IT Support and Hardware for Clinics
38.4K views | +2 today
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...!

Will Sony Settle Cyber-Attack Lawsuit?

Will Sony Settle Cyber-Attack Lawsuit? | IT Support and Hardware for Clinics |

Did Sony underspend on information security, thus contributing to the success of the devastating hack attack against it, which came to light in November 2014? And can a business be held legally accountable by employees for their employer's information security shortcomings?

Those questions are central to a lawsuit filed by Michael Corona and eight other former Sony employees in the wake of what plaintiffs rightly dub a data breach "epic nightmare, much better suited to a cinematic thriller than to real life." Their suit accuses Sony of having failed to put an effective information security program in place, despite having previously suffered repeated, serious attacks.

 An epic nightmare, much better suited to a cinematic thriller than to real life. 

"Sony failed to secure its computer systems, servers and databases, despite weaknesses that it has known about for years," the lawsuit alleges, citing in part a September 2014 audit by PricewatershouseCoopers, which found that Sony's information security and monitoring practices fell below "prudent industry standards."

The lawsuit further alleges that nearly 100 terabytes of data was stolen, including 47,000 Social Security numbers and personally identifiable information for at least 15,000 current and former employees, some of whom had not worked for the studio since 1955. As a result, breach victims "face ongoing future vulnerability to identity theft, medical theft, tax fraud, and financial theft," the lawsuit plaintiffs allege. "In fact, plaintiffs' PII has already been traded on black market websites and used by identity thieves."

Lawsuit Ruling

Sony asked a court to dismiss the suit, and U.S. District Judge R. Gary Klausner this week did dismiss some parts, including allegations of breach of contract and that Sony failed to notify breach victims in a timely manner.

But in a setback for Sony, the judge ruled that other parts of the lawsuit can proceed, although he has yet to rule on the merits of these claims, including plaintiffs' allegation that Sony "made a business decision to accept the risk of losses associated with being hacked." The federal judge also agreed with the former employees' allegation that "to receive compensation and employment benefits, they were required to provide their PII to Sony." While many data breach lawsuits get dismissed on the grounds that the breach did not cause any economic harm to people whose information was stolen, Klausner said that by requiring employees' PII, Sony created a "special relationship that provides an exception to the economic loss doctrine."

Michael Sobol, an attorney for the plaintiffs, told the BBC, "We are pleased that the court has properly recognized the harm to Sony's employees."

A spokeswoman for Sony Pictures Entertainment did not immediately respond to a request for comment on the ruling.

In the wake of the 2014 attack, at least nine other lawsuits were filed against Sony by individual former employees. Like the Corona suit, all of these lawsuits seek class-action status, meaning they would include all current and former employees who were affected by the cyber-attack.

Wiper Malware Attack

To recap: Sony suffered a devastating wiper malware attack in November 2014, ostensibly designed to punish the company for releasing "The Interview," a satiric film starring James Franco and Seth Rogan that featured the fictional death of North Korean leader Kim Jong-un.

But before the attackers unleashed their wiper malware and began erasing Sony hard drives and bricking laptops, they penetrated Sony's network and stolen tens of terabytes of data, including copies of unreleased movies and the script for the upcoming James Bond film "Spectre," as well as numerous private email exchanges, all of which the attackers began leaking.

Sony, in a December 2014 breach notification filed with California state authorities, reported that the breach appeared to compromise current and former employees' names, addresses, Social Security numbers, driver's licenses and passport numbers, corporate credit card information, usernames and passwords, and salaries. Sony also warned that individuals' "HIPAA-protected health information" may have been exposed, including medical diagnoses, dates of birth, health plan identification numbers, and personal and health-related information.

As noted in Corona's lawsuit, large amounts of this information were leaked to the Internet by attackers and likely remain in circulation.

Lawsuit Resolution: Unclear

What will happen next in the Sony class-action lawsuit saga, of course, is not clear. But based on past breach-related lawsuits, it's likely that unless the lawsuit gets dismissed, Sony will ultimately settle, rather than risk a jury trial and ruling that might give breach victims more rights.

If Sony did make a business decision to underspend on security, it was a costly move. In February, Sony said in an earnings report that it expected to spend $35 million in cleanup costs through the end of its fiscal year in March, largely related to restoring the company's "financial and IT systems." But as the multiple lawsuits highlight, Sony faces continuing legal costs, as well as the risk that it will eventually have to pay damages or settlements.

But any such settlement likely would not happen soon. Indeed, Sony only settled a lawsuit filed in the wake of its April 2011 breach - a year in which the company fell victim to more than a dozen breaches - in June 2014. That breach exposed personal information for 77 million users of the Sony PlayStation Network and Qriocity services.

By that timeline, the lawsuits stemming from the 2014 Sony cyber-attack may not be resolved until at least 2017.

No comment yet.!

VAIO's first post-Sony laptops transform into tablets

Sony jettisoned VAIO more than a year ago now, but the iconic PC brand isn't dead. Sold to investment fund Japan Industrial Partners, VAIO is back with two new PCs, announced today in Tokyo. The VAIO Z and the VAIO Z Canvas are the first devices designed and put out by VAIO itself — the former is the company's new flagship, a $1,600 ultrabook with a hinged back that lets users transform it from laptop to pseudo-tablet, while the latter is a cheaper, smaller, and lighter option with a detachable keyboard.

The full-blooded VAIO Z comes in two variants, each with a 13.3-inch display, either an Intel i7 or i5 processor, an aluminium carbon shell body, and an SSD that the company says can boot the computer from standby in 0.3 seconds. A hinge on the back of the Z's chassis allows the laptop's display to be turned, either so it can face outwards with the laptop closed to form a tablet, or so it can be flipped to show others what you're working on. VAIO calls the flagship Z a "monster PC," but says it won't chew through power too fast. For the hefty pricetag, the company boasts you'll get a machine with more than 15.5 hours of battery life — the longest ever for a VAIO laptop.

No comment yet.!

A security firm claims it was Russia that hacked Sony — and that it still has access

A security firm claims it was Russia that hacked Sony — and that it still has access | IT Support and Hardware for Clinics |

There's a new twist in the story of the devastating hack on Sony Pictures late last year: A security firm says Russian hackers also secretly played a part in the attack. And, the firm says, the hackers still have access to the movie studio's computer systems.

Taia Global released a report Wednesday alleging that Russian hackers managed to gain access to Sony Pictures Entertainment's computer systems at the same time the hacking group known as Guardians Of Peace launched a massive attack on the studio, as reported by PC World.

Vast quantities of confidential company information were published online in the hack in December, including movie screeners and executive emails. The prevailing consensus is that North Korea was responsible, as retribution for the James Franco comedy "The Interview." The American government has publicly blamed the reclusive authoritarian state for the hack. Some security researchers had previously disputed this, and Taia is now challenging the narrative.

Taia CEO Jeffrey Carr says he has received multiple files from a source, Russian hacker "Yama Tough," that appear to be internal Sony Pictures documents that were not included in any Guardians Of Peace data dumps. At least one document has been verified as legitimate by its author, Taia says.

Tough allegedly received the documents from a member of the "assault team" behind the hack, referred to as "Unnamed Russian Hacker," or URH. URH is a Russian "long-time black hat hacker who does occasional contract work for Russia's Federal Security Service."

Perhaps most significantly, Taia says Sony Pictures is "still in a state of breach." Taia's report says it has received documents from Sony from late January 2015, long after the hack supposedly ended. URH "appears to have at-will access to the company," the security firm says. (Sony Pictures would not comment on Taia's findings.)

Why would the Russians hack Sony? One theory is that before people began linking the hackers to North Korea, the hackers had originally demanded money from Sony. (Sony execs didn't read that email ... until it was too late.)

From this, the Taia Global suggests two possibilities:

  • Russian hackers attacked Sony Pictures Entertainment, either at the same time or shortly after the attack from (the presumably North Korea-linked) Guardians Of Peace.
  • North Korea was not involved with the Sony attack after all, and it was Russian hackers after all.

There is a third option, however, that Taia does not consider. It's that North Korea (or North Korean-affiliated hackers) was solely responsible for the attack but at some later date the previously unseen documents left their possession, eventually reaching Taia. An unknown intermediary may have fooled Yama Tough by falsely claiming to be URH. Or Tough could be lying to Taia about where he got the documents from (he could have even stolen them himself). Either possibility would mean there is not necessarily any Russian involvement — but if the documents are legitimate, it would nonetheless provide a new avenue of investigation.

