Sony Pictures Computer Sytems Shut Down After Ransomware Hack

MojoKid writes: It appears that Sony Pictures has become the victim of a massive ransomware hack, which has resulted in the company basically shutting down its IT infrastructure. According to an unnamed source, every computer in Sony's New York Office, and every Sony Pictures office across the nation, bears an image from the hacker with the headline "Hacked By #GOP" which is then followed by a warning. The hacker, or group, claims to have obtained corporate secrets and has threatened to reveal those secrets if Sony doesn't meet their demands.

Congratulations...

[Etherwalk]

#GOP has just become a top-10 target for US Offensive cyber-operations...

Re:Congratulations...

[ArithonUK]

Maybe the "GMT" hints at an English hacker, which is why the British government is suddenly pushing for "anti-terror" powers with ISP's (again). Seen any SONY lobbyists at Westminster this week anyone?

Re:Congratulations...

[just_another_sean]

Maybe, but the writing in the warning seems to come from someone who speaks English as a second language.

It read like person that not know what are articles.

Re:Congratulations...

[GNious]

so, British?

Re:Who is going to get the pink slip

[Skylinux]

One can only hope it hits the right people. Those fucking idiots who demand we open the network to the "bring your device from home" crowd.
Remember when your network admin told you that it is a stupid idea - well here you go.

Re:Who is going to get the pink slip

[fuzzyfuzzyfungus]

Not to worry. After working 24x7 for a week or two trying to rebuild the entire spaghetti-heap of an internal IT setup that took years to get as crufty(but familiar and functional-ish) as it was; being fired and thus allowed to go home and drink yourself to sleep will seem like a hell of a perk!

Re:Who is going to get the pink slip

[Thanshin]

A car? Why would anyone get a car because of this?

Dear Sony, I am delighted!

[CaptainOfSpray]

Couldn't happen to a "nicer" bunch.

Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"

I shall be wearing the smile today, all day.

Re:Dear Sony, I am delighted!

[RenHoek]

[haha.jpg]

Re:Dear Sony, I am delighted!

[Xest]

Maybe not the Sony Music rootkit but they have forced various bits of intrusive DRM on us over the years.

So yes, there's a certain irony in their systems getting infected when for years they've been infecting the systems of others.

Re:Dear Sony, I am delighted!

[donaldm]

Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"

Not bad bringing up something that happened in 2005 with the scandal having impact to 2007. Yes Sony BMG was IMHO stupid to put what is called a "root-kit" on a PC running a Microsoft OS. Although that root-kit was benign and Anti-virus firm F-Secure concurred, "Although the software isn't directly malicious, the used rootkit hiding techniques are exactly the same used by malicious software to hide themselves". This is not to say that this absolves Sony BMG however the finger of blame should also point at AV protection software and the Microsoft OS as well that allowed the root-kit to be installed in the first place.

I shall be wearing the smile today, all day

You may not like Sony and that is fine, however extortion is a crime and carries a fairly stiff punishment. It is definitely not something to be applauded.

Re:Dear Sony, I am delighted!

It borked CD-drivers, CD burning software and DVD player software.
Often with BSOD's as a result.

People replaced CD-drives thinking they were broken.
Only to find that the new drive was borked from the start too.

You call that benign ?

Oh... Before I forget. Sony was a share-holder in F-Secure at the time.
No wonder F-Secure tried to put it in ass good a light as possible.

Re:Dear Sony, I am delighted!

[gsslay]

Seriously, are people still on about this?

The root kit scandal was a case of corporate ham-fisted ignorance dabbling in something they knew too little about. A ransomware attack on a different arm of the company, 9 years later, affecting people who had absolutely nothing to do with the root kit, is a criminal act.

If you're wearing a smile because of this you have very strange ideas about what's morally right, and really should be finding something more positive in life to make you happy.

Re:Dear Sony, I am delighted!

[Bob_Who]

Its Karma.

Not instant, like their rice....its slow cooked Karma....

With a side of Sony baloney.

Re:Dear Sony, I am delighted!

[Zontar_Thing_From_Ve]

Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"

You would indeed and I submit their use of Cinavia copy protection on BluRays and DVDs as proof of this. You may be asking "What is Cinavia?" Well, it is a copy protection technology that uses an audio watermark. The watermark appears within the range of human hearing (so you can't just filter away the high frequencies above human hearing to remove it) and doesn't appear to be anything that humans can hear, but all current BluRay players are required by the licensing agreement to support it. How it works is that if a BluRay disc plays and Cinavia is in the audio, the player determines if it is playing an original pressed disc or a copy. If it finds a copy, it shuts down play within 10 minutes of starting and produces a warning message that Cinavia has been detected on a copy and you're not allowed to play the copy.

