

Sony Hackers Seen Having Snooped for Months - jack_axel
http://www.bloomberg.com/news/2014-12-19/sony-hackers-seen-having-snooped-for-months-planted-bomb.html

======
revscat
_Hackers who broke into Sony Corp. (6758)’s Hollywood unit probably spent
months collecting passwords and mapping the network before they committed a
last act of vandalism, setting off a virus that wiped out data and crashed the
system in 10 minutes._

 _Trend Micro Inc. (4704) arrived at these conclusions after running
simulations on a copy of the virus that struck Sony Pictures Entertainment’s
computers. The Tokyo-based developer of security software declined to reveal
where it got the malware._

I am so far unconvinced that this was the work of a foreign government rather
than an insider, and this article does little to make the case for DPRK
involvement. The US government is heavily implying that they are to blame, but
as yet have not given specifics as to why they think so. This article provides
little new information in this regard. In fact, if anything, the following
quote indicates an insider is just as likely to be the source:

 _While it’s unclear how the hackers got access to Sony’s network, the virus
they used to destroy it is available on the black market and can be used
without a high level of technical sophistication, according to Someya. It was
customized for the company, embedding in the program account names and
passwords and targeting the security software, he said._

~~~
berberous
An insider strikes me as extremely unlikely. You would need to have someone
that is normal and skilled enough to be hired at Sony (presumably in IT), but
malicious or wronged enough to attempt to destroy the entire company,
including wronging all of your co-workers and risking serious risk of
prosecution from the U.S. government. Also, you would presumably be skilled
enough to evade the FBI, but still somehow be stuck in some mid-tier Sony IT
gig.

On the other hand, this strikes me as totally within the realm of possibility
for North Korea. They have the skills, they don't really give a shit about
pissing off Sony or the FBI, and they have motive.

~~~
wpietri
I think that's too narrow. You need one person with access to feel wronged,
and you also need strong black-hat skills, but they don't have to be the same
person.

Hollywood is famous for screwing people over, so I doubt there is a deficiency
in people with grudges. Suppose one of those people were willing to spend $50k
on this? Suppose they had a friend or a second cousin with a connection to
some people with skills and a taste for large-scale lulz?

~~~
berberous
These people literally threatened another 9/11, the FBI is involved, and the
White House is apparently seriously considering responding in some manner. I
think any regular black hat or American would rightly be pissing themselves
and disappearing if this were just for the lulz or revenge. The risk is just
too disproportionate to the 'gain.' Unless you are a nation state that already
has no qualms about hacking others, and is immune from prosecution and knows
that the U.S. is not going to go to war over this.

~~~
Nacraile
You're assuming basic rationality of people, which unfortunately isn't
universally valid (I have the same intuitive tendency, which I've learned to
be aware of and compensate for).

Disgruntled (usually ex-) employees have been known to do some pretty insane,
destructive things, without appropriate regard for personal consequences. What
was the name of that guy who locked his ex-employer out of their
infrastructure and caused a big rumpus a few years ago, again? More to the
point - we know that there exist people who are capable of walking into their
workplace with an assault rifle; the existence of a person inclined to execute
the attack on Sony should not be surprising.

------
quahog
I think the truth could run in one of two directions. Todays news implied that
Iran, China and North Korea were in cahoots and aggressively attacked Sony for
months and finally penetrated their bastion. Sony was helpless to defend. That
is what the press and FBI seem to be saying.

The facts seem to say that Sony was incredibly incompetent and had all sorts
of sensitive files sitting on servers with no access protection. Sr. staff
never deleted emails and made newsworthy statements in their emails,
especially ones that attacked celebrities and even the President. With this
juicy material, including unreleased movies, all free for the taking, the
hackers used well known standard techniques to penetrate. Then they leisurely
sucked down a lot of information and no one noticed the traffic.

While there is no excuse for theft, if I have shoddy locks, no lights, no
alarms, on my home I may be at more risk than if I had solid locks, security
systems, lights, etc. Whether it was North Korea or the next door neighbor, it
was not a particularly difficult crime to pull off.

~~~
connie_lingus
_I think the truth could run in one of two directions. Todays news implied
that Iran, China and North Korea were in cahoots and aggressively attacked
Sony for months and finally penetrated their bastion. Sony was helpless to
defend. That is what the press and FBI seem to be saying._

this narrative just seems way to neat and prepackaged and allows under-
informed US citizens to consume it and still feel safe and make sense of the
connected world we all swim in every day.

i agree it's being spoonfed via media and politicians, but to me, that's all
the more reason to be highly suspect of it.

this event is becoming the ultimate nail to everyone's hammer.

------
easytiger
In my experience it is worth ignoring anything said by anyone selling security
software in matters of security.

------
sp332
Oh, not an actual bomb.

~~~
jagermo
Thank you, I thought the same thing. But the journalist just re-watched
Swordfish, it seems.

------
drcongo
Not being fluent in American English, does that headline make any sense at
all? Because it sure doesn't in English English.

~~~
camperman
It's grammatically incorrect. English pluperfect tense should be used like so:

Sony Hackers Seen Snooping for Months, Planting Bomb

The actions of snooping and planting the bomb are in the past but before the
implied event of discovery which is also in the past so it must be pluperfect.
The form "Having Snooped" can only be used in a pluperfect inversion such as:

Having snooped around for months, the hackers planted a bomb.

~~~
drcongo
Thank you!

------
cek
I found the use of "minions" interesting in this article. First time I've seen
it used in reference to malware or a virus.

------
junto
Ah, so it seems to be confirms that North Korea are definitely behind the Sony
hack. Thank you Bloomberg security consultant.

------
faragon
Why hackers attack that hard Sony and not other companies? Or they don't spend
enough in securing their systems?

------
DontBeADick
That title is mildly infuriating. Using the term "bomb" to refer to software
when actual bomb threats have been made is the epitome of clickbait.

------
towelguy
> hackers

Sometimes I wonder if I should keep wasting breath trying to get people to
call crackers for what they actually are.

~~~
eterm
You absolutely should stop wasting breath trying to define how others use
language.

Hackers is clear in its meaning in this context.