Carr told Forbes he had "full trust in his source," though he conceded the material could come from "Yama Tough himself, but he's denying that."

Taia has pushed alternative theories on the origins of the Sony hack before. A "linguistic analysis" it carried out on the known statements of Guardians Of Peace shows, the company says, that the hackers are likely to be Russian speakers.

No comment yet.!

Congress will hold a public hearing on North Korea's hacking powers next week

Congress will hold a public hearing on North Korea's hacking powers next week | IT Support and Hardware for Clinics |

In the wake of the Sony Pictures hack, Washington is showing a new focus on the threat posed by North Korea. The House Foreign Affairs Committee has called for a public briefing on Tuesday that will examine the country's hacking capabilities, with testimony from the Departments of State, Treasury and Homeland Security. The briefing will focus on steps the US is taking to curtail or protect against the country's apparent capabilities. "There can be no doubt that the Kim regime means America harm," Chairman Ed Royce (R-CA) said in a statement, "and as we saw last month, Pyongyang can deliver on its threats."

President Obama has already ordered new sanctions against North Korea in direct response to the attack, but has also hinted at further measures yet to come, calling the sanctions the "first aspect" of the government's response. Others in Congress are also calling for new defensive measures, resurrecting the controversial CISPA cybersecurity bill. Given the newfound interest in digital defense, supporters see this as the bill's best chance to get through Congress. On Wednesday, FBI director James Comey reiterated his confidence that the nation was responsible, saying, "we know who hacked Sony. It was the North Koreans."

No comment yet.!

Sony Hackers Threaten A Media Organization, Likely CNN, And Others

Sony Hackers Threaten A Media Organization, Likely CNN, And Others | IT Support and Hardware for Clinics |

The hackers who compromised Sony Pictures Entertainment’s servers, releasing private files and emails to the public which detailed everything from the personal, financial and medical data of present and past employees’ to Sony’s plan to revive SOPA with the MPAA’s help to the MPAA’s plans to break DNS in an effort to fight piracy, and much more, are now threatening a “news media organization,” according to a new report. That organization may be CNN, based on information posted on anonymous sharing site Pastebin.

The Intercept today published a join memo from the FBI and the Department of Homeland Security it obtained which says the hacking group, known as the “Guardians of Peace,” have threatened to attack a U.S. new media organization, and the threat “may extend to other such organizations in the near future.”

The memo doesn’t state the news media organization by name, but instead references Pastebin messages that taunt both the FBI and “USPER2,” which is how the FBI’s memo referenced the news media organization. The memo only mentioned the news organization was mocked for the “‘quality’ of  their investigations,” and an additional threat was implied.

Further investigation by Matthew Keys at The Desk uncovered copies of messages posted to Pastebin on December 20th, which have since been removed. One message mocked CNN for its “investigation” into the Sony hack, and offered a gift in the form of a YouTube video entitled “you are an idiot!”

Google’s cache still hosts the Pastebin message in question, which reads in part:

The result of investigation by CNN is so excellent that you might have seen what we were doing with your own eyes.
We congratulate you success.
CNN is the BEST in the world.

The message ended with a demand that CNN “give us the Wolf,” which probably refers to CNN news anchor Wolf Blitzer, notes The Desk.

It’s unclear at this point how legitimate a threat this was (beyond being mentioned in the FBI memo, of course). And it’s also unclear if or how the FBI may have authenticated this Pastebin message to attribute it to the same group behind the Sony hack.

The DHS and FBI memo concludes that “hacking groups have historically made exaggerated threat statements,” but still warns that federal, state and local governments’ cyber, counterterrorism and law enforcements, first responders, and private sector security partners “remain vigilant to threats of physical violence or cyber attacks.”

The FBI stated it believed North Korea was behind the attack on Sony Pictures, though some claim their evidence is flimsy. North Korea also denied it was involved. More recently, a report from a cybersecurity firm Norse Group states the hack appears to be an “inside job” involving disgruntled ex-employees.

The Guardians of Peace stole an estimated 100 terabytes of data from Sony’s servers, but the hack itself wasn’t very sophisticated. Sony’s technology infrastructure was poorly protected, and the company didn’t have sufficient password standards. Documents weren’t encrypted and top execs, including CEO Michael Lynton, were using very simple passwords – all things that were well outside industry best practices, it’s been said. Meanwhile, news organizations like CNN tend to be better protected, given they’re often the target of hacks, state-sponsored and otherwise.

No comment yet.!

Samsung smart TVs will soon be able to play PlayStation games without a PlayStation

Samsung smart TVs will soon be able to play PlayStation games without a PlayStation | IT Support and Hardware for Clinics |

Sony is getting serious about bringing PlayStation-powered gaming to HDTVs regardless of whether or not you actually have a PlayStation—and not just Sony-made HDTVs, either. Sony and Samsung recently announced that the PlayStation Now game streaming service will land on select Samsung smart TVs in early 2015 in the U.S. and Canada.

There's no word on whether you'll need a 2015 Samsung TV or if earlier models will work with the new service. Samsung should provide more details in January when the company demonstrates PlayStation Now running on its TVs during the Consumer Electronics Show.

Why this matters: Similar to smartphones, smart TV makers are always trying to expand the capabilities of their hardware and improve their app catalogs. Until now, most TV makers have had to rely on mobile games like Angry Birds, but PlayStation Now is an ideal platform for any TV set since PlayStation games were originally designed for the large screen. Samsung may be just the first TV maker to offer PlayStation Now streaming as Sony looks to expand the service beyond its own devices.

Almost no additional purchases required

Like other apps available on Samsung TVs, PS Now will be a download from the Smart Hub. The only other requirement is that TV owners will have to purchase a Dual Shock 4 controller to play the games.

PS Now currently offers more than 200 games from the PlayStation 3 catalog, including Final Fantasy XII, God of War: Ascension, and Killzone 3. The complete list of PS Now games is on Sony's site.

Samsung's smart TV lineup will be the first non-Sony devices to offer the PS Now service. Currently, PS Now is available on the PS4, PS3, PS Vita, Sony HDTVs, and the PlayStation TV.

PlayStation Now is currently in an open beta period that began in late July. Sony did not say if the service would exit beta before it lands on Samsung TVs

No comment yet.!

Who Disrupted Internet in North Korea?

Who Disrupted Internet in North Korea? | IT Support and Hardware for Clinics |

Companies that monitor Internet traffic say the Internet went dark in North Korea on Dec. 22, days after President Obama pledged there would be a "proportionate response" to the cyber-attack on Sony Pictures Entertainment that the FBI blames on the North Koreans.

"I haven't seen such a steady beat of routing instability and outages in KP before," Doug Madory, director of Internet analysis at Dyn Research, tells the website North Korea Tech, referring to North Korea's Internet domain abbreviation. "Usually there are isolated blips, not continuous connectivity problems. I wouldn't be surprised if they are absorbing some sort of attack presently."

North Korea lost connectivity around 11 a.m. EST, according to CloudFlare, a provider of performance and security services for websites. Twelve hours later, the Associated Press reported the service had been restored.

Small Internet Footprint

CloudFlare chief executive Matthew Prince says if North Korea was victimized by a DDoS attack, it wasn't necessarily conducted by the United States or another nation state. Prince estimates that the capacity of North Korea's Internet is no greater than tens of gigabits per second. "Given the largest DDoS attacks are an order of magnitude larger than that," he says, "it is conceivable that an attack saturated the connection and knocked the site offline."

Prince says groups much smaller than a nation-state - even an individual - could pull off such a DDoS attack, pointing out that a British teenager pleaded guilty a few weeks ago to launching an attack generating 300 Gbps against Spamhaus, an organization that tracks e-mail spammers.

"That, again, is likely at least an order of magnitude larger than the total capacity of North Korea's link to the public Internet," he says. "In other words, if it turns out it was an attack, I'd be far more surprised if it was a government launching the attack than I would if it was a kid in a Guy Fawkes mask." The Guy Fawkes mask is a symbol used by the hacktivist group Anonymous.

Who's Responsible?

Dan Holden, director of security research at Arbor Networks, told Bloomberg News that it was unlikely the U.S. was behind the outage. "If the U.S. government was going to do something, it would not be so blatant and it would be way worse," he said. "This could just be someone in the U.S. who is ticked off because they're unable to see the movie," he said, referring to "The Interview," the film that Sony yanked after receiving threats from hackers.