There is currently quite a bit of hysteria from some consumers in the BluRay field over it because apparently 100% of the people upset about it have kids who ruin their discs and now they "can't make copies". I say that with sarcasm. Well, you can make copies, you just can't make BluRay copies. Non-BluRay players are not required to detect or honor Cinavia, so ripping your BluRays and making MKVs out of them without conversion works fine. Even most BluRay players will happily play such files without checking for Cinavia.

I'd like to point out that Cinavia is not free. Companies that use it pay a fee for using it. I don't know what the price is, but I can tell you that Sony puts it on every BluRay they put out, even those foreign films they release that have limited audiences. For all I know, it may actually cost more to use Cinavia on some of those films than Sony can even make back in sales of the discs. Sony even puts it on a few DVDs and no DVD player is required to detect or support Cinavia, and they still sometimes use it there. The only other studio I know of that has ever used Cinavia more than once is Warner Brothers and they rarely use it. Even Disney has only used it once and they're one of the Hollywood studios most paranoid about people copying their stuff. The lack of use leads me to conclude that the price for using Cinavia is probably quite high and only Sony is crazy enough and consumer hostile enough to pay to use it all the time.

Re:Dear Sony, I am delighted!

[jabuzz]

Clearly you don't have young children or have ever seen them handling DVD's and/or Blu-ray disks. It is a lot cheaper to give them a copy of random Disney/Pixar film which can be cheaply replaced than the original which cannot.

Re:Dear Sony, I am delighted!

[clickety6]

Not bad bringing up something that happened in 2005 with the scandal having impact to 2007.

I'd have thought that 10 years would have been quite long enough for Sony to have gotten around to saying sorry. I guess it must have slipped their minds...

Re:Dear Sony, I am delighted!

[ArcadeMan]

Companies are being hypocrites about exactly what we pay when buying music or a movie. In court, they've sided with the argument that we're paying for a license for said media.

So if someone pays 25$ for a movie on Blu-ray, that means that at least a portion has gone for the license. Since I've already paid for the license, and I'm not allowed to make copies for my own private use, why can't I buy a second disc for the media fee alone? Why can't we buy replacement discs if our first one gets destroyed? The license was already paid with the first copy we bought.

Re:Dear Sony, I am delighted!

[Forgefather]

Because the people who were suffering from the use of Sony's nasty DRM were the legitimate customers? The pirates were the ones laughing their heads off in 2007.

Re:Dear Sony, I am delighted!

[Paradise+Pete]

"Yes I snuck into your house and hid there for two years quietly observing you, but look, I wasn't malicious!."

Re:Dear Sony, I am delighted!

[Will.Woodhull]

The root kit scandal was a case of corporate ham-fisted ignorance dabbling in something they knew too little about.

True.

However the corporation was culpably stupid in dabbling before they knew what they were getting into. A corporation the size of any of Sony's divisions has enough resources to figure out the consequences of their actions before they make their decisions. There is no excuse for implementing a strategy in ignorance of its impact on customer/clients (or the indirect impact on shareholders, for that matter).

I am, and you are too, much safer dealing with criminals who know what they are doing than dealing with corporations like Sony who will screw you over without any intention of doing so. Sony's vulnerability in this matter shows that its management still doesn't get it, and that every officer of the company needs to do the honorable thing and leave the company, leave the industry, and get a job more suited to their ethical and strategic skill set. Like flipping burgers, or arranging the sushi on the platter.

Re:Dear Sony, I am delighted!

[operagost]

I loathe government interference in intellectual property, but since we're stuck with these oppressive copyright laws the least that should be done is to prohibit copy protection measures without requiring a media-cost-only replacement policy be in place. After all, the enduring *IAA argument is that buying the media just buys a license to watch it, so they should be replacing damaged media for just the cost of the media. "Digital copy" helps, but it's no use in this scenario with the kiddies because you'd have to turn over a tablet or rather expensive smart TV with an internet connection to them.

Re:Dear Sony, I am delighted!

[gsslay]

Keep up. We're discussing Bluray and Cinavia.

