back to article Sony employees face 'weeks of pen and paper' after crippling network hack

Sony Pictures still hasn't recovered from a comprehensive attack on its computer networks – and staff have been reduced to doing their work by hand – according to insiders. This notice stuck on lifts at Sony Pictures in London.. pic.twitter.com/RMZcQhjfYI — James Dean (@JamesDeanTimes) November 28, 2014 The infiltration by …

  1. Mark 85

    Er... didn't work.

    The trouble at Sony may be worth bringing up the next time your managers question the IT security team's budget. Saving pennies will make firms look very, very silly when the bill comes in after a comprehensive ransacking of systems by black hats.

    Tried that approach after the Target hack.. answer back: "They're retail. We have nothing in common with them.". The "nothing in common" thinking is the hard part to work around. That and management looking at the bottom line and bonuses.

    1. Anonymous Coward
      Anonymous Coward

      It never does

      Problem is that IT seems to be treated as a necessary evil by most companies.

      They know they need it and so will tolerate it, but it's treated like a loyal dog. Keep it happy, use it, but you don't ask it what you should do.

      It's a tool the company uses, rather than a fundamental part of the company.

      I've got mixed feelings on this (speaking as an employee of a notionally tech company, and hence the anonymous post).

      It would be lovely if our CTO was capable of more than screaming 'CLOUDS!!' on investor calls, but then if he actually was in a position to understand and lead the company's tech, there'd be so much less scope for the rest of us to occasionally be perceived as utterly amazing by simply doing the blindingly obvious.

      1. jake Silver badge

        @AC (was: Re: It never does)

        Actually, IT is considered "overhead", not "profit center". If you are a part of "overhead", you are not making money, and therefor don't have a voice.

        Manglement may, or may not, eventually comprehend that things have changed in the last 50 years (the idiot who was my professor for my MBA 20 years ago certainly didn't).

        1. Destroy All Monsters Silver badge
          Holmes

          Re: @AC (was: It never does)

          eventually comprehend that things have changed in the last 50 years

          > 2014

          > C is still being taught at uni in "muh computer science"

          How do you expect management to catch up (they have just arrived at the deming cycle)?

          1. jake Silver badge

            That's "Shewhart cycle", DAM (was: Re: @AC (was: It never does))

            Deming himself referred to it as Shewhart cycle. I don't necessarily agree with all of the premises involved in the massive, muddy overview of the concept as taught at Uni.

            In other news, like it or not, most of the world's current useful computer operating system kernels have been written in good old fashioned K&R C.

            Manglement has no concept of the reality of the above two short paragraphs.

  2. Anonymous Coward
    Anonymous Coward

    Fitting

    Sony perpetrated one of the greatest computer attacks in history against consumers, for which no one was punished save a few minor law suits, so it's fitting that they are now themselves the subject of attack.

    Never buy Sony.

    1. Mike Flugennock
      Thumb Up

      Re: Fitting

      Damn straight, man. Payback's a bitch.

      I can't pretend I'm not enjoying this.

      1. Anonymous Coward
        Anonymous Coward

        Re: Fitting

        Two wrongs don't make a right but I would dearly love to hear this was done partly with their own root kit.

        "I can't work out how to get rid of this stuff, it's on everything we have touched"

  3. Mike Flugennock
    Thumb Up

    Ah, there's good news tonight!

    It couldn't have happened to a nicer greedy-assed, crappy movie-making, price-gouging, surreptitious rootkit-installing, fat, bloated corporation

    1. Mark 85

      Re: Ah, there's good news tonight!

      Hmm... nice list to choose from. Pity it's all AND and not OR. If so, that would describe many corporations. On second thought, the first applies to ALL... I'll have to rethink the logic tree. Maybe "pick any 3"?

  4. cantankerous swineherd

    back to the future.

  5. Anonymous Coward
    Anonymous Coward

    After the meltdown, a Sony drone was heard to wail: 'but I only tried to play one of our CDs at work!"

