FBI '-- Update on Sony Investigation
Fri, 19 Dec 2014 19:11
FBI Mobile SiteYour search did not match any documents.
The FBI does not investigate all kinds of criminal activity. To see the categories of federal laws that the FBI does investigate, see our What We Investigate webpage.If you are looking for information about yourself or a case you are involved in, you must submit a Privacy Act request.The FBI does not comment on all current, ongoing cases. See our field press releases for public information on our investigations.The FBI is limited in the amount of information and photos it can provide on wanted fugitives and missing persons. We also do not investigate all fugitives or missing persons in the United States; many cases are handled by local authorities or other federal agenices.To find crime statistics in your area, please see our Crime Statistics webpage.The FBI does not have a national e-mail address for public questions or comments. Some of our local FBI offices, however, do have their own e-mail addresses. See our Contact Us page for more contact information.To find high resolution photos, go to our Photo Gallery.If you are looking for an FBI job application or open vacancies, go to the FBI Jobs website.If you wish to talk directly to an FBI representative, please call (202) 324-3000.
North Korea proposes a 'joint investigation' with US to prove its innocence in Sony hack | The Verge
Sat, 20 Dec 2014 16:32
North Korea is continuing to deny any involvement with the devastating cyber attack on Sony Pictures. But the entire affair just got even stranger: foreign ministry officials have announced through the government's state-run news agency that "we propose a joint investigation with [the US] into this incident." The government then warned that there will be "grave consequences" if the US continues its "groundless slander" of North Korea and rejects its proposal of a joint investigation. Officials also added, "Without resorting to such tortures as were used by the CIA, we have means to prove that this incident has nothing to do with us."
The statement is the first response from North Korea since President Obama addressed the hack with the press, vowing that "we will respond, we will respond proportionally, and in a place and time that we choose." He also criticized Sony's decision to yank The Interview, saying that "We cannot have a society where some dictator someplace can start imposing censorship here in the United States." President Obama's statement came yesterday just hours after the FBI announced that it had concluded that North Korea was the agent behind the hack on Sony Pictures.
I am from the future
Listen back to Show 677 @ about 1:23:26 re appropriations bill and Japan & Korea BYOB (buy your own bombs) situation. I quote: ACC: "We will see North Korea being very, very dangerous."
Sony hack, coincidence, I think not!
Dude named ben [email]
It's not as easy as flicking on a switch, as I'm sure you know. The FBI and Sony - to the best of their knowledge - believe it to be NK. But read "Enemies" and I would say that book describes about as competent as I think the FBI are. I think it is NK, but I think it's also an inside job. I believe there to be a number groups involved (DNBen,HActivist, NK's $ etc), which might be involved. The true culprits will never be found. This is no simple job.
Ever since Bain Capital came in and started going after middle management this does not surprise. I even saw Bain take an long time executive directors office (which he had forever) and kicked him out just because the Bain dude liked the view. Fucked up.
Is it customary that Bain stays inside the company who's people it is trying to fire?
From a creative VFx insider [email
I have been working in the visual effects industry for over 15 years. I have been part of huge visual effects centric films, from James Bond, to a bunch of Harry Potter films, big Disney/Marvel movies and so on.
I have plenty of friends at sony
Here is the points that I reckon are worth knowing about sony and why I do agree why this could have started as as inside job, and the spinned out of control in the media manipulation machine.
- Sony Pictures Imageworks is the so called digital-division.
- due to tax credits offered by canada, they where relocating work over to Vancouver. This are tax credits for the studios, not the companies doing the work.
- lots of people lost their job and/or were asked to move to Vancouver. Think about 1000 people that have worked and invested in a place for years. With families and all.. Bad.
- SPI used to be at the forefront of this industry, winning oscars, and making kick ass technology and movies.
- the last years have been horrible. Morale was low. The movies are bad. From Smurfs to just bad Hotel Transylvania. People where losing their job and those who moved where working in bad movies.
- on of the top technology officers quit, adding fire to it all.
All this is something I have lived through the eyes of my colleagues. So it is very possible that this started in there.
Realize that the kind of work we do in VFX is at the forefront of technology. Is a strange mix of creativity and technology and though we are ultimately artists, tech is the base. Millions of R&D to make Brad Pitt look old or Angie look young, apart from all the kind of work you see (and don't notice when it's well done).
Technology is driven in the world by 3 industries. Military, medical and entertainment. What we do is used in military and what military does create, we use.
I just finished benign onset for a huge movie for next Xmas. We had drones to shoot the movie everywhere.
OVERNIGHT TECH: Obama signs cyber bills | TheHill
Sat, 20 Dec 2014 03:36
THE LEDE: President Obama on Thursday signed five cybersecurity bills into law, after an unexpected spate of legislative activity on the issue.
The five bills won't satisfy the strongest backers of tough cyber protections, but they should help many government officials beef up their networks and were cheered by supporters when they rushed through Congress in the final days of its 2014 session.
The bills largely direct various arms of government to deal in a more forceful way with cyber issues, but should also clarify current operations. The Cybersecurity Enhancement Act, for instance, allows the Commerce Department to write voluntary standards to protect critical infrastructure and tells the White House's Office of Science and Technology Policy to develop a federal cyber research plan.Most of the bills are aimed at the Department of Homeland Security (DHS). The National Cybersecurity Protection Act establishes in law the department's national cybersecurity center, while the Federal Information Security Modernization Act updates 12-year-old federal information security laws. The Cybersecurity Workforce Assessment Act directs the DHS to build out a new strategy to recruit and hang onto the best and brightest workers in the field, and the Border Patrol Agent Pay Reform Act allows the department to exempt some cyber staffers from normal government hiring rules.