Re:Dear Sony, I am delighted!

[DocSavage64109]

It would be especially funny if the attack vector turns out to be their rootkit.

Re:Dear Sony, I am delighted!

[MachineShedFred]

let me get this straight: you are saying he is wrong because:
- Sony abuses a rights-stripping piece of shit on everything they produce
- Sony mandated it into the technology license for the disc format to 3rd party player manufacturers
- the GP postulates that once you format-shift the content away from the licensed Blu-Ray spec, third party players no longer adhere to enforcement of the rights-stripping piece of shit
- you post the Slashdot equivalent of "NUH UHH!" because the company that abuses the rights-stripping piece of shit still enforces when it's found in other formats on their hardware, which is a surprise to NOBODY.

If you didn't know, the PS3 is made by SONY, and is going to play the game that SONY wants played. Why would you expect different?

Re:Dear Sony, I am delighted!

[tepples]

Since I've already paid for the license, and I'm not allowed to make copies for my own private use, why can't I buy a second disc for the media fee alone?

I don't know about Sony, but Disney lets you.

Re:Dear Sony, I am delighted!

[ArcadeMan]

A license is not a physical object. Even if I break the disk, the license was paid for. I should at least be able to return to a store with a broken/scratched disc and pay for a replacement disc minus the license fee that was paid with the first copy.

Re:Dear Sony, I am delighted!

[ArsenneLupin]

every officer of the company needs to do the honorable thing and leave the company, leave the industry, and get a job more suited to their ethical and strategic skill set. Like flipping burgers, or arranging the sushi on the platter.

Are you sure these are appropriate jobs for Sonyscum? Personally, I wouldn't want to eat burgers laced with exlax, or sushi caught from the waters next to Fukushima...

Re:Dear Sony, I am delighted!

[tlhIngan]

There is currently quite a bit of hysteria from some consumers in the BluRay field over it because apparently 100% of the people upset about it have kids who ruin their discs and now they "can't make copies". I say that with sarcasm. Well, you can make copies, you just can't make BluRay copies. Non-BluRay players are not required to detect or honor Cinavia, so ripping your BluRays and making MKVs out of them without conversion works fine. Even most BluRay players will happily play such files without checking for Cinavia.

Actually, a lot of Blu-Ray players and media players in North America DO check for Cinevia, even if the source is no longer Blu-Ray. A lot of players outside do not, however, including many cheap Chinese ones.

Back so Sony, one could wonder if it's a bit much just for a single movie, since Sony Pictures dropped the Steve Jobs movie recently.

On a more serious note, one wonders if it's the result of poor security practices. After all, just a few years ago Sony suffered a major breach of their Playstation Network servers, and now their entire Sony Pictures group is out of commission. Could just be a case of corporate poor security practices.

Or maybe someone's just wanting the PS4 master key.

Re: Dear Sony, I am delighted!

[iluvcapra]

I work for Sony Picture on projects as a sound designer from time to time, I wasn't there yesterday.

Sony Pictures is an almost completely distinct operation from "Sony." The studio itself is just the old Columbia Pictures, that Sony bought in 1990. The lot itself was the old MGM/Lorimar lot-- all the long-time staff at Sony are either Columbia people or MGM people. You can go years there without meeting a Sony corporate exec, they leave the place alone and just a let it do its thing.

Re:Dear Sony, I am delighted!

[Bert64]

Many pieces of malware are far more benign than that, and yet people have gone to jail for writing them...

Re:Dear Sony, I am delighted!

[Phusion]

Yes! Thank you, I won't shed a single tear, but instead hope that they're shut down for a lot longer than they expect. Fuck Sony in their stupid asses. Yes, Rootkit, prosecution of George Hotz and countless other fuckups remind me that Sony is just getting what they deserve.

Re:Dear Sony, I am delighted!

[Forgefather]

It doesn't change the core of the argument that DRM is punishing the paying customers as in the example from Zontar and has done nothing to punish the pirates. There is a high quality copy of every piece of protected music available on the pirate bay and the people who download that copy don't have to mess around with restrictions of any kind.

I would certainly think that a company should be worried when a bootlegger is offering a better product, better service, and a better price than their own company. The first step to combating piracy is to view pirates not as thieves, but as potential customers and treat them as such. Valve tried this in Russia, a market with so much piracy is was thought to be lost, and to date it is their fastest growing market.