State Department spokeswoman Marie Harf wouldn't comment on whether the United States was behind a cyber-attack on North Korea. "We aren't going to discuss publicly operational details about the possible response options," she said at a Dec. 22 briefing, adding that "as we implement our responses, some will be seen, some may not be seen."

The impact of an Internet outage in North Korea would be negligible because so few individuals and businesses in North Korea have access to the Internet. "It might cause short-term pain for the elites that have access to Internet, but it's not going to have a long-term effect," says Adam Segal, director of the program on digital and cyberspace policy at the Council of Foreign Relations, a think tank.

According to the New York Times, North Korea does very little commercial or government business over the Internet, officially registering only 1,024 Internet protocol addresses, though the actual number may be somewhat higher. The United States, by comparison, has billions of addresses.

Other Possible Causes

CloudFlare's Prince offered three other potential causes for the outage, including the North Korean government removing itself from the Internet. "We've seen this before when other countries with low levels of connectivity and governments with high degrees of power over telecommunications have terminated Internet access," Prince says, citing Syria as an example.

North Korea's Internet service provider, China Unicom, might have terminated service. "Since North Korea relies on a single provider upstream of the country, if China Unicom terminated access, it would effectively eliminate North Korea's Internet access," he says.

Prince also says that North Korea might have fallen victim to an "unfortunately timed" hardware failure or cable cut. "It's unlikely that North Korea has an up-to-date Cisco support contract, and a critical resource may have failed for innocuous reasons."

No comment yet.!

Sony Hack a 'National Security Matter'

Sony Hack a 'National Security Matter' | IT Support and Hardware for Clinics |

The White House says that it's treating the malware attack against Sony Pictures Entertainment and subsequent data leaks as a "national security matter." But the administration says it's too early in its investigation into the attack to definitively attribute the attacks to any particular group or nation state.

"This is something that's being treated as a serious national security matter," White House Press Secretary Josh Earnest told reporters in a Dec. 18 briefing. "There is evidence to indicate that we have seen destructive activity with malicious intent that was initiated by a sophisticated actor. And it is being treated by those investigative agencies, both at the FBI and the Department of Justice, as seriously as you would expect."

The hacker attack against Sony has reportedly included data theft and, on Nov. 24, wiper malware being used to erase Sony data. That's been followed by ongoing data leaks and other threats against Sony Pictures Entertainment and its employees.

Earnest says the ongoing attack "has also been the subject of a number of daily meetings that have been convened here at the White House," led by homeland security adviser Lisa Monaco and cybersecurity coordinator Michael Daniel and including representatives from intelligence, diplomatic, military and law enforcement agencies.

A group that calls itself the Guardians of Peace has claimed credit for the attack against Sony Pictures, including the leaks of stolen data, which has included top Sony Pictures executives' Outlook e-mail spools. After "G.O.P." launched its attacks and began leaking data, however, the group then claimed it would stop the data leaks if Sony canceled its forthcoming comedy "The Interview," which centers on a tabloid TV reporting team that gets approached by the CIA to assassinate Kim Jong-un, who heads the Pyongyang-based communist dictatorship that rules North Korea.

After G.O.P. published a "terror" threat against movie theaters, U.S. theater chains announced that they would not show the film. Subsequently, Sony announced that it would shelve "The Interview" indefinitely, which has sparked a further backlash against the already beleaguered movie and television studio.

Investigation Still 'Progressing'

In response to questions about whether North Korea launched or sponsored the Sony attack, Earnest said that while the investigation is "progressing," he was not yet able to comment on that question, Reuters reports. But he said that the administration "would be mindful of the fact that we need a proportional response," and cautioned that the people behind these types of malicious attacks were "often seeking to provoke a response."

"They may believe that a response from us in one fashion or another would be advantageous to them," Earnest said, for example, by focusing international attention on their agenda, or increasing their standing with peers.

Ken Westin, a security analyst at information security vendor Tripwire, says it is premature to attribute the Sony hack to any specific group or nation. "FBI notices have been sent out stating specifically no connection has been made and that the investigation is still under way," he says.

While the White House and FBI say it's too soon to blame the hack attack against Sony Pictures - which is a subsidiary of Japanese multinational conglomerate Sony - on any particular group or actor, other government officials have nevertheless been sharing their own theories with multiple media outlets. "We have found linkage to the North Korean government," a "U.S. government source" tells NBC News, which reports that the attack against Sony appeared to have been launched from outside North Korea. But no evidence was supplied that might confirm any supposed linkage to Pyongyang having participated in or ordered up the attacks.

Information security experts, meanwhile, have warned against reading too much into any supposed "linkage" between the Sony hack and North Korea, or the fact that unnamed government sources told the New York Times that North Korea was "centrally involved" in the attack against Sony, saying such suppositions have yet to be confirmed by the release of any supporting facts. In fact, security experts warn, the information being cited by unnamed government officials at times seems to contradict suggestions of Pyongyang involvement.

"People don't seem to be reading past the headline or first couple of paragraphs," says CEO and security expert Brian Martin, a.k.a. Jericho, in a blog post, referring to the New York Times report. "What seems like a strong, definitive piece falls apart and begins to contradict itself entirely halfway through the article."

Intelligence Not 100% Reliable

Furthermore, what one unnamed intelligence source believes may not square with another intelligence source, warns Jeffrey Carr, CEO of threat-intelligence sharing firm Gaia International. He says the intelligence community "is rarely unified when it comes to intelligence analysis; especially cyber-intelligence."

Carr and other security experts have also warned that whoever is sharing supposed Sony-related intelligence may also have a political agenda. "Cybersecurity has become an increasingly political topic thanks to recent NSA revelations and increased defense spending being allocated to cyber defense - and offense - not to mention issues of pirating, net neutrality, privacy and related topics, all of which the Sony breach touches on," Tripwire's Westin says.

Despite the lack of solid evidence that proves North Korea is responsible for the Sony attack, some commentators have been referring to the hack against Sony in military terms. Former Congressman Newt Gingrich, for example, claims that "with the Sony collapse America has lost its first cyberwar."

But security experts have cautioned against jumping to conclusions. "I've said it for a week, and I must say it again," Martin of says. "How about we wait for actual evidence. ... Remember, North Korea is the same country that threatened the U.S. with a nuclear missile earlier this year. They like to rattle their saber at everyone, but it doesn't mean they actually did anything."

Kyle Greene's curator insight, October 18, 2017 11:59 AM

Cyber Security is a growing concern among all companies in the Entertainment and Media industries. This article addresses the notion that the treaty to companies cyber security is so prominent that government agencies such as the White House and the FBI. I feel that this article is a reliable source because it is from a website hosted by Cyber Security workers, and authors who have first hand experience in Cyber Security.!

Sony Hacking Scandal -- Execs Convinced It's an Inside Job

Sony Hacking Scandal -- Execs Convinced It's an Inside Job | IT Support and Hardware for Clinics |

Sony execs are now convinced someone who worked for the studio is behind the massive hacking ... because no one from the outside could so precisely target the compromising information.

Multiple sources connected to the studio tell TMZ ... the strong, prevailing view is that the North Koreans are probably involved, but they used someone with intimate knowledge of the Sony email system to laser in on the most embarrassing information.

We're told the people at Sony who are investigating believe the hackers had intimate knowledge of mail systems and their configurations. They also believe the hackers have knowledge of the internal media distribution systems and the internal IT systems, including human resources and payroll.

Several people suggested a possible link between the hackers and Sony layoffs, which included a large number of IT employees.

Via Roger Smith, Paulo Félix
Roger Smith's curator insight, December 17, 2014 4:43 PM

Insider job or very precise social engineering, either way not understanding the threat is the biggest problem for an organisation.

Mcol's curator insight, December 19, 2014 9:46 AM

Exemple de SONY!

Sony Hackers Threaten Movie Theaters

Sony Hackers Threaten Movie Theaters | IT Support and Hardware for Clinics |

The U.S. Department of Homeland Security says it has no evidence to suggest that a "terror" threat made by hackers against movie theaters and theatergoers - in relation to the release of the forthcoming Sony Pictures Entertainment comedy "The Interview" - is credible.

While DHS confirms that it's aware of the threat, the agency says in a statement that "at this time there is no credible intelligence to indicate an active plot against movie theaters within the United States."

