Sony Pictures Computer Sytems Shut Down After Ransomware Hack

MojoKid writes: It appears that Sony Pictures has become the victim of a massive ransomware hack, which has resulted in the company basically shutting down its IT infrastructure. According to an unnamed source, every computer in Sony's New York Office, and every Sony Pictures office across the nation, bears an image from the hacker with the headline "Hacked By #GOP" which is then followed by a warning. The hacker, or group, claims to have obtained corporate secrets and has threatened to reveal those secrets if Sony doesn't meet their demands.

Dear Sony, I am delighted!

[CaptainOfSpray]

Couldn't happen to a "nicer" bunch.

Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"

I shall be wearing the smile today, all day.

Re:Dear Sony, I am delighted!

[Xest]

Maybe not the Sony Music rootkit but they have forced various bits of intrusive DRM on us over the years.

So yes, there's a certain irony in their systems getting infected when for years they've been infecting the systems of others.

Re:Dear Sony, I am delighted!

It borked CD-drivers, CD burning software and DVD player software.
Often with BSOD's as a result.

People replaced CD-drives thinking they were broken.
Only to find that the new drive was borked from the start too.

You call that benign ?

Oh... Before I forget. Sony was a share-holder in F-Secure at the time.
No wonder F-Secure tried to put it in ass good a light as possible.

Re:Dear Sony, I am delighted!

[gsslay]

Seriously, are people still on about this?

The root kit scandal was a case of corporate ham-fisted ignorance dabbling in something they knew too little about. A ransomware attack on a different arm of the company, 9 years later, affecting people who had absolutely nothing to do with the root kit, is a criminal act.

If you're wearing a smile because of this you have very strange ideas about what's morally right, and really should be finding something more positive in life to make you happy.

Re:Dear Sony, I am delighted!

[Zontar_Thing_From_Ve]

Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"

You would indeed and I submit their use of Cinavia copy protection on BluRays and DVDs as proof of this. You may be asking "What is Cinavia?" Well, it is a copy protection technology that uses an audio watermark. The watermark appears within the range of human hearing (so you can't just filter away the high frequencies above human hearing to remove it) and doesn't appear to be anything that humans can hear, but all current BluRay players are required by the licensing agreement to support it. How it works is that if a BluRay disc plays and Cinavia is in the audio, the player determines if it is playing an original pressed disc or a copy. If it finds a copy, it shuts down play within 10 minutes of starting and produces a warning message that Cinavia has been detected on a copy and you're not allowed to play the copy.

There is currently quite a bit of hysteria from some consumers in the BluRay field over it because apparently 100% of the people upset about it have kids who ruin their discs and now they "can't make copies". I say that with sarcasm. Well, you can make copies, you just can't make BluRay copies. Non-BluRay players are not required to detect or honor Cinavia, so ripping your BluRays and making MKVs out of them without conversion works fine. Even most BluRay players will happily play such files without checking for Cinavia.

I'd like to point out that Cinavia is not free. Companies that use it pay a fee for using it. I don't know what the price is, but I can tell you that Sony puts it on every BluRay they put out, even those foreign films they release that have limited audiences. For all I know, it may actually cost more to use Cinavia on some of those films than Sony can even make back in sales of the discs. Sony even puts it on a few DVDs and no DVD player is required to detect or support Cinavia, and they still sometimes use it there. The only other studio I know of that has ever used Cinavia more than once is Warner Brothers and they rarely use it. Even Disney has only used it once and they're one of the Hollywood studios most paranoid about people copying their stuff. The lack of use leads me to conclude that the price for using Cinavia is probably quite high and only Sony is crazy enough and consumer hostile enough to pay to use it all the time.

Re:Dear Sony, I am delighted!

[clickety6]

Not bad bringing up something that happened in 2005 with the scandal having impact to 2007.

I'd have thought that 10 years would have been quite long enough for Sony to have gotten around to saying sorry. I guess it must have slipped their minds...

Re: Dear Sony, I am delighted!

[iluvcapra]

I work for Sony Picture on projects as a sound designer from time to time, I wasn't there yesterday.

Sony Pictures is an almost completely distinct operation from "Sony." The studio itself is just the old Columbia Pictures, that Sony bought in 1990. The lot itself was the old MGM/Lorimar lot-- all the long-time staff at Sony are either Columbia people or MGM people. You can go years there without meeting a Sony corporate exec, they leave the place alone and just a let it do its thing.

Re:Dear Sony, I am delighted!

[stealth_finger]

I'd like to point out that Cinavia is not free. Companies that use it pay a fee for using it. I don't know what the price is, but I can tell you that Sony puts it on every BluRay they put out, even those foreign films they release that have limited audiences. For all I know, it may actually cost more to use Cinavia on some of those films than Sony can even make back in sales of the discs. Sony even puts it on a few DVDs and no DVD player is required to detect or support Cinavia, and they still sometimes use it there.

It costs a fair bit by the looks of it, and the also seem to take a dip from everyone on the chain

From wiki

Licensing[edit] For Cinavia the owners Verance make their money through licensing agreements with several sections of the entertainment and media industry. As of March 2012 these licence costs due to Verance were $10,000–$300,000 per manufacturer of Blu-ray Disc players—for the rights to embed the Cinavia detection system—plus additional software costs for the implementation itself.[8] Production facilities need to pay $50 for each audio track that is watermarked with Cinavia.[8] Distribution houses must finally pay $0.04 per disc with Cinavia watermarked content included.[8]

Re:would prefer EA, Comcast, or Haliburton myself

[v1]

Seriously, what important, secret information does a film studio have, besides salary, and royalty numbers?

Embarassing "creative accounting", heavier than expected use of offshore tax shelters and chip-shuffling, two sets of books, other illegal accounting, illegal campaign contributions, those are a lot more likely than the sort of "secrets" you're thinking of. They probably stand a lot more to lose there than from theft of R&D files.

Nowadays your accounting department needs to be the most heavily defended portion of your network, and not due to direct theft. (unless you're in the business of mining bitcoins anyway)

Re:Who is going to get the pink slip

[PlusFiveTroll]

It's more likely domain admins that didn't apply MS14-068.

Cognitive Dissonance

[jenningsthecat]

On the one hand, I despise extortionists, and the perpetrators ought to be hung out to dry. On the other hand, the folks at Sony arguably have engaged in extortion and fraud on a few occasions in the past, so part of me feels this is simply their just desserts. If it wasn't for the inevitable collateral damage I'd be tempted to say "let 'em all kill each other and God will sort them out".

It does seem kind of unfair that nobody at Sony was ever imprisoned for the Rootkit scandal or the OtherOS clusterfuck, whereas people behind #GOP will likely serve time in jail if they are ever caught. I guess "Corporate Immunity" is just as real in law as "Diplomatic Immunity" - 'the law' just won't openly admit it.

Sony Pictures?

[debrain]

Maybe they should make a movie about this.

Disney Disc Replacement Program

[tepples]

First see if Disney offers a discount on a new copy with the exchange of a broken authentic disc. If not, a workaround is to find a decent adaptation of the same story not distributed by Disney. I can think of a half dozen versions of The Adventures of Pinocchio, and there are probably plenty of "Rapunzel" and "The Snow Queen" adaptations that aren't Tangled or Frozen. Yes, mockbusters exist; read reviews to avoid the worst. And when they get old enough, show them the other Tangled with Rachael Leigh Cook.