Whoever wrote that sure sounds like...
...the guy who wrote the manual to my Korean-made coffee making machine.
Sources within Sony Pictures have told The Register that employees received bizarre emails on Friday threatening them and their families if they don't take the side of hackers who raided the firm's corporate servers. The hackers, working under the moniker Guardians of Peace or GOP, have spent the past week dumping onto file- …
Maybe Sony deserves to be punished for its sins but, for the benefit of any GOP types, this is too much. Whatever scant amount of justification you may have had just evaporated.
That said, you really have to wonder about a major studio making a movie -- a comedy, even -- about an assassination attempt on a living head of state. Was that the best script they had on hand? This whole affair makes it appear the human race has taken several giant steps backward.
If I was an employee, I would be working with all the lawyers to sue the company, the individuals involved in security, and maybe even the consulting firm and activist shareholders who pushed Sony Entertainment down these paths. No one should be spared and as an employee, I would care little over who got screwed in the end; the only appropriate punishment for such malpractice and negligence is hefty legal bills, settlements, and a PR nightmare that might rock the foundation of the current practice of blaming the fish for being eaten by the sharks.
That's not to say that each defendant would be responsible, but it would set off a nice merry-go-round of recriminations, investigations, and perhaps even a few ruined careers. If the C-suite, management firms, activist shareholders, etc. want to justify their huge salaries, returns, and power, a little responsibility (and associated consequence) should go a long way towards ensuring that if nothing else, they are paying through the nose for personal liability insurance.
It seems the only way we can ensure that people play by the rules is to make the punishments much greater than the profit. This is a lesson we've been learning for since 2008 and will continue to learn as long as we allow people and entities the ability to get away with negligence or outright malfeasance for a minor penalty that still made the behavior profitable.
</rant>
"activist shareholders who pushed"
Yes, that caught my attention too. The biggest private shareholder, who forced Sony to cut costs, streamline, make people redundant and has since sold off his shares. Looks like he bought in cheap after a few flops, forced changes to up the value in the eyes of the Wall St. sharks then bailed before the cuts took real effect. Sounds like he's a typical robber capitalist of the Gordon Gecko mold.
Icon for Daniel Loeb. He's probably cost Sony Pictures a shit load more in cash and value than any video pirate ever did.
"...That said, you really have to wonder about a major studio making a movie -- a comedy, even -- about an assassination attempt on a living head of state..."
I was thinking that, myself. Perhaps whoever it was, was motivated by the old "everybody's a critic" principle... dear GOD, a COMEDY? Are they kidding us? What a piece of crap! Let's take 'em down, guys!
I can't pretend I'm not enjoying this.
I upvoted you. But, still I think against raising a concern of someone who is threatening individuals of their families. Do this some other day. My company (employer) has no canon on its gates, due to budget constraints. This doesn't mean I should be threatened a backlash.
Sony needed some testicular courage if it was going to face up to Loeb. He gets them to make themselves look mean and lean and then cashes out -- why heed anyone who is in it to make a quick killing? What does he know of about a well-run business, or how to build one?
That being said, Sony is clearly a mess, and now a disembowelled mess.
Yup, and people like that really piss me off for some reason, take this;
who had described Sony's entertainment businesses as "poorly managed" and "characterized by a complete lack of accountability and poor financial controls."
Poor management tends to cost us as the consumer more as the cost of producing is increased by the inefficiency. Except of course, these twats don't see it that way, they want the efficiency increase to produce higher profit margins (we were already paying that amount, so why lower prices?) and increase the share price for their eventual sell-out
You have a problem with a person, you raise it with that person & whatever happens win/lose or draw it ends there. There is never any justification for targetting the immediate or extended family of anyone you may have a problem with, ever. Doing so is the act of a completely morally bankrupt coward!
Considering the scope of the data breach, Sony have to consider this a credible threat against their employees & their employees immediate & extended families. While I stand against the shenanigans the Alphabet Agencies have been allowed to get away with, one can only hope they will be encouraged to bring their investigative powers to this & actually snoop on those who deserve it for a change
If Sony had proper security in place, I would feel sorry for the company, because as we all know there's no such thing as 100% secure.
However, some of the sources seem to suggest that security wasn't important at all. As a consequence of that, I can only say: tough luck; you get what you deserve.