The response from DHS follows the release of a message from a group that calls itself the Guardians of Peace. "Remember the 11th of September 2001," the group warns. "We will clearly show it to you at the very time and places 'The Interview' be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. ... We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you'd better leave.)"

The warning was contained in a message posted Dec. 16 to the FriendPaste and Pastebin text-sharing websites, by "G.O.P.," following the group's damaging Nov. 24 wiper malware attack against Sony Pictures Entertainment, as well as its ongoing anti-Sony public relations campaign, which to date has seen the group reportedly release tens of gigabytes of stolen Sony data.

In response to G.O.P.'s threat, Sony Pictures has told theaters that it will allow them to decide whether they want to show the film. On Dec. 16, Carmike Cinemas - the fourth-largest U.S. exhibitor, by number of screens - said it won't show the film, The Wall Street Journal reports.

The Interview, which is due to have its U.S. release on Christmas Day, stars James Franco and Seth Rogan - who also co-directed - as a tabloid TV reporting team who land an interview with North Korean dictator Kim Jong-un in Pyongyang, but who get approached by the CIA to instead assassinate him.

In response to G.O.P.'s threat against theaters and movie-goers, some Hollywood luminaries have responded by publicly pledging to see the film.

No comment yet.!

Sony Data Breach: Over 100 Documents With Thousands Of Passwords Exposed

Sony Data Breach: Over 100 Documents With Thousands Of Passwords Exposed | IT Support and Hardware for Clinics |

The massive Sony data breach that made headlines earlier this year has apparently gotten even worse.

New reports confirm that the hackers behind that major corporate hack have struck again. This time around, the group released an abundance of documents filled with confidential information and secured data.

A core element of the new batch of leaked data is a file directory identified by the simple title, “Password.” The directory consists of approximately 139 Microsoft Word documents and Excel spreadsheets as well as PDFs and zip files that are loaded with thousands of passwords.

BuzzFeed reports that an abundance of internal computers, web service accounts, and social media accounts from Sony Pictures have been compromised because of Wednesday’s leak.

The majority of the files are not even discreetly named, especially since many of them are simply titled with labels such as “YouTube login passwords.xlsx” and “password list.xls.”

BuzzFeed was able to find hundreds of clearly identified MySpace, YouTube, Facebook, and Twitter passwords as well as usernames that are associated with major motion picture accounts all stored within a single file.

For example, some of the passwords discovered within the leaked documents are linked to such popular films as Easy A, The Social Network, and Ghostbusters. After analyzing the overall condition and layout of the passwords, BuzzFeed reportedly concluded that the passwords were poorly structured and not even alphanumerical.

The leaked documents also include log-in information for servers, collaboration services, and multiple corporate research and news services — including Bloomberg and Lexis/Nexis. The subscriptions alone accumulate tens of thousands of dollars on a monthly basis.

One individual’s passwords for numerous, high-valued data serviced were also included — especially since they were not very strong in nature either.

Some reports claim that the hackers responsible for this massive Sony data breach are connected somehow to the North Korean government. The files can be downloaded online through torrent files, which means that this vast collection of confidential information can easily be accessed by almost any cyber criminal.

Even though this may seem like a very large breach, it is only the tip of the iceberg when it comes to all of the confidential data that still has not been leaked yet.

BuzzFeed reports that this second leak (in addition to the first) represent a relatively small fraction of an estimated 100 terabytes of data that have reportedly been taken from Sony.

If that report is true, that means that there very well could be many more documents, passwords, and log-in information from Sony Pictures being leaked to the public in the future.

No comment yet.!

Sony Suffers Further Attacks

Sony Suffers Further Attacks | IT Support and Hardware for Clinics |

Sony has been attacked again, with a distributed-denial-of-service attack gang claiming credit for knocking the company's PlayStation Network and related store offline.

Visitors to the PSN sites - which support multiplayer gaming and distributes Sony's movies and games - have instead been seeing the following error message: "Page Not Found! It's not you, it's the Internet's fault."

Sony says via Twitter that it's aware of the outages: "We are aware that users are having issues connecting to PSN. Thanks for your patience as we investigate."

A hacker or gang called Lizard Squad claimed credit for the attacks in a Dec. 8 message posted to Twitter at 12:29 a.m. GMT. The disruption follows the group in recent days claiming that it disrupted other gaming networks, including Valve's Steam, and Microsoft's Xbox Live. And Lizard Squad says the disruptions are just a "small dose" of what it has planned for December. "Unlike Santa, we don't like giving all of our Christmas presents out on one day. This entire month will be entertaining," the group tweets. The gang previously claimed credit for a series of August DDoS attacks against Sony, as well as for a tweet about explosives being aboard an American Airlines flight on which Sony president John Smedley was traveling, which caused authorities to divert the flight. No explosives were found; the FBI launched a related investigation.

Lizard Squad has been cagey about its motives and declined to say who's funding its DDoS attacks against gaming networks, saying only that they're "interested parties." But whoever's behind Lizard Squad claims that it previously sold "DDoS as a service" to the public, starting at about 300 euros ($370) per hour to disrupt a site.

Sony's Latest Security Setback

The PSN and Sony online store disruption is only the latest of many information security setbacks for Sony, following a massive hack attack against Sony Pictures Entertainment, which resulted in attackers obtaining what they claim are "tens of terabytes" of Sony corporate data and digital media, as well as using wiper malware to erase an unknown number of Sony employees' hard drives and "brick" their computers, which prevents them from booting.

Sony has not responded to repeated requests for comment about the hack, for which a group calling itself the Guardians of Peace - or G.O.P. - has claimed credit.

To date, G.O.P. has reportedly leaked about 40 GB of stolen Sony data, which remains in circulation on BitTorrent networks. The data includes exhaustive lists of Sony's passwords for social media networks, private details for 47,000 employees - including the Social Security numbers for Expendables star Sylvester Stallone and other actors - as well as other HR-related information, including copies of disciplinary letters and termination notices, Mashable reports.

Sony employees recently also received an e-mail, allegedly from G.O.P., warning them that "your family will be in danger" unless they signed their names to an e-mailed petition in support of the hacker's activities. The e-mail also stated that the attacks and leaks to date were "only [a] small part of [a] further plan"'. The attackers declined to elaborate on what that plan entailed.

'Unprecedented' Attack

In the wake of the attacks, many information security experts have been asking if Sony's defenses were sufficient, and whether it should have been able to rebuff attackers. Furthermore, much of the leaked data appeared to be stored in unencrypted format, and security experts say many of the passwords being used by Sony - which were also leaked - were weak.

But a report into the investigation from digital forensics investigations firm FireEye, which was hired by Sony to investigate the attack, suggests that the hack attack that victimized Sony Pictures Entertainment would have compromised most organizations. "The attack is unprecedented in nature," Kevin Mandia, chief operating officer of FireEye, says in a Dec. 6 report addressed to Sony Pictures Entertainment CEO Michael Lynton and also distributed to Sony employees, The Wall Street Journal reports. "This was an unparalleled and well-planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared," Mandia says.

One explanation for the Nov. 24 hack attack - and subsequent data leaks - is that it was commissioned by the government of North Korea, in retaliation for the forthcoming comedy The Interview, in which a tabloid TV reporting team, heading to Pyongyang to interview dictator Kim Jong-Un, are approached by the CIA to kill him instead.

While referring to the film as a "terrorist act," North Korean officials have denied having any ties to the Sony hack. But in a statement issued Dec. 7, a spokesman for the country's National Defense Commission referred to it as a "righteous deed" that may have been launched by its "supporters and sympathizers."

Still Suspected: North Korea

The FireEye investigation team, however, says North Korea is "likely linked" to the attack, three anonymous sources with knowledge of the FireEye investigation tell the Journal, citing as partial evidence the Korean-language and timing of builds - which correspond with working hours in North Korea. But other security experts have said those details could also be "false flags" planted by attackers to fool investigators.

New details about the attack continue to surface. Citing people with knowledge of the investigation - who spoke on condition of anonymity - Bloomberg reports that the Sony data was first leaked from an IP address tied to the five-star St. Regis Bangkok hotel, located in the capital of Thailand, at 12:25 a.m. local time on Dec. 2. But it's not clear if the attackers may have been working from the hotel, or merely routing their data via its systems.