When you look at pirates as potential customers and people who post the torrents as competitors you can see just how shortsighted it is to try and lock in people to your distribution when an alternative product exists. That's just asking for loss of business.

Like it or not piracy is here to stay, and it will continue to act as a competitor in the market. If you want to beat pirates compete on service and physical products. Just like the Russians if you make people want to buy a product from your company, not just buy your product despite your company, you will see a dramatic decline in piracy.

Re:Dear Sony, I am delighted!

[AK+Marc]

They are on the Vatican time frame for apologies. I think the Vatican holds the record for the longest time from incident to apology. It's a challenge.

Re:Dear Sony, I am delighted!

[gsslay]

Well that seems like a reasonable request, but companies are not obliged to help you fix the situation you've got yourself into. You in a situation where you am 100% to blame, but somehow you get to demand that the company assist you?

If I bought a Blueray and lost the case, so I no longer knew who appears in it, are the company obliged to run a service where I can buy an empty case to replace it? After all, I already have the disk, and my licence, they have no right to force me to buy them again!

Or if I bought a pack of cards, do I get to demand that the manufacturer of the cards also sells single cards, for when I lose one? What use is a pack missing one card? I demand the manufacturer provides this service because I am a customer who has already purchased 51 cards!

There comes a point when there is no profit to be made in helping out customers who are in a position of their own doing. Companies have no obligation to provide additional services that don't benefit them.

Re:Dear Sony, I am delighted!

[stealth_finger]

I'd like to point out that Cinavia is not free. Companies that use it pay a fee for using it. I don't know what the price is, but I can tell you that Sony puts it on every BluRay they put out, even those foreign films they release that have limited audiences. For all I know, it may actually cost more to use Cinavia on some of those films than Sony can even make back in sales of the discs. Sony even puts it on a few DVDs and no DVD player is required to detect or support Cinavia, and they still sometimes use it there.

It costs a fair bit by the looks of it, and the also seem to take a dip from everyone on the chain

From wiki

Licensing[edit] For Cinavia the owners Verance make their money through licensing agreements with several sections of the entertainment and media industry. As of March 2012 these licence costs due to Verance were $10,000–$300,000 per manufacturer of Blu-ray Disc players—for the rights to embed the Cinavia detection system—plus additional software costs for the implementation itself.[8] Production facilities need to pay $50 for each audio track that is watermarked with Cinavia.[8] Distribution houses must finally pay $0.04 per disc with Cinavia watermarked content included.[8]

Re:Dear Sony, I am delighted!

[ArcadeMan]

The case of a movie isn't part of the media, it can be viewed as packaging. Packs of cards do not having any license fee.

Media companies and resellers wouldn't have anything special to do this. You bring a broken/defective disc and pay for the media only. There's no customers to keep track of, no special inventory to keep.

GOP

[Thanshin]

He'll probably become a soon to be deported retroactive rapist.

You mean

[ruir]

Sony is being on the receiving end of malware for a change? The irony...

Re: Who is going to get the pink slip

[frikken+lazerz]

Hundreds of workers will get laid off so that Sony can make up for this blunder and stay out of the red. Then the CEO will get a huge bonus for "cutting expenses".

Re:Who is going to get the pink slip

Yes, something went wrong so it must be because of my pet peeve. Clearly all the evidence points to this being an infection caught off a dodgy iPad. *facepalm*

DMCA takedown action for abuse of GOP Hashtag

[rvw]

Can't they fight this with the DMCA or something for abusing the GOP hasthag? I bet those hackers will have shit running through their pants when they hear this!

Young man, Are you listening to me
I said, young man, what do you want to be
I said, young man, you can make real your dreams,
but you've got to know this one thing.
No man, does it all by himself
I said, young man, put your pride on the shelf
And just learn to play with the D.M.C.A.
I'm sure they can help you today

It's fun to play with the D.M.C.A.
It's fun to play with the D.M.C.A.
They have everything for young men to enjoy.
You can hang out with all the boys.
It's fun to play with the D.M.C.A.
It's fun to play with the D.M.C.A.
You can get yourself clean
You can have a good meal
You can do whatever you feel.

Re:Who is going to get the pink slip

[Thanshin]

all the evidence points to this being an infection caught off a dodgy iPad.

I KNEW IT!

Told you so.

Re:would prefer EA, Comcast, or Haliburton myself

good old fashioned cracker extortion. I would have prefered it happen to EA, Comcast, or Haliburton.

