Skip to main content

Home/ Future of the Web/ Group items tagged sony leaked

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Why the Sony hack is unlikely to be the work of North Korea. | Marc's Security Ramblings - 0 views

marcrogers.org/...-to-be-the-work-of-north-korea

Sony-hack North-Korea false-flag FBI Obama

shared by Paul Merrell on 25 Dec 14 - No Cached
  • Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think it’s unlikely. Here’s why:1. The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English. 2. The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult. I would find the presence of Chinese far more plausible.
  • 3. It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as. 4. Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless. Likewise, I find it hard to believe that a “Nation State” which lives by propaganda would be so willing to just throw away such an unprecedented level of access to the beating heart of Hollywood itself.
  • 5. The attackers only latched onto “The Interview” after the media did – the film was never mentioned by GOP right at the start of their campaign. It was only after a few people started speculating in the media that this and the communication from DPRK “might be linked” that suddenly it became linked. I think the attackers both saw this as an opportunity for “lulz” and as a way to misdirect everyone into thinking it was a nation state. After all, if everyone believes it’s a nation state, then the criminal investigation will likely die.
  • ...4 more annotations...
  • 6. Whoever is doing this is VERY net and social media savvy. That, and the sophistication of the operation, do not match with the profile of DPRK up until now. Grugq did an excellent analysis of this aspect his findings are here – http://0paste.com/6875#md 7. Finally, blaming North Korea is the easy way out for a number of folks, including the security vendors and Sony management who are under the microscope for this. Let’s face it – most of today’s so-called “cutting edge” security defenses are either so specific, or so brittle, that they really don’t offer much meaningful protection against a sophisticated attacker or group of attackers.
  • 8. It probably also suits a number of political agendas to have something that justifies sabre-rattling at North Korea, which is why I’m not that surprised to see politicians starting to point their fingers at the DPRK also. 9. It’s clear from the leaked data that Sony has a culture which doesn’t take security very seriously. From plaintext password files, to using “password” as the password in business critical certificates, through to just the shear volume of aging unclassified yet highly sensitive data left out in the open. This isn’t a simple slip-up or a “weak link in the chain” – this is a serious organization-wide failure to implement anything like a reasonable security architecture.
  • The reality is, as things stand, Sony has little choice but to burn everything down and start again. Every password, every key, every certificate is tainted now and that’s a terrifying place for an organization to find itself. This hack should be used as the definitive lesson in why security matters and just how bad things can get if you don’t take it seriously. 10. Who do I think is behind this? My money is on a disgruntled (possibly ex) employee of Sony.
  • EDIT: This appears (at least in part) to be substantiated by a conversation the Verge had with one of the alleged hackers – http://www.theverge.com/2014/11/25/7281097/sony-pictures-hackers-say-they-want-equality-worked-with-staff-to-break-in Finally for an EXCELLENT blow by blow analysis of the breach and the events that followed, read the following post by my friends from Risk Based Security – https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack EDIT: Also make sure you read my good friend Krypt3ia’s post on the hack – http://krypt3ia.wordpress.com/2014/12/18/sony-hack-winners-and-losers/
  • Paul Merrell on 25 Dec 14
     
    Seems that the FBI overlooked a few clues before it told Obama to go ahead and declare war against North Korea. 
Gonzalo San Gil, PhD.

Sony Sued For Not Protecting Leaked Movie From Pirates - TorrentFreak [# ! Note] - 0 views

torrentfreak.com/aked-movie-from-pirates-160729

sony sued leaked movie industry Hollywood Hollywood vs. Silicon Valley sharing so-called piracy is free of charge free promotion promoting diffusion sales anti-piracy propaganda censorship

shared by Gonzalo San Gil, PhD. on 01 Aug 16 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 01 Aug 16
       
      # ! Hollywood knows that '#Piracy' is #Promotion -> more #sales. # ! #Antipiracy #pantomime is just a #way to #manipulate #laws... and the #market (of #ideas) itself
  • Gonzalo San Gil, PhD. on 01 Aug 16
     
    " Andy on July 29, 2016 C: 39 News In 2014, Sony was subjected to a massive cyberattack which resulted in the leak of huge quantities of data. The trove contained several movies, all of which appeared online for anyone to download for free. Now the owner of one of the titles is suing Sony, claiming that company failed in its obligation to protect the movie from Internet pirates."
  • Gonzalo San Gil, PhD. on 01 Aug 16
     
    " Andy on July 29, 2016 C: 39 News In 2014, Sony was subjected to a massive cyberattack which resulted in the leak of huge quantities of data. The trove contained several movies, all of which appeared online for anyone to download for free. Now the owner of one of the titles is suing Sony, claiming that company failed in its obligation to protect the movie from Internet pirates."
Gonzalo San Gil, PhD.

Sony Movies Leak Online After Hack Attack | TorrentFreak - 1 views

torrentfreak.com/nline-after-hack-attack-141129

Sony movie leak hack attack excuse new promo promotion tools grants culture control VALUES

shared by Gonzalo San Gil, PhD. on 30 Nov 14 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 30 Nov 14
       
      # ! #Leaks are the New #Promo #Tools
  • Gonzalo San Gil, PhD. on 30 Nov 14
     
    # ! #Leaks are # ! ... the New #Promo #Tools: # ! #Free #worldwide #Advertising, #later #government #grants & # ! #pressure for #Internet #control/#censorship... # ! A #Perfect #Gamble... # ! \(°0°)/ Stop The #Swindle.
Gonzalo San Gil, PhD.

Madonna turns to the sneakernet after album leak | Ars Technica - 0 views

arstechnica.com/...he-sneakernet-after-album-leak

shared by Gonzalo San Gil, PhD. on 23 Dec 14 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 23 Dec 14
       
      # ! what a coincidence: every current new album is 'mysteriously' "leaked" to The Web... and so close to Christmas gifts campaign... # and what about look at it as the usual 'competing for prominent advertising place' labels' strategy...? # ! ;)
  • Gonzalo San Gil, PhD. on 23 Dec 14
     
    [Sony Pictures isn't the only entertainment giant dealing with a massive breach. Music icon Madonna quickly released six tracks from her latest album last week after someone stole 13 prereleased recordings-reportedly the entire album-and leaked them to the Internet. ...]
Gonzalo San Gil, PhD.

Breaking: The European Union Is Taking a Look at Spotify's Contracts... - Digital Music... - 0 views

www.digitalmusicnews.com/...ion-to-investigate-sonyspotify

International Music Managers Forum etter European Commision U.S. Copyright Office leak contracts labels grab musicians royalties sharin aficionados give free promotion money

shared by Gonzalo San Gil, PhD. on 26 May 15 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 26 May 15
       
      # ! what is unfair with artists? # ! sharing aficionad@s giving free promotion # ! or 'caring' labels grabbing their royalties...?
  • Gonzalo San Gil, PhD. on 26 May 15
     
    [ Tuesday, May 26, 2015 by Nina Ulloa Last week, the International Music Managers Forum wrote an open letter to the European Commission and U.S. Copyright Office regarding the leaked Sony/Spotify contract. Now, the International Artist Organisation has chimed in with their own letter to the European Commission…]
1 - 5 of 5
Showing 20 items per page