Information security researcher Liam O Murchu at Symantec tells Bloomberg that at least one of the command-and-control servers used by attackers to communicate with the Sony PCs they'd infected with their malware - known as both Destover and Wipal - used an IP address in Bolivia that was also used in the 2013 Dark Seoul campaign that targeted South Korea banks and broadcasters. South Korea has attributed that attack to North Korea, although multiple security experts interviewed by Information Security Media Group have suggested those allegations have not been fully confirmed.

"This is the same group that was working in Korea a year ago," O Murchu says. "There are so many similarities - this must be the same people."

Anti-virus vendor Kaspersky Lab likewise reports seeing "extraordinary" similarities between the wiper attack against Sony, Dark Seoul, and the 2011 "Shamoon" attack against Saudi Arabia's national petroleum and natural gas company, Saudi Aramco.

Kyle Greene's curator insight, October 18, 2017 12:08 PM

This article addresses the hole in Sony's security covering the Playstation network. Sony has been on the receiving end of multiple attacks over the years, and it is because cyber security was never really prioritized in the past. Now Cyber Crime is on the rise and Sony need to find a way to prevent DDoS from occurring, because it has lost them a lot of revenue.!

Cybercrime expert on Sony hack, protecting personal info

A major computer hack of Sony Pictures Entertainment is far from over, as hackers took new movies like "Fury" and "Annie" and leaked them on the internet. Sony executives also confim some of...

Via Paulo Félix
No comment yet.!

How the Sony Pictures attack changed the rules of cybersecurity

How the Sony Pictures attack changed the rules of cybersecurity | IT Support and Hardware for Clinics |

In IT, game changers don't come along very often but when they do, they impact just about everybody. The November attack on Sony Pictures was one such event which overnight forced all of those responsible for an IT organization's security to look again at their preparations for the worst.

According to analyst Gartner, the issues raised by the Sony attacks have not only caused organisations to reevaluate at their security, but also shifted the industry's perception of the best forms of defense.

Firstly, it has underlined the requirement to have formal plans in place to deal with aggressive attacks that are capable of seriously disrupting a business. Secondly, Gartner said, it has shifted the focus from blocking and detecting attacks, to detecting and responding to attacks.

As the analyst points out, although the frequency of a large-scale cybersecurity attack is low, this is no reason to scale back on security. The industry knows this and that's why Gartner expects the number of companies who have a formal plan in place to deal with this sort of attack to jump from zero percent currently to 40 percent by the end of 2018.

Gartner argues that these "business disruption attacks" require new priority from chief information security officers and business continuity management leaders, since aggressive attacks can cause prolonged disruption to internal and external business operations.

Gartner defines "aggressive business disruption attacks" as attacks that are targeted and that can reach deep into internal digital business operations. They are created "with the express purpose of widespread business damage," said Gartner vice president Paul Proctor.

"Servers may be taken down completely, data may be wiped and digital intellectual property may be released on the internet by attackers," he said.

The damage can last for some time after an attack, and the reaction can be widespread. "Victim organisations could be hounded by media inquiries for response and status, and government reaction and statements may increase the visibility and chaos of the attack," he said.

"These attacks may expose embarrassing internal data via social media channels."

IoT a danger, too

Security issues are also raised by that latest darling of the IT industry, the Internet of Things (IoT), Gartner said.

The rise of ubiquitously connected devices has expanded "the attack surface, and commands increased attention, larger budgets and deeper scrutiny by management," the analyst said.

However, there is no need for panic, and "digital business should not be restricted by these revelations." Instead an emphasis must be placed on "addressing technology dependencies and the impact of technology failure on business process and outcomes".

The expectation that digital business is a successful consumer business model relies on IoT devices being "always available," Gartner said, and any interruption during the end-to-end transaction process "means that business transactions may not be completed, thereby negatively affecting customer allegiance and the revenue stream expected from the digital business offering".

In other words, while few doubt the potential benefits the IoT could bring to consumers and businesses, it also poses considerable risks - and these are risks which, like the IoT itself, will only grow in coming years.

Via Paulo Félix
No comment yet.!

Sony Hack Cost $15 Million In Cleanup So Far

Sony Hack Cost $15 Million In Cleanup So Far | IT Support and Hardware for Clinics |
Sony’s Q3 2014 results are out today and we get some insight into what the cyber attack truly cost the company. According to its results, it’s pegged the cost of “investigating…

Via Roger Smith, Paulo Félix
No comment yet.!

How NSA Hacked North Korean Hackers

How NSA Hacked North Korean Hackers | IT Support and Hardware for Clinics |

The U.S. government's attribution of the Sony Pictures Entertainment hack attack to North Korea stems, in part, from the U.S. National Security Agency having infected a significant number of North Korean PCs with malware, which the intelligence agency has been using to monitor the country's hacking force.

So says The New York Times, which bases its report, in part, on interviews with unnamed former U.S. and foreign officials, as well as a newly leaked NSA document. The document, published Jan. 17 by German newsmagazine Der Spiegel - and obtained via former NSA contractor Edward Snowden - details how the NSA worked with South Korea - and other allies - to infiltrate North Korea. The agency reportedly infiltrated at least some of these computers by first exploiting systems in China and Malaysia that help manage and administer North Korea's connection to the Internet.

According to the Times report, the hacked computers have given the NSA an "early warning radar" against attacks launched by the Pyongyang-based government of North Korea. Related intelligence gathered by the NSA also reportedly helped convince President Obama that North Korea was behind the Sony Pictures hack.

North Korea's Reconnaissance General Bureau intelligence service, as well as its Bureau 121 hacking unit, control the vast majority of the country's 6,000-strong hacking force, some of which operates from China, according to news reports.

Fourth Party Collection

Some of the evidence of the NSA's ability to monitor North Korean systems comes from a leaked NSA document, which appears to be a transcript of an internal NSA question-and-answer discussion that's marked "top secret" and is restricted to the U.S. and its Five Eyes spying program partners: Australia, Canada, New Zealand and the United Kingdom. The document refers to the NSA's practice of "fourth party collection," which involves hacking into someone else's hack, according to a Der Spiegel report.

The document relays an episode that involves North Korea: "We found a few instances where there were NK [North Korea] officials with SK [South Korea] implants [malware] on their boxes, so we got on the exfil [data exfiltration] points, and sucked back the data," the document reads.

Der Spiegel reports that this practice, which is employed by the NSA's Tailored Access Operations team, has been used extensively to undermine many hack attacks emanating from Russia and China and has allowed the NSA to obtain the source code for some Chinese malware tools.

But some attacks against U.S. systems did succeed, and one leaked NSA document says that as of several years ago, 30,000 separate attacks had been detected against U.S. Defense Department systems, 1,600 systems had been hacked, and related "damage assessment and network repair" costs had exceeded $100 million.

The NSA document also discloses that South Korea in recent years has begun attempting to hack into some U.S. government systems.

The FBI has previously said that its attribution of the Sony Pictures hack was based in part on intelligence shared by the NSA, although that attribution did not single out the North Korean government, thus leaving open the possibility that pro-Pyongyang hackers or even mercenaries may have also been involved.

The Role of Botnets

On the attribution front, meanwhile, documents newly published by Der Spiegel - and leaked by Snowden - have detailed an NSA program, code-named "Defiantwarrior," which involves the NSA using infected nodes - or zombies - in a botnet. When such nodes are traced to U.S. computers, the FBI reportedly uses the information to help shut down those parts of the botnet. But when nodes are discovered on computers in countries outside the Five Eyes program, the NSA - according to the leaked documents - may use these to launch attacks against targets. While such attacks might be traced back to the botnet node, this practice reportedly helps the agency launch attacks that are difficult - if not impossible - to attribute back to the NSA.

Did NSA Keep Quiet?

The report that the NSA had hacked into many of the systems employed by the North Korean military, and was monitoring them, has prompted information security experts to question whether the agency knew about the Sony Pictures hack and failed to stop it.

"If the NSA were secretly spying so comprehensively on the networks used by North Korea's hackers, how come they didn't warn Sony Pictures?" asks independent security expert Graham Cluley in a blog post.

If the NSA did detect signs of the Sony hack planning, reconnaissance and actual attack unfolding, however, then it might have declined to warn the television and movie studio to avoid compromising that monitoring ability, says Europol cybersecurity adviser Alan Woodward, who's a visiting computing professor at the University of Surrey in England. Similar questions have been raised in the past, for example, over the World War II bombing of Coventry, England, by the Germans, and why - if the British had cracked the Nazis' secret Enigma codes - the U.K. government didn't evacuate the city.

