The recent attack on Sony Pictures Entertainment is about as scary as it gets as emails which insulted the company’s hired talent or actors has been released. In just one incident a director called Angelina Jolie a spoiled, untalented, egomaniacal Brat. Then there were racially charged comments about President Obama. A leak of tens of thousands of salaries and social security numbers. The leak of contractor salaries, movies and discussions regarding costs related to movies. And we are just getting started… Expect more. Recently I saw an analyst say the leak is worth $100 million to Sony but I surmised the number is north of one billion thanks to reputational damage – salary leakage which gives competitors an advantage and of course we expect future partners and even employees to be critical of the company when doing business.
What is most interesting about the situation however is the attack was estimated to be sophisticated enough to get past 90% of firms! Moreover, it was so pervasive, it’s still flashing demands on the computers of Sony employees from Guardians of Peace or #GOP – the hacking group! And it’s not just bad for Sony. Maureen Dowd of the New York Times took a major credibility hit as it was revealed she offered to show her story to Sony Pictures co-chair, Bernard Weinraub before it was published. If that wasn’t enough, the medical records of many Sony employees and family members were also released.
News today tells of Sony launching a denial of server attack to make it difficult for sites hosting the information to disseminate it. AWS was supposed to be the vehicle being used according to Re/Code. Amazon is denying its servers are being used for such a purpose. The reality may be somewhere in-between as a company called MediaDefender or a similar concern is likely being used to seed torrent networks with false seeds of file names similar to those being shared on such networks. The goal is to have fake seeds chew up processing power on computers and yield nothing for the user.
We can expect an escalation in the war between hackers and companies looking to block stolen information. But then again, as some have accurately surmised, Sony may bear some responsibility here as placing thousands of passwords in a file named Password may not have been the smartest thing in the world.
Apparently no one in the company ever read Cookoo’s Egg.