Seriously, what important, secret information does a film studio have, besides salary, and royalty numbers?

Creative accounting. Maybe even fraudulently creative.

Looking at the zip file, looks like

[mtbrandao]

Someone clicked on "photos.zip".

Re:Looking at the zip file, looks like

[mtbrandao]

Working link BTW:
https://thepiratebay.se/torrent/11561038

Re:Looking at the zip file, looks like

[KermodeBear]

What are the contents of the file, by the way? I'm not interested in grabbing it myself (I'm mildly paranoid about doing so) but I'm interested in a brief description.

Re:Looking at the zip file, looks like

[mtbrandao]

Looks like a bunch of filenames (37937165 filenames to be exact) from someone's computer(s) that work at somewhere related to games (cannot guarantee it's sony)

There are dlls, pdf reports, xls reports, docs, videos, cookie files, thumbs.db, browser cache, photos with default camera name and everything you would find on a work computer.

Re:Looking at the zip file, looks like

[ArcadeMan]

No wallet.dat file, by any chance? :p

Re:Who is going to get the pink slip

[phayes]

No, you blamed BYOD, which remains to be seen. I take it you've never seen a corporate iPad? I assure you they exist & while they can be infected just like corporate laptops can, it happens a lot less often...

Re:Who is going to get the pink slip

[Proudrooster]

What if I told you this "ransom ware" attack was caused by network admins who were logged in as DOMAIN ADMINISTRATORS? Ransomware is usually the result of poor security practices by admins adding DOMAIN ADMIN to their groups in group policy. So, infect one DOMAIN ADMIN and ransomware is off and running through the entire network, encrypting and trashing as it goes. With ransomware the worst a nonadmin user can do is take out their own files, but infect an account with DOMAIN ADMIN and you can take out a network.

As for your ignorant remarks on BYOD. BYOD is a very low risk, especially if you keep them on a limited wifi then limit devices to iPhones & Windows PC with latest security updates, sorry droids.

And, I based on post with the (sic) advanced literary skills and complex reasoning ability, I bet you are an admin that logs in with DOMAIN ADMINISTRATOR credentials, because you aren't the security problem, you are an all knowing GENIUS!

"Clever is easy, simple is hard." -me

Re:would prefer EA, Comcast, or Haliburton myself

[v1]

Seriously, what important, secret information does a film studio have, besides salary, and royalty numbers?

Embarassing "creative accounting", heavier than expected use of offshore tax shelters and chip-shuffling, two sets of books, other illegal accounting, illegal campaign contributions, those are a lot more likely than the sort of "secrets" you're thinking of. They probably stand a lot more to lose there than from theft of R&D files.

Nowadays your accounting department needs to be the most heavily defended portion of your network, and not due to direct theft. (unless you're in the business of mining bitcoins anyway)

Heart attack stuff

Hopefully the IT department have strong hearts. Employee fitness programs probably should be made part of the disaster readiness planning.

Re:Who is going to get the pink slip

[91degrees]

Pink slip? It's a Japanese company. Failure has more serious consequences.

Wow ...

[gstoddart]

So, Sony isn't just incompetent and unsafe with our data, they're apparently unqualified to run an internal network?

Unbelievable.

I can't think of many instances where a company as big as Sony had to shut down all of their IT stuff on this scale.

Bummer, dudes. But, it's Sony, so I'm not feeling overly bad about it.

Re:Who is going to get the pink slip

[PlusFiveTroll]

It's more likely domain admins that didn't apply MS14-068.

Re:Who is going to get the pink slip

[jeffmeden]

One can only hope it hits the right people. Those fucking idiots who demand we open the network to the "bring your device from home" crowd.
Remember when your network admin told you that it is a stupid idea - well here you go.

Remember when your network admin couldn't figure out how to segregate the wifi network, or set up mobile device policies in exchange? Well here you go.

Re:Who is going to get the pink slip

[Holi]

No he didn't, Skylinux did.

Cognitive Dissonance

[jenningsthecat]

On the one hand, I despise extortionists, and the perpetrators ought to be hung out to dry. On the other hand, the folks at Sony arguably have engaged in extortion and fraud on a few occasions in the past, so part of me feels this is simply their just desserts. If it wasn't for the inevitable collateral damage I'd be tempted to say "let 'em all kill each other and God will sort them out".