Another outstanding question is the extent to which the leadership of North Korea suspected - or knew - that their computer systems may have been infiltrated by foreign intelligence services. "Presumably, the cat is now out of the bag," Cluley says. "These news stories may take some of the heat off the [United] States from some of those in the IT security world who were skeptical about the claims of North Korean involvement, but it also tips off North Korea that it may want to be a little more careful about its own computer security."

Szymon Mantey's curator insight, January 19, 2015 2:28 PM

Poradnik w jak łatwy sposób zostac shakowanym przez skośnookich  w ktorym to kradną nasze dane osobowe a NSA nie ejst wstanie nic z tym zrobić...!

Obama Imposes Sanctions on North Korea for Hack

Obama Imposes Sanctions on North Korea for Hack | IT Support and Hardware for Clinics |

Holding North Korea responsible for the cyber-attack on Sony Pictures Entertainment, President Obama imposed sanctions on 10 individuals and three entities associated with the North Korean government.

The president ordered on Jan. 2 the seizing of property held by the individuals and organizations in the United States, a mostly symbolic action because few, if any, assets of those designated in the order are likely located in the U.S.

The organizations facing sanctions include the Reconnaissance General Bureau, North Korea's primary intelligence agency; Korea Mining Development Training Corp., or KOMID, North Korea's primary arms dealer; and Korea Tangun Trading Corp., the North Korean agency primarily responsible for the procurement of commodities and technologies to support its defense research and development programs.

"Our response to North Korea's attack against Sony Pictures Entertainment will be proportional, and will take place at a time and in a manner of our choosing," a White House statement says. "Today's actions are the first aspect of our response."

Further Isolating North Korea

The executive order authorizes Treasury Secretary Jack Lew to impose the sanctions. Lew, in a statement, says the sanctions are driven by the government's commitment to hold North Korea accountable for its destructive and destabilizing conduct.

"Even as the FBI continues its investigation into the cyber-attack against Sony Pictures Entertainment, these steps underscore that we will employ a broad set of tools to defend U.S. businesses and citizens, and to respond to attempts to undermine our values or threaten the national security of the United States," Lew says. "The actions taken today ... will further isolate key North Korean entities and disrupt the activities of close to a dozen critical North Korean operatives. We will continue to use this broad and powerful tool to expose the activities of North Korean government officials and entities."

An administration official told The New York Times that these sanctions are a first step to punish the North Koreans for the Sony breach. "The administration felt that it had to do something to stay on point," the official said. "This is certainly not the end for them."

No comment yet.!

6 Sony Breach Lessons We Must Learn

6 Sony Breach Lessons We Must Learn | IT Support and Hardware for Clinics |

After the complete collapse of network security at Sony Pictures Entertainment - in the wake of its data breach - the organization's fundamental mistakes deserve to be highlighted; there are lessons to be learned for all. Here's my macro view of the information security lessons every organization should take away:

1. Watch Your Risk Tolerance. First, Sony Pictures appears to have chosen a relatively high level of risk regarding its information security posture. This conclusion is supported both by comments made by its chief information security officer and by e-mails leaked by the attackers. In choosing that posture, it is highly unlikely that Sony's executives anticipated the consequences that would ultimately befall either their enterprise or the nation. Perhaps many enterprises need to rethink the duty they owe to their neighbors.

 I have always argued that outsiders damage the brand, but insiders bring down the business. Sony may break that rule. 

Sony Pictures is a publishing company. Its "crown jewels" are information assets. Unreleased movies, scripts, agreements with talent, and even technology are Sony's "stock in trade." The compromise of one, or even a few systems on its network should not result in the loss of strategic assets, much less absolutely everything on the network.

2. This is Vandalism, Not War. North Korea was a huge beneficiary of the Sony breach, while the "world's remaining superpower" and another prime adversary - Japan - were both humiliated in name, if not at their instigation. That said, the Sony breach was vandalism, not an act of war. It may even have been purely opportunistic, with a patina of justification added after the fact.

3. Data Exfiltration Must be Caught. The attack used widely available tools against people and weak system and network configurations, rather than exploiting glaring software vulnerabilities. Most significantly, the attack required days to weeks to unfold, and involved all kinds of related, malicious activity, including the exfiltration of hundreds of gigabytes of data - if not more - that should not have gone unrecognized.

4. We're All Vulnerable. We're all at risk from the type of attack that successfully breached Sony. That vulnerability is rooted partly in our culture of freedom, which is valued, but too easily eroded in the face of fear. It is also rooted in our technology infrastructure, which we use widely and depend on heavily, and from which we derive both productivity and comfort. The success of the Sony attack, however, has raised fears - which may or may not be true - that our entire infrastructure is vulnerable to attack, and that as a society we could be not just beneficiaries of the Internet, but also victimized by it.

5. Beware the Business Impact. I have always argued that outsiders damage the brand, but insiders bring down the business. Sony may break that rule. By the time the final cost of this breach is tallied, we will probably have lost interest, but it may be the most damaging attack against a single enterprise that wasn't launched by an insider. I expect that Sony Pictures will survive as a business unit within Sony. Whether it could survive as a stand-alone business is far less certain.

6. These Incidents Make Us All Look Bad. The changing rhetoric from Sony has been less than satisfying. The response of the exhibitors can best be described as craven. The coverage of the media has been gleeful. So far the government has been reduced to the wringing of hands. None of us looks very good. One would like to hope that we take all these lessons to heart, but I fear that in the face of the exponential growth of our information infrastructure, things are likely to get worse before they get better.

The Way Forward

Breaches, of course, are inevitable. But they should not compromise the crown jewels - that intellectual property that is crucial to the business strategy. They should not bring down the business, must not compromise the integrity of the infrastructure, or threaten our freedoms. Some have suggested that the President of the United States should have a "kill switch" that he could use to shut down the Internet so that it cannot be used to attack the power grid or the financial infrastructure. However, since both of these depend on the Internet, this is a solution worse than the problem it sets out to solve.

The solution is this: We must get the fundamentals right. We must use strong authentication and true-end-to-true-end encryption, everywhere. This will increase the time required to successfully execute an attack, make the attack more obvious, and raise the total cost. No less fundamental is the need to improve how we monitor and react. And we can put these fundamentals in place - even if it takes months or years to fully implement - using our available knowledge and tools.

While the Internet is resilient by design, that is a double-edged sword: it ensures availability, but makes it more difficult to address denial of service. Better resisting denial-of-service attacks will require further research, intelligence, new controls, new agreements, and perhaps legislation and treaties. This will take a little longer, but is no less important for making us all more secure.

Rul's curator insight, December 29, 2014 3:42 PM

La multinationale réagit face au piratage informatique dont elle a été victime il y a quelques jours.!

'The Interview' Could Coming To YouTube Tomorrow

'The Interview' Could Coming To YouTube Tomorrow | IT Support and Hardware for Clinics |

Sony will release "The Interview" on YouTube, Brian Stelter of CNN reports. YouTube has tentatively agreed to allow YouTube users to rent the movie.

Business Insider has reached out to Sony for confirmation.

Over the last few days, Sony has reversed its position that the movie will not be shown.

Last week, it decided to pull the movie's premiere in theaters after the five largest theater chains said they wouldn't show it. Sony also implied it wouldn't release the movie online or through a video on demand service.

But on Friday, President Obama told reporters at a news conference that Sony made a "mistake" by caving to the demands of hackers. Also on Friday, the FBI formally blamed North Korea for backing the hacker group that forced Sony to initially pull "The Interview" from theaters.

Since then, Sony has reversed its position and decided to release the movie in about 200 independent movie theaters. Now, it'll be released online too.

No comment yet.!

Is Sony data breach a sign of things to come in 2015?

Is Sony data breach a sign of things to come in 2015? | IT Support and Hardware for Clinics |

Is Sony's data-breach event about to change how hackers go after our personally identifiable information in 2015?

When the news broke that the information of more than 6,800 Sony employees including Social Security numbers, birth dates, and salaries – most consumers, including me, thought "Here we go again" with another typical major data breach event.

However, this is anything but typical. Unlike Target or Home Depot hacks, the Sony breach exposes a new threat realm that includes stealing and exposing health-care information, employee e-mails and project e-mails involving clients, partners and other employees.

Can you imagine private e-mails from your employer, health provider, banker, social media or child's school about your salary, medical records, credit score, child's grades, personal or business relationships going public for everyone to read and see?

