Sony Pictures computer network commandeered by hackers

Discussion in 'privacy problems' started by hawki, Nov 24, 2014.

  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Indeed :eek:

    And now Japan is desperately girding its loins (or whatever) in fear of retaliation from North Korea.

    But recall that China is North Korea's ISP, so there are more serious risks. The triads have their hooks everywhere, or so I've heard. But maybe I've just watched too many Asian gangster flicks ;)
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  3. 142395

    142395 Guest

    As a Japanese, that is not started now, but always being. :)
    And though somewhat strange, I can find more info in English sources than Japanese one at least before US declare the attack is by North Korea.
    It seems US media cared more about it than Japanese one, maybe because Japanese people tend to be peace-at-any-price.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Hacking victims have few options as First Amendment protects media disclosures
    http://www.washingtontimes.com/news/2014/dec/24/hacking-first-amendment-open-private-email-to-publ/
     
  5. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    778
    Location:
    Headquarters - London & Field Offices -Worldwide
    It would seem making a profit from stolen property or intellectual material or merely receiving it and not returning it to the rightful owner is indeed a crime in most civilised places. Receiving stolen property? This page from Wikipedia has a few citations of the law in a few civilised countries. It may be either a misdemeanor or a felony oftentimes.

    If one says free speech and/or free press rights trumps private property rights then one may consider moving to a civilised country where these things are illegal.

    A profit is involved if the user can make use of the goods for a profit or in some places if any use at all is attempted then it is not legal in any sense of the word.

    Please keep in mind there is a large difference between a country whose goodness is based on law versus a country whose righteousness is based on Justice. Victimising people for a profit? Exploiting stolen goods for the sake of a story (profit)?

    (Disclaimer - One must make do and fight the good fight as best one can in every country or setting wherein one find themselves.)

    Best regards
     
    Last edited: Dec 26, 2014
  6. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,540
    Location:
    Triassic
    Just wait. If news media outlets got hacked to the degree and manner in which Sony was hacked with all their emails and corporate decisions released online, the media would close ranks and not reprint or transmit the damaging aspects of the material. Under these circumstances they would self censor. Censorship would suddenly be redefined as commendable. Free speech conveniently shelved when it comes to self preservation. Only one industry would have the power to do this - the media.
     
  7. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    While your statements about profit-making motive have considerable weight, as yet, under Federal Law emails have not been considered to be "stolen goods" under 18 U.S. Code § 2315 - Sale or receipt of stolen goods, securities, moneys, or fraudulent State tax stamps"

    http://www.law.cornell.edu/uscode/text/18/2315

    nor under or 18 U.S.C. § 2314- "National Stolen Property Act-Goods, Wares, Merchandise" unless with the possibility they contain "trade secrets", as might apply to some of the Sony emails, but I know of none that were published by the media.

    There is at least one United States Court Of Appeals Case that ruled that stolen FBI documents were not goods, wares, or merchandise because they are not ordinarily bought or sold in commerce

    http://www.justice.gov/usao/eousa/foia_reading_room/usam/title9/crm01312.htm

    That is why in highly publicized Federal prosecuted criminal actions against someone who "steals" emails, the charges are filed under statutes dealing with "unlawfully intercepting wire communications."

    See, e.g. "Estrada gets prison time"

    ".........Estrada was charged in a 14-count indictment filed in May 2013. The first 12 counts of the indictment alleged that, from July 2011 to June 2012, Estrada unlawfully intercepted wire communication intended for individuals who had email accounts on an Internet domain owned by the governor’s campaign.The final two counts charged Estrada with making false statements to the FBI in September 2012........"

    http://www.abqjournal.com/476613/ne...-manager-sentenced-to-9-months-in-prison.html

    In the Estrada case, the "stolen" emails also included materials that "were quite personal, including bank statements, pharmaceutical receipts, and personal clothing receipts."

    http://krqe.com/2014/06/16/ex-campaign-manager-changes-plea-to-guilty/

    State statutes vary. Since the servers were hacked in California, California Law would most likely apply to the "theft." That is not much help since California defines "property" as "any property" other than "real property" e.g. (real estate). But generally state laws consider property to be something tangible, which an email is not unless stolen in printed form.

    California does have it's own internet crimes laws,

    http://codes.lp.findlaw.com/cacode/PEN/3/1/13/5/s502

    but whether they would be applicable is open to question, since most courts today rule that any crime that involves use of the internet is a crime committed in interstate commerce. If you have a few months of spare time you can read this for a full explanation:)

    http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf

    That does not mean the media may get-off the civil legal hook. Arguably, Sony has a copywrite on the emails and their publication may violate that copywrite. Whether the first amendment offers the papers a defense I do not know.