  6. Duffaboy
    FAIL

    I can't wait

    For the movie about it

  7. Anonymous Coward
    Anonymous Coward

    "pen and paper"?

    Luxury!

    1. Anonymous Coward
      Anonymous Coward

      Re: "pen and paper"?

      Wow! Is there anyone stil mastering the (black) art of hand writting ?! How do they do that, are they holding the pencil between their two big thumbs like when they're texting ?

  8. Christian Berger

    And miraculously...

    ... the supposedly lowered productivity of those people will have no real effect on the real world. It's not like this affects any of the parts of Sony that actually do something... like building electronics.

    Those are the parts of Sony we could probably live without, the parts which manage licensing rights, the parts that do marketing and advertisements.

    Other than that, I don't believe Sony's IT department has done more things wrong than any other IT department of your typical mega corporation. It's hard to secure Windows desktops, the logical solution, switching to a few big application servers which get reset to a known good image every night is not wanted by some people.

    1. This post has been deleted by its author

  9. Suricou Raven

    Did they show their hand too early?

    The twitter fun was a nice stunt, but long-term I can't help thinking it would have been more damaging to continue stealthy infiltration and document-leaking. I'd have set my sights on the real juicy stuff: Finance reports from sony pictures demonstrating just how bad their accounting is (In any other industry, it'd be considered tax evasion), contracts documenting dubious business dealings. Maybe even use the trust relationships to advance from media to technology. Once you've managed to empty several major fileservers of their precious documents, then you release some drive-eraser malware to obstruct any investigation and take over social media to publicise your good work.

    1. Fatman
      Joke

      Re: Did they show their hand too early?

      Once you've managed to empty several major fileservers of their precious documents, then you release some drive-eraser malware to obstruct any investigation and take over social media to publicise your good work.

      Be careful there!!!

      They might sic the MAFIAA after you!!!!

  10. Destroy All Monsters Silver badge
    Trollface

    The question is...

    ....did they get the Dixie Flatline's personality construct out of Sony's vault?

    Case flipped to cyberspace and sent a command pulsing down the crimson thread that pierced the library ice. Five separate alarm systems were convinced that they were still operative. The three elaborate locks deactivated, but considered themselves to have remained locked. The library's central bank suffered a minute shift in its permanent memory: the construct had been removed, per executive order, a month before. Checking for the authorization to remove the construct, a librarian would find the records erased.

    The door swung open on silent hinges.

    `0467839,' Case said, and Molly drew a black storage unit from the rack. It resembled the magazine of a large assault rifle, its surfaces covered with warning decals and security ratings.

    Molly closed the locker door; Case flipped.

  11. Dave Stevens
    FAIL

    Not even close

    Sony, the parent corporation, is best known for installing rootkits on people's PCs, back in the mid-2000s.

    If Sony is known for anything, that's the Walkman.

    Of course, Sony Music, or yet better Sony BMG is mostly known for the CD copy protection rootkit scandal of 2005–2007.

    Sony BMG Music Entertainment was a 50/50 venture between Sony Music and Bertelsmann Music Group, some low ethics German outfit. Headquartered in NY with a CEO named Rolf Schmidt-Holtz.

    The rootkit was in fact a commercial product, MediaMax CD-3, developed by SunnComm. I seem to remember that SunnComm was a British outfit, but their current website is in Chinese. That seems right.

    1. Greg J Preece

      Re: Not even close

      While I agree with the sentiment, these days if you say "Sony" to someone the next word out of their mouth is likely "PlayStation".

      1. MJI Silver badge

        Re: Not even close

        For me it was Trinitron - the best CRT TVs ever,

        Then their VCRs so good at what they did, a friend had a C9, but I out did him with a 950

    2. Clive Galway

      Re: Not even close

      "The rootkit was in fact a commercial product".

      Which illegally used open source code written by Jon Johansen, AKA "DVD Jon", whom they sued for reverse-engineering DeCSS.

      But let's not let that get in the way of a good shilling, eh?

