Discussion: North Korea-Linked Sony Hack May Be Most Damaging Ever

Discussion for article #231318

I thought Sony was a Japanese business? Yes I know they have operations in the US and are considered a multinational corporation but to call them a US company is a stretch. It is the information that they hacked that is being leveraged not the fear of a terrorist attack. Not many North Korean sympathizers outside of North Korea.

This is an attack on our most important liberty - our freedom of speech.

“The attack is possibly the costliest ever for a U.S. company, said Avivah Litan, a cybersecurity analyst at research firm Gartner.”

My thoughts exactly. Sony is a U.S. company? Since when? Whassup, Avivah?

The real question?
Had Sony shown any propensity to strike North Korea premptively?
Lord knows they’ve produced some big and costly bombs.

jw1

North Korea has denounced the “The Interview” but earlier this month said the hack might have been carried out by sympathizers.

Dennis Rodman?

I’m willing to be this movie is now going to make a bazillion dollars in DVD/Blue Ray sales and contracts with Netflix etc.

Great. Cyber war gives Wall Street a new, improved and altogether wonderful opportunity to crash at the expense of the U.S. Treasury. DOD has no doubt spent megatons of cash on cyber war R&D. Yet the clear vulnerability of the internet to spying and disruption has not kept the Finance Investment and Real Estate (FIRE) sector from integrating the web into every aspect of their business. Smart FIRE executives are already seeking to contract the services or Guardians of Peace to tank their competitors.
I predict Al Gore will finally get full credit for the existence of the internet from his detractors when it hits the fan.

haphazard practices are common across corporate America.

Wind With The Gone…

The Internet cannot be made secure in an ad hoc fashion. The National Science Foundation has been warning about this for 20 years and has advocated for an Internet 2.0, designed from the ground up for security. Their pleas have fallen on deaf ears, as both corporations and the Institutions of gov’t have proceeded with all due haste to put their most mission critical dependencies and business processes online using technology that can NEVER be completely defended.

Madness. Obtuseness. Greed.

Sony pictures is, in fact, a U.S. corporation. It’s a U.S. subsidiary of the Japanese conglomerate that operates as a separate business unit.

Especially greed. It’s all about keeping up the profit levels right now so the stock price stays high and the shareholders remain happy. Everything else is a problem to be dealt with another day (and likely by someone else).

I find myself simultaneously stunned that any movie company would piss away all this free publicity by knuckling under to fear that a foreign state with a large part of the U.S. military on its border would commit an act of war against the U.S. and likewise amazed that the country that’s been posting one crazy-ass video after another triumphantly portraying Obama and Congress burning in the flame of nuclear attacks launched by animated non-existent rocket planes and non-existent ICBM’s really has the chutzpah to have this level of butthurt over what would have been yet another Seth Rogen flop.

My understanding of it not being shown is Sony’s reaction to theaters that decided not to show it out of fear of retaliation. Although I think that the odds that someone would carry out such a retaliation in North Korea’s name would have be to close to nil.

I agree that the film would’ve probably been a flop if it were left to premiere on its own, but I really can’t stand the idea of Sony, et al just flat-out caving to pressure like this. And besides, I really can’t stand James Franco. The man cannot act!

As Chris Rock tweeted: “I wanted to CHOOSE not to see The Interview”

I thought you were going to say the right to not watch a Seth Rogen movie until it pops up on cable some night when you’re half in the bag. But yeah, same thing.

Strange how after a crazed gunman shot up a theatre at the premiere of Batman, Batman was pulled… nowhere. And immediately after there were a series of sketchy copy cat incidents and arrests at Batman screenings. Didn’t matter. That movie went on to make almost half a billion dollars. https://en.wikipedia.org/wiki/2012_Aurora_shooting#Related_incidents

It would only take one nutbag with a gun in a theater on Christmas Day to make it not worth it for the theaters. What were theaters supposed to do in the name of public safety versus what should Sony do in the name of freedom of speech? Unfortunately, those two things are at odds. While adults might choose to see the film to flip North Korea the bird, the kids in the Smurf movie next door are also at risk.

