages of their family members (from health care data, emergency data, etc.), among many other details, yeah, I'd be scared.

  17. ecofeco Silver badge

    How many times does this make?

    Rhetorical question: how many does this now make that Sony has gotten hacked?

    Somebody correct me if I'm wrong (and I may be) but what I was able understand from a previous article was that this hack was initiated through (or by utilizing or in association with) the PlayStation servers? If so, that is more than just negligence as they were the previous targets that were successfully breached, what, 3 times in the past?

    Something is very odd about all this.

  18. kainp121

    "The message – included below – threatens harm to staff and their families unless they show support for the GOP activities."

    You just crossed the line into domestic terrorism. The Alphabet boys are going to get involved.

    "Boo hoo. I'm sure the grandmas and preteens sued for thousands of dollars by RIAA were also having panic attacks but the likes of Sony didn't care, so I'm not about to care what happens to them."

    If it was just Sony I would agree but they are threatening third parties that had nothing to do with Sony.

    Just cause your brother is a piece of turd does not me you should get you ass beaten,

  19. slack
    Facepalm

    Err...

    Problem: Nobody is going to see the crappy films your company is making.

    Solution: Hire Bain & Co to placate some rapacious shareholder, toss in $250m in "overheard and procurement savings", add "Sony Pictures had a crap approach to passwords and access controls, but the concerns were dismissed by Sony execs because requiring staff to memorize complex passwords was too much" and top it off by promoting to Veep of Info-Sec the guy who said "We’re trying to remain profitable for our shareholders, and we literally could go broke trying to cover for everything,".

    What could POSSIBLY go wrong?

    1. Paul Crawford Silver badge

      Re: Err...

      It this the plot of a new film script? Sound interesting...

  20. Anonymous Coward
    Big Brother

    I bet the IRS will have a field day cross-referencing payments with the luvvies declared income

    1. Suricou Raven

      It's already widely known that the movie industry has an approach to taxation that would be outright illegal in any other field. It's a historical thing. It's always been that way.

      There's a reason you always see movies given as having 'made X on a budget of Y.' It's because no film is on budget, ever. The production costs are always inflated to whatever extent is needed to make sure that the film is a financial failure on paper, thus producing no taxable profit. The money is instead made by all the various studio-tied contractors who get paid very generously for production, distribution and promotion, and tend to be in more tax-favorable situations.

      It's also why royalties are paid on gross revenue, not net. Net is always negative.

  21. FuzzyTheBear

    Time to start cutting cables ?

    I mean .. states that support hacking and bandits etc .. ever considered throwing them off the net severing the connections 2 inches past their border ? .. If they don't behave why tolerate them ?

    Ban them and cut their access and cables completely . ain't that hard to do. Nothing like an axe to solve that problem.

    Cut the umbilical and let them deal with their internal troubles .

  22. ElsmarMarc

    Time to start cutting cables ?

    Whose cables are you referring to?

    1. Baskitcaise
      Pint

      Re: Time to start cutting cables ?

      OK so I am a bit late but you beat me to it, upvote for sheer presience.

      Also if I had checked my spilling the time would have been about 3 mins shorter, sorry long night sorting out "stuff" (tm).

  23. Alpha Tony

    Oh the humanity.

    The real tragedy here is that the huge amount of publicity generated by these wingnuts will cause a disproportionally large number of people to voluntarily subject themselves to a Seth Rogen film.

  24. Anonymous Coward
    Anonymous Coward

    GOP?

    Guardian of Peace? Sounds like a bunch of spotty teenage script kiddies living in their parents basements, pulling their 3 inch long dicklets to pictures of male nipple poke, pretending that they are great hackers when they are nothig mre than a bunch of pathetic losers who happened to get lucky with one of their malware laden toolboxes they downloaded from real hackers.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon