I keep seeing articles with quotes by Sony and the hired security guns they’ve brought in saying “There was nothing that could have been done to have prevented this.”
Bull-freakin’-crap.
Sure, there are exploits coming along all the time and companies are routinely surprised by something. But not something this huge and company wide. This is a major failure by a company to take security seriously.
In other words, they are already in lawsuit-deflection mode.
Sorry to harp on this aspect but if someone really downloaded a hundred terabytes from the outside, there’s certainly something that could have been done about it. I could see having a security hole but they should have quickly picked up on the unusual traffic pattern and shut down the hole quickly.
Maybe it was a “righteous deed” because of an “act of terrorism”, but N Korea had nothing to do with it.
Nope, nada, zip, zilch, nothing to see here, move along.
A hundred terabytes is a lot - and I suspect that number is bogus, but If the attack was massively distributed, and happened around the same time as a major product launch, I could see how the summary traffic data might not necessarily look immediately suspicious.
Of course, what should have been suspicious is what that traffic was trying to do.
About 8 years ago I was on an airplane flight the guy next to me was a film editor. He told me he worked from home transferring video files from the studio doing the edits and returning them.
Just a data point
BTW Benjamin Terabyte is my new favorite computer term.
Looks like their PS network was hit by a DDOS attack over the weekend.
It appears to be unrelated, but WTF? Tough times for their crack security team of 11 technologists.
Karmic backlash is a beautiful thing, isn’t it? Stumble on, Sony. On behalf of everyone SecuROM screwed over, I’m delighted to say to make a better clown than electronics company.
So, this may be illegal, I don’t know, I’m just curious, but articles I’ve read quoted that the hackers have released data, about 40GB’s worth, to the public. But none of the articles link to that. Can I take a look at the data? I’m just curious, I want to see what people make or look at that unreleased Gilliam script. Is a link to the raw data illegal per the rules of this board? All of the newspapers and websites reporting on exactly what’s in the data seem to have access to the whole thing
The PS3 recovered midway through the generation, and pretty much caught up with the Xbox 360 (not the Xbox, which was the previous gen, and utterly massacred by the PS2). The Wii, that’s a whole nother ball of wax, and even if Sony hadn’t had its head up its arse for the beginning of the gen, the Wii still would have blown it out of the water thanks to the novelty and casual appeal.
the problem with the PS3 was it’s pants-on-head stupid architecture. The Cell was a CPU with potentially monstrous vector capability, but it’s extraordinarily painful to use that capability. It was doubly bad because that vector capability was better done by the GPU. The PS3 recovered in spite of itself.
Wiki leaks might have some of the stuff up, have not looked yet.
Declan
According to one report, the attack appears to have been an extortion scheme. On 11/22, five Sony execs received an email saying, in part, “We’ve got great damage by Sony Pictures. The compensation for it, monetary compensation we want. Pay the damage, or Sony Pictures will be bombarded as a whole. You know us very well. We never wait long. You’d better behave wisely.” Apparently Sony did not respond to the demands, and on 11/24, Sony staff came in to work to find their network FUBARed.
The extortion email was signed, "“From God’sApstls”, and the name “God’sApstls” was found in the malware involved in the attack. It’s still anyone’s guess who God’sApstls are.
More bad news: There is now malware in the wild signed by stolen Sony certs.
Sony (which includes a lot of companies as subsidiaries) is going to have to revoke and re-issue a lot of certs.
Which brings up the question of keys for signing PS software and the like. If people could create and sign their own software/games for PSes (and avoid updates), then all sorts of interesting things could be done on the consoles.
BTW: I just found out that a close relative works for a company that provides Internet security for a few of Sony’s subcomponents. (Think entirely separate businesses that Sony acquired.) So some stuff had limited protection, but not nearly enough.
As I mentioned earlier in the thread, PlayStation is a totally different division with its own internal network. Those of us who work for PlayStation have been completely unaffected by the troubles at Sony Pictures. And Sony Pictures had no access to the certification codes used to validate PlayStation games.
Well, here’s what people were waiting for:
Two Sony Execs’ Entire Email Boxes Got Leaked By Hackers And Now All Hell Is Breaking Loose
Angeline Jolie is called a “spoiled brat” by mega-producer Scott Rudin…
Want the personal email of every Hollywood A-lister on the planet who worked with Sony, including Leo di Caprio and Vince Gilligan? You can find them online…
Joel McHale wanted a discount on a TV and asked the President of Sony for it… three days after Community got canceled…
Disney wanted a Spider-Man cameo in the upcoming Captain America movie…
There’s going to be a lot more of this stuff. Stay tuned! 
According to Gawker Sony was hacked in a similar way in February but didn’t report anything.
It doesn’t appear that anyone has taken credit for that hack, at least not yet.
Who else would it be if not North Korea? It seems like it was either North Korea or a group trying to frame North Korea for whatever reason.
NK has hacked into various South Korean businesses, this is nothing new to them.
I’m not saying it wasn’t the norks, just that it did not seem that difficult, once the firewall was breached. Anyone could have done it, thats the problem with Sony, like having a house with only a screen door and all the valuables lying about for all to see.
Declan
Dunno. Attribution is always tough with these kinds of things. I haven’t seen much yet that presents a very strong case for NK or anyone else. It’s all very speculative, at least insofar as what’s been made publicly available. It may be the case that Sony and the investigators working with them have a good idea but just haven’t publicized it. One possibility is that it’s an independent group, not directly controlled by NK, but sympathetic to NK. I’m kinda leaning toward it being directed by NK officials, but that’s not really based on anything concrete.
It was just announced on MSNBC that the government is officially saying that they have enough evidence to conclude that it was North Korea.