    Also, those whose personal privacy was invaded could file a civil tort action against the media for invasion of privacy. But again, the published material was about celebrities. At least under slander and libel actions against the media, public personalities have a higher standard to bear - that the alleged false statement about a public figure's character, behavior, or statements was known to be false and was intended to be malicious.
     
    Last edited: Dec 26, 2014
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    In the US, journalists have far more leeway and protection than in the UK.
     
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    North Korea Accuses US Over Internet Blackouts
    http://news.sky.com/story/1398231/north-korea-accuses-us-over-internet-blackouts
     
  10. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "No, North Korea Didn’t Hack Sony

    All the evidence leads me to believe that the great Sony Pictures hack of 2014 is far more likely to be the work of one disgruntled employee facing a pink slip.

    I may be biased, but, as the director of security operations for DEF CON, the world’s largest hacker conference, and the principal security researcher for the world's leading mobile security company, Cloudflare, I think I am worth hearing out.........................."

    http://www.thedailybeast.com/articles/2014/12/24/no-north-korea-didn-t-hack-sony.html
    ..........
    "Poor evidence against North Korea in Sony hacking

    "A number of private security researchers are increasingly voicing doubts that the hack of Sony‘s computer systems was the work of North Korea................"

    "http://www.financialexpress.com/art...ce-against-north-korea-in-sony-hacking/23483/
    '''''''''''''
    "Whose Hack Is It Anyway?

    In short, no one, not even the FBI, can know who did this......."

    http://techcrunch.com/2014/12/26/whos-hack-is-it-anyway/?ncid=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed: Techcrunch (TechCrunch)

    ....................
    "Was the FBI wrong about North Korea? Experts suggest Sony hack was an inside job

    'We are very confident that this was not an attack master-minded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history,'security expert Kurt Stammberger recently told CBS News. Stammberger is a senior vice president with cybersecurity firm Norse.

    'Sony was not just hacked, this is a company that was essentially nuked from the inside,' Stammberger added.' "....................

    http://bgr.com/2014/12/26/sony-hack... TheBoyGeniusReport (BGR | Boy Genius Report)

    ..............
    "Who hacked Sony becomes Internet's new mystery

    ...........'Somebody's done it. And right now this knowledge is known to God and whoever did it,' said Martin Libicki, a cyber security expert at RAND in Arlington, Virginia,'.........

    ..Perhaps the only point of agreement among those guessing is that even the most dramatic cybercrimes can be really, really hard to solve convincingly. When corporations are breached, investigators seldom focus on attributing the crime because their priority is assessing damage and preventing it from happening again."

    http://phys.org/news/2014-12-hacked-sony-internet-mystery.html
     
    Last edited: Dec 27, 2014
  11. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  12. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    Sony: PlayStation Network is back online now, really
    http://www.networkworld.com/article/2863814/sony-playstation-network-is-back-online-now-really.html
     
  13. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    What do the experts here think of this analysis?

    "We Can Conclusively Confirm North Korea Was Not Behind Sony Hack"

    http://gotnews.com/breaking-can-conclusively-confirm-north-korea-not-behind-sony-hack/

    An enlarged easier to read version is here: http://www.informationclearinghouse.info/article40573.htm

    [WARNING: A visit to Information Clearing House site above, which is a non-commercial reader sponsored site that is not afraid to post articles that often speak Truth contrary to views and "information" broadcast/published by mainstream commercial media and governments, may get you on some NSA targeted surveillance list. It frequently posts articles with a strong anti-NSA illegal snooping viewpoint,among other not "politically correct" stories. While it has it's share of commentaries authored by biased nut-jobs, it also frequently posts stories by honored journalists such as Paul Craig a former Wall Street Journal editor/columnist, and the progressive Chris Hedges, former New York Times Pulitzer Prize winning reporter (foreign correspondant), who each write stories exposing what they refer to as Federal Government lies and illegal, unconstitutional actions.]
     
    Last edited: Dec 28, 2014
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    What needs to happen here is for the majority of the people to visit those sites and get on that list. If the list included most people, the quantity alone would make it worthless.
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I can speak to the argument that a file transfer speed of 480 Mbps, estimated from file timestamps, means that the leaker was physically present at a Sony LAN workstation. It's invalid. Working over SSH or whatever, one would have copied files to a Sony-local file container, and then retrieved the file container. 480 Mbps is doable on 1 Gbps LAN.
    We're sure that mirimir is on all those lists ;)
     
  16. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    This seems to be what's happened already:

    "NSA Struggles to Make Sense of Flood of Surveillance Data

    Spy Agency Drowns in Useless Data, Impeding Work, Former Employee Claims"

    http://www.wsj.com/news/articles/SB10001424052702304202204579252022823658850

    "Too Much Data, Too Little Analysis

    Lt. Gen. Clarence E. McKnight Jr.
    Author and former head of the Signal Corps

    For many years, I have been sounding the alarm about a national security apparatus running amok, raking in more data than can make use of. At times, I have felt like a lonely voice crying in the wilderness, but in truth, there is a growing chorus of others who are concerned about the same thing.