It does seem kind of unfair that nobody at Sony was ever imprisoned for the Rootkit scandal or the OtherOS clusterfuck, whereas people behind #GOP will likely serve time in jail if they are ever caught. I guess "Corporate Immunity" is just as real in law as "Diplomatic Immunity" - 'the law' just won't openly admit it.

comcast save up for a big hack that gives people

[Joe_Dragon]

comcast save up for a big hack that gives people free tv. Starting with HBO, NHL CI, NBA LP, MLB EI, and more.

Re:Who is going to get the pink slip

[Proudrooster]

Don't you hate it when people disagree with your blind, error filled assertions? I bet you wanted to print this post off and show it to your boss and say, "SEE, LOOK, IT'S THOSE PEOPLE WITH BYOD!" when in reality YOU, Mr. Site Admin are the biggest security threat to your organization.

I was at least expecting you to lie and respond, "I am not logged in as DOMAIN ADMIN."

On a serious note, I would strongly suggest you look at your teams security practices before you end up in the same shape as SONY. Ransom ware is running wild right now. Making sure you have air-gapped backups, your servers are patched with all out of band patches, users and admins are NOT logged in as DOMAIN ADMIN, strong passwords with a password saved in a password manager like KEYPASS.

Re:Who is going to get the pink slip

[KermodeBear]

"Clever is easy, simple is hard."

I'm stealing this; I hope you don't mind. (o:

Sony Pictures?

[debrain]

Maybe they should make a movie about this.

oh goody

[slashmydots]

I really hope they don't pay!

Re:oh goody

[ArsenneLupin]

I really hope they don't pay!

I hope so too. That way, the hackers will release the files (the contents, not just the filenames), which contain enough juice to sink Sony Pictures (and possibly other parts of Sony too) for good.

Re:Who is going to get the pink slip

[jon3k]

Try reading a little more carefully next time. No one blamed an iPad.

Re:would prefer EA, Comcast, or Haliburton myself

what important, secret information does a film studio have, besides salary, and royalty numbers?

The real gross and net numbers would be my guess, having been an associate producer/performer with points in the past.

Bad PR

[Anna+Merikin]

Even though I had no computer vulnerable, and I did not buy one of Sony's malware-laden Music CDs, I remember the event so clearly and strongly I still refuse to consider buying any Sony product whatsoever, including their cameras. Is there some malware hidden within those proprietary, compressed RAW image files?

So I am of two minds. I don't like the use of ransomware. And I don't like Sony. This reminds me of the old joke where the guy sees his mother-in-law drive off a cliff in his new Bentley.

Re:Bad PR

[CaptainOfSpray]

Me too. I have taken care to avoid buying any Sony product since then. And I have told plenty of people why not.

Re:Who is going to get the pink slip

[tepples]

I thought BYOD was an excuse to let HR refuse to hire people who aren't in the socioeconomic group likely to already subscribe to smartphone service without appearing racist.

Disney Disc Replacement Program

[tepples]

First see if Disney offers a discount on a new copy with the exchange of a broken authentic disc. If not, a workaround is to find a decent adaptation of the same story not distributed by Disney. I can think of a half dozen versions of The Adventures of Pinocchio, and there are probably plenty of "Rapunzel" and "The Snow Queen" adaptations that aren't Tangled or Frozen. Yes, mockbusters exist; read reviews to avoid the worst. And when they get old enough, show them the other Tangled with Rachael Leigh Cook.

Re:Disney Disc Replacement Program

[kesuki]

"First see if Disney offers a discount on a new copy with the exchange of a broken authentic disc."

and disney is so going to have an amazon sized warehouse just to replace broken discs for no or low prices.

streaming is an alternative but the companies doing this need rights to content to stream it, and this means loads of cash and complex hardware to store exobytes of data and superfast internet...

compared to making a HTPC that plays video containers made from dvds is better. they only need a usb wireless keyboard/mouse which is cheap to replace when they break it, and for under $300 you can build a multi terrabyte htpc that will use all open source (handbrake to rip, vlc or mplayer or insert software package here to play) and since you are using open source there is no worry about it being defective by design like a ps3 etc. i don't know if the interface to a linux htpc is child friendly haven't had a chance to build one yet, but worst case they ask you for a movie and you play it for them til they are old enough to do it themselves. this is why you have a legal right to make backups. even if the same software can be used to pirate movies. they don't ban gun ownership everywhere and even when they do the criminals still get the guns so legal movie ripping is better than dystopian efforts to regulate backups into non existence for the corporate profit machine...

