That article suggests that the hackers might have stolen a hundred terabytes of data but I’m skeptical. Wouldn’t it take a really long time to download that much data, even given a reasonably fast connection? Does that seem plausible to you?
disclosure- I worked for Sony for five years, but in a small group so all of this is my personal opinion and not to be taken as anything authoritative.
Sony doesn’t learn because they’re too arrogant and stubborn. They carry themselves as though they’re still the Sony of 1988, and not the Sony who lost portable music to Apple, lost TVs to Samsung and China, lost gaming to Nintendo and Microsoft, yada yada. They’re too rigidly compartmentalized and divisions don’t work together unless forced to from on high. I doubt they’ll ever disappear (the Japanese government will see to that) but Sony’s already a shadow of its former self.
Japan, Inc.'s day is over. Sanyo is dead (absorbed by Panasonic,) Toshiba and Sharp are hurting, and Sony is hurting real bad.
I saw some speculation in the computer security press that there might have been an insider involved, but there doesn’t seem to be hard evidence of that so far. An insider, of course, could walk off with 100 TB pretty easy. It sounds like Sony’s security was crap. One of the documents released by the attackers was a Word doc named “Passwords”, which had a list of one executive’s passwords – including Amex account login – stored in plain text.
There was also some speculation that North Korea was behind the attack, in retaliation for the upcoming release of “The Interview”. There’s some evidence in favor of that theory, including that some of the malware used in the attack included Korean language comments, but the DPRK connection is still unproven.
I’m no expert on this sort of thing; but if there was more than one hacker working from multiple locations & computers, could they have downloaded the data faster by splitting up the task between them?
It sounds reasonable, depending on how well they mapped the network. I think its a matter of what did they not get, than what did they get. Mind you, cause of the size and scale of the hack, the FBI are going to get them, almost like a die hard movie.
I wonder when we would see any stock raids, on wall street or the japanese traders.
I know my company has really fast internet connections, [DEL]between[/DEL] among our facilities. But I’ll bet that the connection to the outside world isn’t as fast. And I think IT security would notice a spike in traffic to the outside.
PlayStation and Sony Pictures are two completely different divisions. There’s no collaboration or even direct communication between them. So there was no way for Sony Pictures to learn anything from PSN’s past troubles. And Sony Computer Entertainment has been completely unaffected by the hacking of Sony Pictures.
So if what you are saying is true, then there was no investigation by Sony corp regarding the PSN network hack and no subsequent memos to sister divisions regarding cyber security, lessons learned and all that.
So just curious, if these baby sonys are truly independent, how many of them are there ?
To be fair to the IT security troops, they appeared to have pushed concerns up the chain, only to have been rebuffed by management. Sorta reminds me of that scene in Serenity, where the management are told, that in the old days for that sort of fuck up, someone would fall on his sword.
I would not be surprised if someone eats a bullet for this.
PSN is a consumer service and the security challenges it faces are very different from the security challenges faced by the internal networks used by employees. It’s unlikely that lessons learned from that hack would have made any difference in security at Sony Pictures, even if the information had been shared. There certainly was an internal investigation at PlayStation into PSN security.
Consumer electronics, PlayStation, Sony Pictures and Sony Music operate pretty much independently of each other. For example, Sony Pictures and PlayStation do not share intellectual property or collaborate on joint game/movie releases. They’re basically two different companies that happen to be owned by the same conglomerate.
I hope they do, but hope and a subway token only takes you on a smelly ride. The “Ifs”:
If they can be ID’d. If they are still on US soil. If they can be ID’d on foreign soil that will detain / extradite / allow independent rendition of them.
Granted, no idiot wants to pull a “Vesco” where one has loads of cash in a country that’s very quick to impound it all and lower their expectations of “sitting on a beach, earning twenty percent” (Hans Gruber, Diehard '88) .
I think that might be a totally different Japanese Corporation specializing in investments, insurance, and tattoo art.