In Sony's case, files that were hacked included unreleased movies (even forcing the cancellation of one), thousands of employees' Social Security numbers, executive pay packages and internal e-mails that were uploaded to the Internet. Sony has described this breach as an "unparalleled crime" that is unprecedented in nature.

Sony Pictures now has legal, financial and public relations liabilities in protecting its image, responding to the needs of individuals affected by the breach and complying with state and federal data- breach laws.

I believe we will see more of the Sony-type hacks — targeted attacks specific to both our personal and business information.

I encourage you to check out Experian's just released second annual data breach industry forecast report. Here are some of Experian's 2015 data breach predictions:

- Internet of things. Cyberattacks likely will increase via data accessed from third-party vendors

- Employees will be companies' biggest threat. A majority of companies will miss the mark on the largest data breach threat: employees. Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls.

- Data-breach fatigue will grow among consumers. A growing number of consumers are becoming more apathetic and are taking less action to personally protect themselves.

- Business leaders will face increased scrutiny. Where previously IT departments were responsible for explaining security incidents, cyberattacks have expanded from a tech problem to a corporate-wide issue. With this shift, business leaders are being held directly accountable.

- More hackers will target cloud data. Cloud services have been a productivity boon for consumers and businesses. However, as more information gets stored in the cloud and consumers rely on online services for everything, the cloud becomes a more attractive target for attackers.

Mark's most important: Set goals in 2015 to focus on risk management and cybersecurity. Be proactive and prepared for a broader range of hacking threats.

Claudia Stevenson's curator insight, December 29, 2014 3:19 AM

The future of online security and privacy.!

Sony Breach: Studio Cancels Film Release

Sony Breach: Studio Cancels Film Release | IT Support and Hardware for Clinics |
One day after hackers made a "terror" threat against movie theaters and theatergoers - in relation to the release of the forthcoming Sony Pictures Entertainment comedy "The Interview," the studio canceled the release of the film.

See Also: Healthcare Data Breaches: Have We Learned Anything?

"In light of the decision by the majority of our exhibitors not to show the film, we have decided not to move forward with the planned Dec. 25 theatrical release," the company says in a statement sent to USA Today on Dec. 17. "We respect and understand our partners' decision and, of course, completely share their paramount interest in the safety of employees and theater-goers."
Related Content

Cybersecurity Seen as DoD Priority Under Carter
Gameover Zeus Trojan Continues Resurgence
Does U.S. Truly Want Cyber Peace?
Cyber Framework: Setting Record Straight
The 'Disappearance' of Keith Alexander

Related Whitepapers

2014 Report: State of Security Operations
Threat Intelligence and Incident Response: A Study of U.S. and EMEA Organizations
The New Art of War: 2014 Targeted Attacks Study
What CSOs Need To Know About Software-Defined Security
Securing Cloud Workloads

Following the threat, the U.S. Department of Homeland Security said in a statement that "at this time there is no credible intelligence to indicate an active plot against movie theaters within the United States."

Sony Pictures did not immediately respond to a request for comment.

"The Interview" stars James Franco and Seth Rogen - who also co-directed - as a tabloid TV reporting team who land an interview with North Korean dictator Kim Jong-un in Pyongyang, but who get approached by the CIA to instead assassinate him.
Theater Chains React to Warning

A group that calls itself the Guardians of Peace, which claimed responsibility for the hacking of Sony Pictures Entertainment, said in a Dec. 16 warning: "Remember the 11th of September 2001. We will clearly show it to you at the very time and places 'The Interview' be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. ... We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you'd better leave.)"

The warning was contained in a message posted to the FriendPaste and Pastebin text-sharing websites, by G.O.P. following the group's damaging Nov. 24 wiper malware attack against Sony Pictures, as well as its ongoing anti-Sony public relations campaign, which to date has seen the group reportedly release tens of gigabytes of stolen Sony data.

In response to G.O.P.'s threat, Sony Pictures had told theaters that it will allow them to decide whether they want to show the film. On Dec. 16, Carmike Cinemas - the fourth-largest U.S. exhibitor, by number of screens - said it wouldn't show the film, The Wall Street Journal reported.

Following Carmike Cinemas' decision, Regal Entertainment, AMC Entertainment, Cinemark and Cineplex Entertainment all decided not to show the film, according to Yahoo.

The National Association of Theatre Owners issued a statement about theater operators' decisions not to show the film.

"The ability of our guests to enjoy the entertainment they choose in safety and comfort is and will continue to be a priority for theater owners," the association said. "We are encouraged that the authorities have made progress in their investigation and we look forward to the time when the responsible criminals are apprehended. Until that happens, individual cinema operators may decide to delay exhibition of the movie so that our guests may enjoy a safe holiday movie season experiencing the many other exciting films we have to offer."
Buying Time?

Al Pascual, director of fraud and security and Javelin Strategy & Research, tells Information Security Media Group: "I suspect that this is a move designed to buy Sony time, with the hope that they can triage the fallout from the breach from a business perspective and continue the investigation to identify those responsible.

"Sony can never be sure that the G.O.P. would hold up any end of a bargain to not release additional information if they canceled 'The Interview' permanently, and further still, the G.O.P. could release additional information at a later date to pressure the company on another initiative. If Sony is honestly going to cancel this movie in reaction to the demands of the G.O.P., it is both naïve and sets an incredibly dangerous precedent."
New Details

A G.O.P. message earlier this week said that although the group had already released numerous batches of Sony information, it was building toward a bigger "Christmas present" for the movie and television studio (see: Sony Breach Response: Legal Threats).

Then on Dec. 16, it issued a message including links to torrent files and file-sharing sites that contained what the group describes as its "1st Christmas gift," which is the Outlook mailbox for Sony Pictures Entertainment Chairman and CEO Michael Lynton. According to various press reports, 32,000 e-mails to and from Lynton have been released, dating from 2013 through to Nov. 21, 2014, which was just three days before Sony Pictures suffered the wiper malware attack that reportedly led the company to issue new laptops to numerous employees.

Earlier this week, two former employees filed a lawsuit against Sony, claiming that it had failed to protect their private information. The plaintiffs are seeking class action status.

Since then, another two employees have filed a class action lawsuit against the company, according to the Hollywood Reporter, alleging it failed to implement and maintain reasonable security policies and procedures "appropriate to protect its current and former employees' and associates' personal information."
No comment yet.!

Sony Just Created A New Google Glass Competitor That Attaches To Your Current Glasses

Sony Just Created A New Google Glass Competitor That Attaches To Your Current Glasses | IT Support and Hardware for Clinics |

While startups and large companies like Google are busy developing smart glasses, Sony has just invented a device that clips on to your current eyewear to add those same features (via The Verge). 

The device itself is a module that clips on to your glasses and essentially adds a small 640 x 400 pixel display, a camera, and a processor.

Sony claims the tiny screen is capable of showing high-quality full color photos and videos, and the processor inside is about on par with what you'd get in today's smartphones. 

The benefit of this type of gadget over something like Google Glass, according to Sony, is that you can clip it on or take it off whenever you need to.

You're not committed to wearing it all the time like you would be if you wore a prescription version of Google Glass.

Here's what you would see while looking through Sony's gadget.

It looks like the experience will be very similar to that of Google Glass, but specialized for certain use cases like sports. 

Judging by Sony's renders, it looks like the gadget will be rather bulky, so chances are you won't want to wear it all the time.

It sounds like Sony plans to license out the technology to eyewear and tech companies rather than releasing it as its own consumer product, and mass production is expected to kick off within the year. 

It's a different approach that what we've seen from most companies getting into wearable tech, but it's unclear if this will actually appeal to consumers. Even Google has been having a hard time convincing everyday consumers to wear computerized glasses, it seems, as The Wall Street Journal says the next version of Glass will be geared toward hospitals and other enterprise use cases.

No comment yet.!

Experts Question Sony Hack-Back Story

Experts Question Sony Hack-Back Story | IT Support and Hardware for Clinics |

Information security experts are questioning the accuracy of a news report that claims Sony Pictures Entertainment is attempting to "hack back" to disrupt distribution of stolen Sony files.

The report on the news website Re/code, which is affiliated with CNBC, cites two anonymous sources saying that "the company is using hundreds of computers in Asia to execute what's known as a denial-of-service attack on sites where its pilfered data is available."