You don't know what Troll means, kid

[drinkypoo]

When I say something like this, I mean it. Yes, there would be a temporary disturbance (in the force?) if Sony went under tomorrow. But the world would eventually be a better place for it. Same with most corporations, honestly.

Flamebait means what you think I was doing, which also isn't what I was doing. Trolling is making shit up to make people angry. I was expressing heartfelt beliefs. I know many here agree with me. But I guess you're still humping your PS4

How do WE fight this?

[vlueboy]

Ransomware sometimes uses TOR to avoid detection and serious encryption that no techie can undo. I am starting to get really worried that ransomware will become as common as IE-hijacking browser toolbars. It is easy money. This will be a huge problem. I'm even went through the trouble of logging in to ask how we can fight to nullify ransomware.

1 employee inside our company saw some form of ransomware a year ago. I'm sure he lost all the business data. We are not the NSA and therefore can't decrypt it after purging the "virus" exe without the private key on their servers... period. Most random people online do not realize this, from the desperate forum posts I find.

When ransomware has all your local documents for work encrypted, you will have enough motive to pay the 500 Euros to Cryptolocker and Cryptowall 2.0. Backups are rarely if ever applied on homes and laptops. Laptops are a huge business driver, and the above employee was using one. I hear from forums that sometimes ransomware snags your *shared* network drives, so you lose gigs of crucial data.

Now, most of us still haven't been affected, thankfully. Let's speak from a point of view of "how do I keep this from ever becoming a reality?" What's best?
- Backups? We will get hit. Same as spyware hits the most conscientious of users. Does anyone know of an OSS backup where you can "hide" the target USB drive or partition from the user (so the ransomware won't just up and pave it over along with the My Documents, Desktop, D:, Local network drive targets)
- Prevention: Do we double up on freeware options despite the performance penalty? (malwarebytes, Windows defender or whatever it's called today)
- "Shadow files" apparently get saved automatically on Windows 7 (don't know if you need to have paid for Ultimate like I did). This is great because you can revert an encrypted document, but Windows' GUI isn't equipped to fix files en-masse and utilities are required. The one I saw still gave you some cumbersome folder GUI that wasn't as easy as "revert all in this folder". Are there any savvy things out there to make this easier? I haven't explored Time Machine for MacOS. And this is windows

This is my Scientific Linux box. Much ransoming won't be happening here, but one of my neighbors got hit a few weeks ago on Windows, despite running some form of protection. I heard of one other person who apparently lost files, but I haven't personally confirmed what hit them.

-vlueboy

Re:How do WE fight this?

[WuphonsReach]

Using rdiff-backup, rsnapshot or rsync across the LAN via SSH in a "pull" configuration is the safest. The server pulls the files from the client PC. Alternately, you could do the above in a push configuration and limit where the origin PC can write to on the backup server. Even in a "push" configuration, I don't know of any malware currently capable of figuring out that there is an rdiff-backup script which stores data on a different server.

The server then sends files to tape / disk / offsite.

Basically - you need to have a centralized backup solution with multi-generation removable media.

For immediate restores, you pull the files back off the backup server. The next level after that is pulling files off of removable media which has been kept offsite or disconnected.

Re:How do WE fight this?

[AK+Marc]

Does anyone know of an OSS backup where you can "hide" the target USB drive or partition from the user (so the ransomware won't just up and pave it over along with the My Documents, Desktop, D:, Local network drive targets)

Not OSS, but every major commercial package will allow remotely-triggered backups. Your server (no shares, the user can't get there) kicks off the backup, and pulls the data to it. Secure, and not shared on the network. I'm sure OSS would have something to do that, as that's the standard architecture for all commercial backups. Only the home backups are simple copy backups triggered from the end user.

Will Sony pony ...

[CaptainDork]

... up for some security?

Actually, I think this is an inside job where admin access was given to an outsider.

Re:would prefer EA, Comcast, or Haliburton myself

[OrugTor]

Companies typically run two sets of books, one for the IRS, one for stockholders. It's legal.

Re:Who is going to get the pink slip

[mythosaz]

What if I said it was much more likely that they weren't domain admins, but merely members of groups that had rights over local workstations -- like, you know, like every person in ever field-service/desktop-support group in every major company is.

The right to install software is granted to field-service level staff in nearly every major company, and that doesn't make you a domain admin.

What kind of IT department does Sony run?