    "Too Much Information: Spy Agency Struggles To Make Sense of Data Flood" read a headline in the December 26, 2014, Wall Street Journal. The article quoted William Binney, who rose through the ranks at the National Security Agency (NSA) over a 30 year career, retiring in 2001. The NSA knows so much it cannot understand what it has, Binney said. "What they are doing is making themselves dysfunctional by taking all this data." Amen, brother........"

    http://www.huffingtonpost.com/lt-ge...jr-/national-security-agency_2_b_4504641.html
     
  17. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    I am close to certain that most if not all the usernames in this particular thread are on the "list". Several hours per day on TOR and VPN's would put anyone on it.
     
  18. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "FBI briefed on alternate Sony hack theory

    FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator
    — another example of the continuing whodunit blame game around the devastating attack.......

    Researchers from the cyber intelligence company Norse have said their own investigation into the data on the Sony attack doesn’t point to North Korea at all and instead indicates some combination of a disgruntled employee and hackers for piracy groups is at fault........

    Norse, one of the world’s leading cyber intelligence firms, has been researching the hack since it was made public just before Thanksgiving......

    The FBI said Monday it is standing behind its assessment, adding that evidence doesn’t support any other explanations..............

    'Whenever we see some indicators or leads that North Korea may be involved, when we follow those leads, they turn out to be dead ends,” Stammberger[Norse spokesman] said.' ............."

    http://www.politico.com/story/2014/12/fbi-briefed-on-alternate-sony-hack-theory-113866.html


    ".......Researchers from the security firm Norse allege that their investigation of the hack of Sony has uncovered evidence that leads, decisively, away from North Korea as the source of the attack. Instead, the company [Norse] alleges that a group of six individuals is behind the hack, at least one a former Sony Pictures Entertainment employee who worked in a technical role and had extensive knowledge of the company’s network and operations....."

    https://securityledger.com/2014/12/new-clues-in-sony-hack-point-to-insiders-away-from-dprk/


    "......The team [Norse] had started by examining a leaked database of employees made redundant during a a restructuring in May.

    Of six people Norse claim had involvement with the hack, one was a former staffer made redundant in May after 10 years at the firm. She had a very technical background and had used social media to berate the company after losing her job, it is claimed.

    Working with pro-piracy activists in the US, Asia and Europe, she may have used secretive discussion forums and IRC (chat) to coordinate the attack,.............."

    "http://www.theguardian.com/film/201...hers-claim-sacked-employees-could-be-to-blame
     
    Last edited: Dec 30, 2014
  19. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "U.S. suspects North Korea had help attacking Sony Pictures

    (Reuters) - U.S. investigators believe that North Korea likely hired hackers from outside the country to help with last month's massive cyberattack against Sony Pictures, an official close to the investigation said on Monday..............."

    http://in.reuters.com/article/2014/12/29/northkorea-cyberattack-idINKBN0K71FN20141229?rpc=401


    ".........Kevin Mandia, whose security firm was hired by Sony to investigate the attack, said the only way to know who the culprits were was to trace the network traffic from the infected machines back to the hackers' machines. Only the government and internet service providers have that kind of visibility, he added......"

    http://www.businessinsider.com/us-suspects-north-korea-had-help-in-sony-hack-2014-12


    So who will be making a movie about the hacking of a major movie studio because of one of it's movies?

    "All characters in this movie are fictional and any resemblance to actual events is totally circumstantial." :)
     
    Last edited: Dec 30, 2014
  20. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    The unusual suspects: Ex-employees, Lizard Squad may have aided Sony hack
    "We handed over some Sony employee logins to them," said Fung's source. "For the initial hack. We came by them ourselves. It was a couple."
    http://arstechnica.com/security/201...loyees-lizard-squad-may-have-aided-sony-hack/
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Sony Hacking Attack, First a Nuisance, Swiftly Grew Into a Firestorm
    http://www.nytimes.com/2014/12/31/b...-nuisance-swiftly-grew-into-a-firestorm-.html
     
  22. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  23. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I wonder how many North Koreans will end up being executed over that.
     
  24. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    What a sick perversion. Sony using "free speech" as a form of advertising to coerce people into watching that slop. A fine example of corporate manipulation of those too blind to see what they're doing.
     
  25. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.