Maybe Sony (and hopefully a lot of other companies) start to realise that any amount spent on IT security and prevention is *always* cheap in comparison to the results of a serious breach like this.
I do feel for all the employees (and their families), who are affected by this. They didn't deserve any of this. Management, their bean counters (and to a certain extent pushy shareholders) are to blame.
Unless they themselves were the architects of that behavior, your logic is at the same grade-level of the logic used by screwballs the world over to justify collateral damage.. including many world governments: Hey, they should have known better than to be born in a country associated with a few idiots with guns.
It's called guilt by association; it is never reasonable and is often reprehensible.
Sony is a member of RIAA [1] and makes up 22% of their board of directors [2]. I can't imagine them NOT having a say in that behavior.
[1] http://www.riaa.com/aboutus.php?content_selector=aboutus_members&f=s
[2] http://www.riaa.com/aboutus.php?content_selector=who_we_are_board
Oh, and please search for the word Sony on this page:
https://www.eff.org/wp/riaa-v-people-five-years-later
"guilt by association; it is never reasonable" If you have completely certain knowledge of a nuclear weapon about to be launched at a city which will guarantee the death of 10 million innocent people and the only action available to you is to bomb the area where the nuke is and kill the bad actors, their equipment, and also 1 person you know is completely innocent....isn't the collateral damage acceptable? To say you'd choose to save 1 innocent life at the expense of 10,000,000 innocent lives doesn't sound reasonable. If you grant this, then you're granting the reasonableness of collateral damage as a principle. You might argue that some metaphorical panic attacks of innocents are too great a cost against a structure that caused great suffering through mismanagement (e.g. resulting from lost jobs, positive ventures never pursued, etc), but you can't say that such a thing is "never reasonable" -- that's hyperbole. If you truly would choose to save 1 instead of 10 million, then I want you to consider that you're in a very small minority, the kind most people wouldn't want making decisions.
I guess they decided profit and quieting the former investor as more needed than good IT security.
If they go under, than it's the board's fault for not doing what was needed and giving into the "return shareholder value" we hear so often. I suspect that there are more companies in line for a similar rude awakening.
You beat me to it. However -amusing as this might be to people who haven't forgiven them for that fucking rootkit and boycott their products to this day- it does raise a further point in that there is no possible way that Sony can claim to be ignorant of the field of IT security. They got their games network thoroughly pwned fairly recently (Apil 2011) and have also had a go -as a corporation, mind you, not a "independently operating loose cannon from within their ranks"; at hacking other people themselves.
Arguably, Sony's hacking attempt was the more heinous in principle, because it was targeting innocents; whereas you'd reasonably expect a corporation (with a gamer network yet!) to have some defences, expertise and personnel to throw at the subject.
I feel sorry for the victims, but no sympathy whatsoever for Sony. It'll be interesting to see how they try and wriggle out of it when the inevitable lawsuits come flooding in
How did Sony Pictures effect such ideological tumescence in this group of hackers? What are they mad about exactly? Of all the entities in the world to get exercised about, why pick Sony? Sorry, I guess I've been living under a rock or something - the article is written such that it seems everyone should know.
They are planning a movie that takes the piss out of kim jong ill (bloated son of the great pointer) in which he gets offed. the norks are pretty pissed about it.
well one nork is pissed off about it, but he's the only nork who's opinion matters.
Someday soon the Chinese will work out what the fall of sony would do to their domestic counterfeiting business and said nork will be told to 'wind his neck in' in no uncertain terms :-)
Seriously?
North Korea has nothing to do with this. Seriously. One guy comes up with one half-baked idea, and suddenly it's the "truth"? Half the world seems to have repeated this.
In my opinion, there are two answers to this:
Either someone decided that Sony was threatening the US dominance of "Hollywood" a bit too much, or, it was a bunch of pissed off people who were let go from Sony over the last year or so.
At first I was for the first answer, but with facts like Sony being over 1/5th of the RIAA board, the swinging staff cuts, etc. I'm now leaning more towards the latter - they would still have physical access, and that's what you need when you are taking 11 TERABYTES of data away with you - where would you even store that, if you were a disgruntled employee? And you'd certainly not be able to pull it over the network to your home DSL connection, even without an IDS to notice!