Sony should find a way to stream it all day Christmas and claim a victory for artistic freedom and make the point that distribution isn’t something that can be stopped. Inconvenienced, but not stopped.

Earlier this week, four former employees sued Sony for not protecting their private information from hackers. The lawsuits seek class-action status on behalf of the nearly 50,000 Sony Pictures employees whose Social Security numbers and other private data was exposed.

This sounds so banal, hum drum, yeah-yeah. What actually happened here? 50,000 people who haven’t worked at Sony for years had their SS numbers, birthdates, medical records, and HR reviews ripped off Sony computers and dropped into public spaces where the usual bad guys have free access. What happens when Target “loses” your credit card info? It’s a major pain and you have to cancel that card and get another. If you don’t find out soon enough, you may get hit with ID theft and it takes a couple of years to put it right. What happens if Sony “loses” your SS number, birthdate, mother’s name, etc.? Now you are open to lifetime repeated ID theft. My 6 yr old grandchild can look forward to a lifetime of ID insecurity. Can you change a SS number? Theoretically:

Although SSA does not routinely assign new numbers, they will do so when a victim requests a new SSN and provides evidence that he/she has tried to resolve the problems brought on by identity theft but continues to be disadvantaged by the SSN misuse.  Disadvantaged by misuse of the SSN means that the misuse has caused you financial or personal hardship within the past year.

Examples of disadvantage by misuse of the SSN:
-Past SSN misuse causes a recent application for a home mortgage to be denied.
-The IRS questions a tax return because of unreported earnings, a result of someone using another individual’s SSN to work.
-An individual’s SSN was misused to obtain credit several years ago, but documented attempts to correct his/her credit record have been unsuccessful
-Past SSN misuse causes an individual to be arrested whenever he/she is stopped for a traffic violation.

Narrative from someone who did get a new SS number:

To be honest, this action has brought almost no benefits. In fact, it caused a lot of problems. It was easier to get a mortgage with bad credit (albeit at 10.5% interest) rather than a credit-less SSN. At work the change in my SSN affected my ability to do payroll direct deposit, cancelled my telephone card, changed my medical policy and my 401K allocation.At home, it meant I could not get cheaper car insurance, even though I have no tickets or accidents. It also meant banks refused to deal with me and one opened up fraud investigations on me as they could not get a credit record for me (they also refused to return my deposit that opened the account). One of the credit bureaus cross-referenced the old and new SSNs (they refuse to say how they did this) and so all the old bad credit moved to the new numbers. In the meantime, most of the bad credit has been removed from the old SSNs, mostly due to constant calling of the companies’ fraud departments.

So not so ho-hum. What can these 50,000 people do to protect themselves for the rest of their lives? They can stay contracted with ID security firms (like the one dispensing the advice above) which spend 24/7 monitoring their credit and activity. These firms are set up so that the client needs to give positive authorization for any significant financial activity like setting up a bank account, taking out a loan, buying property, buying a car, etc. Sony is offering it’s current employees one year of such protection, after which they’ll need to pay for it every year. The ex-employees cited above are suing for the same coverage. New groups of ex-employees might well ask for lifetime coverage for them and their affected family members like my grandchild who is way too young to understand any of this.

Who cares about their stupid film? Let’s talk about their lax to non-existant security regarding employees. Let’s talk about why employee records 5+ years past said employees moving on are still on active servers. More care needs to be directed at the rank and file of overworked and underpaid current and former employees vs. “OMG, she said what about Angelina?!”

There’s a difference between liability for a lone gunman without prewarning and failing to act when warned. In this case, the theaters got a warning. We might think it’s all b.s. but let’s say they show the film, an incident happens, someone is hurt = lawsuit. Is Sony going to indemnify the theaters for that eventuality? No. So…

Costliest ever for a US company?

Sony is a Japanese company.