  12. Jove Bronze badge

    Back to the Stone Age

    I don't think I can use a pen for more than 30 minutes these days.

    1. Dylan Fahey
      Facepalm

      Re: Back to the Stone Age

      What's a 'pen' ?

  13. Rainer

    In other news...

    Productivity at Sony has skyrocketed, as people can no longer check Twitter, Facebook, Tumblr, Flickr, WhatsApp, three different private email-accounts, Tinder and the corporate email stream between typing three words of a work-related email that is sent to pretend they are actually working.

    1. Anonymous Coward
      Anonymous Coward

      Re: In other news...

      they still have private smartphones that they can use for that and if anybody wonders, they will claim that they try to work

  14. Haro

    Follow the money

    Sony now says North Korea paid for this to be done, because of their heroic work in the movie biz. Look for a lot of counterfeit bills coming out of a basement in New Jersey.

  15. batfastad

    Restructuring

    Normally internal restructuring costs £$€ in consultants and redundencies. This hack might do the job for alot less. Which surely Sony will be happy about as aren't they basically going broke in an agonisingly slow manner?

    A mid-manager pipes up, I know what will save us, a new proprietary memory card format! Also that useful functionality in product X? Lets kill it off in the next firmware.

  16. Anonymous Coward
    Anonymous Coward

    my heart bleeds

    This is what will happen when you try to rule the world via Betamax and root kits.

  17. roger stillick
    Pirate

    Sony makes great Things, Everything else is the Problem...

    REF= Wiki, Sony... somehow a manufacturing company becomes a Multi-National Corporation with all kinds of IP and Insurance Policies to sell...Stuff eventually ends up a China maker thingy...on a subsidorary company (PS-4 seems to be just fine) within the Sony Group. Those pesky Blue-Ray and DVD CD's with game, movie and TV shows on them are still needed for the PS-4 to do anything other than Netflix TV ...output to HD monitor and Sonus Sound Bar...NOTE= all of this can be done w/ a single I7 Haswell chip on Intel capable gaming motherboards (whole thing makes excellent Work Stations).

    IMHO= Everything else Sony does beside making the PS-4 seems to be hated universally worldwide...someone in Sony Corporate should be working on rehabing their image= being hated doesn't sell much stuff, or make much money.

    All= Security needs to be part of IT and Corporate worldwide, simply p/o the Cost of Doing Business, 'CODB', hopefully out of bean-counter's area of responsibility...then nonsense like this Sony Hack will be a lot less common...RS.

  18. Anonymous Coward
    Anonymous Coward

    Sony employees face 'weeks of pen and paper' after crippling network hack

    Never forget that In North Korea,"The penis mightier than the sword."

    I don't know about megastars' details being pinched but I do know President Hairstyle used to pinch a Nicki Minaj inflatable doll's bum to get himself into the mood - but he had it shot because it began to leak and kept going down on him.

  19. Paul

    why didn't they just hand out live linux cds? or USB thumb drives?

    it would probably be cheaper than paying all the conslutants to clean everything up.

    1. Anonymous Coward
      Anonymous Coward

      Linux will not work at Sony

      because there's no DRM in it.

  20. Florida1920
    Terminator

    No justice

    Here's the problem. If you're good at security and your company is never penetrated, you'll have a hard time proving it wasn't pure luck. After a while, the bean counters start looking at your budget the way a fox looks at a chicken. If they cut your budget and security slides, it won't be a bean counter falling on his/her sword when the Huns breach the walls.

    We could hope the Sony breach will scare the bean counters into paying attention. We could as well hope that Santa Claus is real.

    Releases of further purloined data stopped when Sony decided not to distribute The Interview. That suggests that when they said they weren't behind the scheme, the Norkies were telling porkies. Now that the movie is going into limited release, may we expect another bushel of confidential data? Or did that "accidental" shutdown of NK's Internet access get the point across?

    Happy Hols, all. We'll be having pasta and turkey meatballs for dinner.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like