So I figure a bunch of pissed employees worked together with a hacker group.
Guess in a sad way this is good news for people (outside Sony) in the IT industry (at least if they are competent). My guess is after a few more near collapses of corporations due to lax security and crap management outsourcing, IT people will get less of the lecture off how they are just a cost and are of little benefit to the business as a whole. More important hopefully IT salaries start increasing more as seems to be the case recently at least in the US.
"that rant smells of someone recently fired from the company and wanting to take his revenge"
Well, it certainly wasn't his exemplary command of the English language that kept him employed there....
Or "her", hey, I'm not judging.
"Any takers on the whole thing is an inside job because a former employee knew how crappy the IT security was ?"
I'm not so sure, aside from there being other evidence, you don't need to be a Sony employee to see how slack their security was.
companies have been screwed up by bean counters too long. Overheads in IT & Engineering are always the first to suffer as they 'produce no discernable, visible benefit'. Yup thats what I was told. I left to work for someone less moronic - thats what Sony employees should do to their greedy execs.
The more I look at this, the more I suspect that it was not the "norks" at all, but more likely a pissed-off, outsourced, and now out of a job ex-security-bod from Sony, who decided to take things a little further than just leaving the job in a huff. The extent of both access AND perhaps more importantly the knowledge of exactly where in the network to go and get the most damaging, embarrassing, and value-destroying data, sure makes an "inside job" seem the most likely explanation to me.
While the message reads like a typical spam mail that I delete after reading the first two words, the fact that whoever sent it also has the recipient's home address, phone numbers, social security number, date of birth, income, bank account info (if they had direct deposit), probably the names and ages of their family members (from health care data, emergency data, etc.), among many other details, yeah, I'd be scared.
Rhetorical question: how many does this now make that Sony has gotten hacked?
Somebody correct me if I'm wrong (and I may be) but what I was able understand from a previous article was that this hack was initiated through (or by utilizing or in association with) the PlayStation servers? If so, that is more than just negligence as they were the previous targets that were successfully breached, what, 3 times in the past?
Something is very odd about all this.
"The message – included below – threatens harm to staff and their families unless they show support for the GOP activities."
You just crossed the line into domestic terrorism. The Alphabet boys are going to get involved.
"Boo hoo. I'm sure the grandmas and preteens sued for thousands of dollars by RIAA were also having panic attacks but the likes of Sony didn't care, so I'm not about to care what happens to them."
If it was just Sony I would agree but they are threatening third parties that had nothing to do with Sony.
Just cause your brother is a piece of turd does not me you should get you ass beaten,
Problem: Nobody is going to see the crappy films your company is making.
Solution: Hire Bain & Co to placate some rapacious shareholder, toss in $250m in "overheard and procurement savings", add "Sony Pictures had a crap approach to passwords and access controls, but the concerns were dismissed by Sony execs because requiring staff to memorize complex passwords was too much" and top it off by promoting to Veep of Info-Sec the guy who said "We’re trying to remain profitable for our shareholders, and we literally could go broke trying to cover for everything,".
What could POSSIBLY go wrong?
It's already widely known that the movie industry has an approach to taxation that would be outright illegal in any other field. It's a historical thing. It's always been that way.
There's a reason you always see movies given as having 'made X on a budget of Y.' It's because no film is on budget, ever. The production costs are always inflated to whatever extent is needed to make sure that the film is a financial failure on paper, thus producing no taxable profit. The money is instead made by all the various studio-tied contractors who get paid very generously for production, distribution and promotion, and tend to be in more tax-favorable situations.
It's also why royalties are paid on gross revenue, not net. Net is always negative.
I mean .. states that support hacking and bandits etc .. ever considered throwing them off the net severing the connections 2 inches past their border ? .. If they don't behave why tolerate them ?
Ban them and cut their access and cables completely . ain't that hard to do. Nothing like an axe to solve that problem.
Cut the umbilical and let them deal with their internal troubles .
Guardian of Peace? Sounds like a bunch of spotty teenage script kiddies living in their parents basements, pulling their 3 inch long dicklets to pictures of male nipple poke, pretending that they are great hackers when they are nothig mre than a bunch of pathetic losers who happened to get lucky with one of their malware laden toolboxes they downloaded from real hackers.