Multiple information security experts, however, have questioned that account. "I highly doubt Sony is doing this," Tom Chapman, director of the security operations group at computer security firm EdgeWave, tells Information Security Media Group. "And I highly doubt this would work. As for the legality, [it's] probably highly illegal."

What Sony might be doing, however, some experts speculate, is attempting to disrupt BitTorrent networks on which the stolen files are currently circulating by sending the "peers" that are attempting to download the file to sites where only bogus versions of those files are being stored. "Screwing with torrents is as old as torrents, and even if it were 'hacking,' which it isn't, it isn't hitting the attackers," says Jack Daniel, a strategist at vulnerability detection vendor Tenable Network Security.

Sony has failed to respond to repeated requests for comment on the hack attack against it.

Attackers Threaten Further Releases

Meanwhile, a group calling itself Guardians of Peace, or G.O.P., which claimed credit for the Sony attack, is continuing to release more of the "tens of terabytes" its claims to have stolen.

In an e-mail sent to Information Security Media Group on Dec. 11, someone claiming to be part of G.O.P. included links to multiple sites that contain a message from the group that includes links to download a sixth batch of leaked data, which attackers claim includes the Outlook mailbox for Sony's general counsel, Leah Weil, who joined the company in 1996. That leak follows the reported release of the Outlook mailbox for Sony Picture Chairman Amy Pascal.

G.O.P.'s latest message includes a warning to all Sony's employees. "We still have huge amount of sensitive information to be released including your personal details and mailboxes," it says. "Make the company cancel the release of the movie of terrorism, or you have to be blamed for it," it adds, apparently referring to Sony's forthcoming comedy The Interview, which according to leaked e-mails features Kim Jong-un's head exploding after he gets hit with a shell fired from a tank, Reuters reports.

Sony's Breach Costs Mount

Sony information that's already been leaked to date - beyond high-quality copies of five unreleased films - has included exhaustive lists of Sony's passwords for social media networks, as well as private details for 47,000 employees.

As more and more such information - including Social Security numbers and other personally identifiable information on current and former employees - becomes public, and the related risk of identity theft increases, some commentators have been asking just how much Sony is going to have to pay to repair the damage.

Of course, that question can't yet be definitively answered. Full details of the Sony attack have yet to come to light, and the full ramifications of the data breach - including whether it might drive big-name stars, directors and writers to competing studios - probably won't be known for at least another six months, Jim Lewis, senior fellow at the Center for Strategic and International Studies, tells Reuters. "Usually, people get over it, but it does have a short-term effect," he says.

Still, Lewis believes that Sony's related breach costs could hit $100 million, although he notes that the costs would be higher had Sony lost customer data, as happened in the April 2011 attack that compromised the personal information of 77 million PlayStation network and Qriocity customers, triggering a U.K. fine and a U.S. class action lawsuit that Sony ultimately settled.

No comment yet.!

Sony data breach: how not to protect your passwords

Sony data breach: how not to protect your passwords | IT Support and Hardware for Clinics |

Sony Pictures Entertainment faces being left completely red-faced after reports began to emerge that it contributed to its latest data breach by storing thousands of passwords in a folder entitled "Password".

Personal details of some 47,000 employees and actors have been leaked online in recent days and the much-publicized leak contains confidential details including social security numbers and reams of other tidbits, according to The Telegraph.

The controversially named "Password" folder contains 139 Word documents, Excel spreadsheets, zip files and PDFs that give access to passwords and usernames for everything from internal computers to social media accounts.

One of those files, which has been seen by BuzzFeed, contains scores of usernames and passwords to various social media accounts thus giving anyone easy access to Facebook, MySpace, YouTube and Twitter accounts linked to the firm.

Sony hasn’t spoken publicly about the hack and the only noises came in an internal company-wide memo from CEO Michael Lynton and co-chairman Amy Pascal that called it a "brazen attack on our company, our employees and our business partners".

Sony’s leak comes at the same time that a clutch of high profile upcoming films were made available online with many reports pointing the finger at North Korea in retaliation for an upcoming film that pokes fun at the country.

Since then, the country has come out to deny that it is responsible for the hack and called claims that it had anything to do with it "another fabrication targeting the country".

The film in question, The Interview, stars Seth Rogan and James Franco and centers on a fictional plot by the US government to assassinate North Korea’s leader, who bears an uncanny resemblance to the real life leader Kim Jong-un.

Employees at Sony Pictures, who are some of the worst affected, aren’t likely to be surprised at the leak given that former workers told Fusion that the company’s "long-running lax attitude towards security" is likely to blame.

No comment yet.!

Devastating malware that hit Sony Pictures similar to other data wiping programs

Devastating malware that hit Sony Pictures similar to other data wiping programs | IT Support and Hardware for Clinics |

A malware program with data wiping functionality that was recently used to attack Sony Pictures Entertainment bears technical similarities to destructive malware that affected organizations in South Korea and the Middle East in the past.

Security researchers from Kaspersky Lab, Symantec and Blue Coat Systems independently reported that Trojan Destover, the malicious program used in the Sony Pictures attack, relied on a legitimate commercial driver called EldoS RawDisk to overwrite data and master boot records.

That same driver was used by a piece of malware called Shamoon that is believed to have been used in August 2012 to render up to 30,000 computers inoperable at Saudi Aramco, the national oil company of Saudi Arabia.

A previously unknown hacktivist group called the Cutting Sword of Justice took credit for the attack on Saudi Aramco through a series of posts on Pastebin. The group said it targeted the company because it was the main financial source for Saudi Arabia’s Al Saud regime, which the group claimed supported oppressive government actions in countries like Syria, Bahrain, Yemen, Lebanon and Egypt.

The attack against Sony Pictures Entertainment was carried out by another previously unknown group called the Guardian of Peace (GOP), which claimed to have targeted the company because “Sony and Sony Pictures have made terrible racial discrimination and human rights violation, indiscriminate tyranny and restructuring in recent years.”

The sharing of a third-party driver is not enough evidence to establish a direct link between the two malware programs, but it is possible that the Destover creators copied techniques from Shamoon, especially since the EldoS RawDisk driver is an unusual choice for implementing data wiping functionality.

Both Destover and Shamoon stored the EldoS RawDisk driver in their resource sections and both were compiled just days before being used in attacks, researchers from Kaspersky Lab said in a blog post.

Destover shares even more commonalities with another wiper malware program called DarkSeoul or Jokra that affected several banks and broadcasting organizations in South Korea in March 2013.

“The malware used in the Jokra attacks contained code that did not begin wiping the hard drive until a set time period expired,” researchers from Symantec said in a blog post. “Destover is also configured to perform a delayed wipe. Furthermore, media outlets in South Korea have reported that a number of similar file names were used in both attacks.”

The Jokra attacks were accompanied by website defacements that displayed a message from an obscure group of hackers called the Whois Team. “This is the beginning of our movement,” the message said. “User accounts and all data are in our hands.”

The GOP also left a message for Sony Pictures informing the company that it had obtained its internal data and both GOP’s and Whois Team’s messages were accompanied by images of skeletons, though this might be a mere coincidence.

“Just like DarkSeoul, the Destover wiper executables were compiled somewhere between 48 hours prior to the attack and the actual day of attack,” the Kaspersky researchers said. “It is highly unlikely that the attackers spear-phished their way into large numbers of users, and highly likely that they had gained unfettered access to the entire network prior to the attack.”

A more direct connection was established by Symantec between Destover and a backdoor program known as Volgmer that allows attackers to retrieve system information, execute commands, upload files, and download files for execution.

“Some samples of Destover report to a command-and-control (C&C) server that was also used by a version of Trojan.Volgmer crafted to attack South Korean targets,” the Symantec researchers said. “The shared C&C indicates that the same group may be behind both attacks.”

The apparent links between Destover and malware that was used to target South Korean organizations will likely fuel ongoing speculation that North Korea might be behind the attack against Sony Pictures Entertainment, supposedly as retaliation for an upcoming comedy film called “The Interview” in which two reporters are asked by the CIA to assassinate North Korean leader Kim Jong Un. North Korea reportedly denied its involvement in the attack.

These commonalities “do not prove that the crew behind Shamoon is the same as the crew behind both DarkSeoul and Destover,” the Kaspersky researchers said. “But it should be noted that the reactionary events and the groups’ operational and toolset characteristics all carry marked similarities. And, it is extraordinary that such unusual and focused acts of large scale cyber-destruction are being carried out with clearly recognizable similarities.”

No comment yet.