[Rinikusu]

No offense to the actual IT workers at Sony, as I'm sure their hands are as tied as management allows, but it does make me wonder how this kind of shit gets through IT and not only infects one office, but nationwide, without garnering any attention from the IT pros getting paid to stop things like this?

Re:What kind of IT department does Sony run?

[Areyoukiddingme]

No offense to the actual IT workers at Sony, as I'm sure their hands are as tied as management allows, but it does make me wonder how this kind of shit gets through IT and not only infects one office, but nationwide, without garnering any attention from the IT pros getting paid to stop things like this?

Easy. By being targeted, Stuxnet style. They knew what IP blocks Sony Pictures uses, and it's quite easy to find machines on a local LAN and stay within it, and Sony is no doubt like most large corporations and links their offices via VPN, so machines at every location also look like the local LAN, so the worm can spread itself to everything it sees. And it can do so quietly. It doesn't have to make a lot of noise to do it. No excessive CPU usage, no excessive network traffic, no nonfunctioning services. It can grow and grow and grow, just as long as it doesn't disturb anything. Most Windows users never look at their process list, and even those who do could miss something with an innocuous sounding name.

And when it determines that it has infected everything it can reach, it contacts its command & control servers, again with innocuous traffic to innocuous looking IP addresses/domain names, and informs its creator that it's ready. The creator picks the time and hits the button, and it triggers its payload. And Sony is shut down for days. Now the worm is in aggressive mode, since it's out from under cover, so it will use all resources at its disposal (Sony's entire network) to keep itself intact and maintain control of the systems. It will aggressively scan for new systems coming online and aggressively try to take them over as quickly as possible. Hence the total shutdown. They're trying to scrape it out of their systems, so they have to disable its ability to reinfect. If they miss even one live instance, odds are good it will promptly reinvade all the freshly installed machines. It's a war. Sony should eventually win it, since it's their home ground and they therefore have physical control of the machines, but that's the only reason. Depending on which cloud services they're using and how, it could come right back in again. It could be a long war.

I'm glad I don't work at Sony

[sentiblue]

Couple years ago I interviewed at SOE (Sony Online Entertainment) in San Diego... I chose not to work for them simply because they were being hammered by Anonymous about the fact that Sony was taking legal actions against a 17 year old for jailbreaking their PS....

Now this... Boy I'm glad I'm not a Sony employee... looks like they've been making lots of enemies with the general public and now it's the time that everything pays back... I want them to be able to recover and keep offering employment ... but at the same time, I want them to stop being such mean and hateful to people who are able to crack the PS devices... or whatever other devices they make... Jailbreaking is legal remember?

Re:As Though The GOP

They should have used something proprietary. Maybe an ATRAC or MagicGate algorithm? ;)

Re:Who is going to get the pink slip

[Proudrooster]

We run with two accounts one for normal use and one for software installation (admin/root). In my opinion, it is bad practice to run any machine LINUX, MAC, or WINDOWS logged in as admin/root. Having to type a username/password into sudo or the windows/mac popup is minor compared to software "accidentally" getting installed. :)

Hey I heard from some guy that hates BYOD that SONY was taken down by an infected iPad. It had nothing to do with that last Microsoft patch that Sony didn't apply.

Re:Who is going to get the pink slip

[nanoflower]

No, they will get a corner office.

Re:Who is going to get the pink slip

[AK+Marc]

BYOD done right is *more* secure than not. Done wrong is worse. That's the same with almost anything.

Re:would prefer EA, Comcast, or Haliburton myself

[v1]

Companies typically run two sets of books, one for the IRS, one for stockholders. It's legal.

While I don't know if it's legal or not to show your shareholders fraudulent books, I do know it's illegal to try to pull on the tax man. Federal charge of "keeping books" refers to keeping two separate sets of accounting, one for tax purposes and the other being an accurate reflection of your earnings. Basically it's ironclad proof of "premeditated tax evasion".

In many ways, the EPA and IRS have more destructive authority than any other government agencies. So exposing a company's wrongdoings to either of them typically leads to catastrophic results. And you almost never get to cut a deal with them, they'll take you to the cleaners because they know they can.

Re: As Though The GOP

[ebvwfbw]

Oh come on. That's hardly a proof.

Re:would prefer EA, Comcast, or Haliburton myself

[OrugTor]

http://blogs.cfainstitute.org/... Just read the first two paragraphs.