Sony Pictures. The plot thickens

The did they/didn’t they pantomime style reporting about the Sony Pictures breach discussed in last week’s Threat Of The Week has taken the front and middle pages of trade, broadsheet and tabloid publications to dizzy new heights of conjecture.

Here are some of the highlights:

  • Unreleased films have been posted on torrent sites including the forthcoming ‘Fury’. They have been downloaded by over a million unique subscribers apparently.
  • Additional data has certainly been exfiltrated from Sony Pictures including, employee details, HR details, Healthcare details. Some of this data is now being traded online. See here.
  • It appears that specific systems were systematically overwritten/reformatted using a piece of malware variant so as to be unrecoverable.
  • The FBI released an emergency ‘FLASH’ warning about a new piece of malware with data wiping capability.  Although there is no stated link between this alert and Sony Pictures data above, there is some suggestion that this malware was written using ‘Korean language packs’ which has lead to speculation that the hack may be pre-emptive retaliation for the forthcoming Sony Pictures film ‘The Interview’ which is about the North Korean leader Kim Jong Un…
  • Sony Pictures took down all of their systems including voicemail for some time whilst investigating this incident.

You couldn’t make this stuff up if you were, err a scriptwriter for a major studio.

At this time we would like to acknowledge that we may have been wrong in our assessment of Sony Pictures being ‘just a little bit’ hacked last week, although we look forward to the cold hard facts if ever they see the light of day. Just as much as we look forward to ‘The Interview’ and hope it lives up to the seminal ‘Team America’.

As part of our ‘Five Steps to infrastructure security’, we advise our clients to identify and categorise critical assets, data or systems in order to prioritise investment in security controls and supporting technology.  Watermarking your content may identify the leak of a DVD to the pirateers but it does nothing if the MotherShip is breached.

As mentioned last week, we are working hard to link technology, incident management process and business risk in order to prepare our customers to manage serious breaches including blackmail and the loss and sale of sensitive data. We think this should become a key component of your business continuity process.

We are also integrating more threat intelligence into our NetSure360° managed security service focussed on industry verticals, generic threats and specific customer risks, delivered in a structured, prioritised and actionable manner rather than the ‘Gruffalo Gonzo’™ (journalism/marketing) hyperbole we see so much of.

Please don’t download the Sony torrents. This is a crime, no matter how opportunistic.

Koreans/Inside job/Other, what do you think? Please feel free to leave comments below!

If you would like to talk to us about any of the subjects discussed, please contact us at : [email protected] or call 020 7517 3900