Who's Will Hurd?: GOP Rep.-elect Will Hurd (Texas), a former CIA officer, was picked Thursday to lead the new House Oversight subcommittee on Information Technology. Hurd is the only freshman to lead one of the six subpanels on the committee. He defeated Democratic Rep. Pete Gallego in one of Texas's most competitive districts this year to take over the seat.
Hurd worked for the cybersecurity firm Fusion X for the past four years, focusing on issues related to manufactures, financial institutions, retailers and infrastructure. He previously worked as a partner for the firm Crumpton Group LLC, where he focused on managing risk for clients' intellectual and physical property.
'You don't negotiate with bad guys': During a live interview with The Texas Tribune on Thursday, Hurd said there are not enough people in Congress with a background on these issues, noting his degree is in computer science. He disagreed with Sony's decision to pull the movie "The Interview" after a cyber attack against the company and physical threats against theaters planning to show the film. He said the government had not yet outlined how to respond to purely digital attacks.
"You don't negotiate with bad guys, you don't negotiate with terrorists," he said. "And to me in this case, the North Koreans -- in my opinion, when it comes to their technical sophistication -- they are in kind of the tier two. And look, we shouldn't capitulate to these guys."
Google blasts attempt to revive SOPA: Google is "deeply concerned" about news that the Motion Picture Association of America (MPAA) has been working to revive controversial intellectual property laws through the states. Documents leaked in the massive hack at Sony Pictures indicated that the Hollywood trade group has attempted to bring back the Stop Online Piracy Act (SOPA), which major Web companies claim would lead to censorship of the Internet. In a blog post on Thursday, Google general counsel Kent Walker accused the MPAA of "trying to secretly censor the Internet."
FCC commissioners in 'untenable position'?: The head of the National Cable and Telecommunications Association reiterated his disappointment with President Obama over his call last month for the Federal Communications Commission (FCC) to regulate broadband Internet as a utility. Michael Powell, a former Republican FCC chairman, said the independent agency could choose a different path, but it would be difficult.
"I have never in my career seen a president suggest so expressly the desire and outcome that he wants," Powell said on CNBC. "That puts the leadership of the commission in an untenable position in my judgment. And I think certainly they are free to make a different choice than the wishes of the president, but that comes with enormous political baggage, and I think it is quite unfortunate that the process has been politicized to such a dramatic degree."
How big of a deal are online TV rules?: The FCC is close to approving proposed rules that would allow online television services equal ability to negotiate and buy access to cable and broadcast channels, similar to cable and satellite TV companies. But research analyst Craig Moffett said the move might not be as important as others have made out.
"Truth be told, it is not a huge issue," he said in an interview for C-SPAN's "The Communicators" series set to air Saturday. "People have talked about it as if it might be some kind of a lifeline for companies like Aereo because it gives them at least a step in the direction of being able to license retransmission consent content from broadcasters. But it doesn't really give them all that much negotiating leverage there. All it says is they have to be negotiated with in good faith. That doesn't suggest that those companies have to license content to them. And I don't think that that reclassification is really going to change the world."
Adidas, L'Or(C)al, Lyft join CEA: The Consumer Electronics Association is adding a number of new members. Adidas, Lyft, New Balance, L'Or(C)al and Time are among the companies joining the more than 2,000 members of the tech trade group. In a statement, CEO Gary Shapiro said that the companies' focus on "the sharing economy" and the "Internet of things" make them natural members. "The world of consumer technologies continues to change and expand, reaching into new markets, transforming old business models and providing benefits across all aspects of consumers' lives," he said.
Microsoft sues tech support scammers: Microsoft filed a lawsuit Thursday against tech support operators it claims are scamming people. The tech giant says it has received more than 65,000 complaints about fake tech support scams since May.
Patent doc streaming online: A new industry-backed documentary pushing for targeted reforms to the nation's patent laws is now streaming online. "Inventing to Nowhere" is being pushed by the Innovation Alliance, an advocacy group, and features interviews with members of Congress and others.
Bitcoin ATM in DC: The Washington Post highlighted the arrival of the city's first bitcoin ATM, which was installed last month at a restaurant in Adams Morgan. The Post described it as one of a handful in the country, and noted only 10 transactions have taken place on its since it was installed the week of Thanksgiving. Users can purchase the virtual currency from the machine in denominations between $6 and $1,000.
IN CASE YOU MISSED IT:
The Federal Communications Commission on Thursday ruled the name "Redskins" is not profane or obscene.
A group of 36 Democrats are increasing their calls for the FCC to reclassify broadband Internet as a public utility.
Theaters across the country are canceling showings of "Team America: World Police," previously scheduled to replace "The Interview" after Sony pulled the film due to security concerns.
The incoming chairman of the House Oversight Committee on Thursday announced the creation of a new information technology subpanel.
The two Republicans on the FCC are accusing the agency's chairman of refusing to let them have their say.
Please send tips and comments to Julian Hattem, firstname.lastname@example.org and Mario Trujillo, email@example.com
Follow us on Twitter: @HilliconValley, @jmhattem
Updated at 8:14 p.m. to correct the characterization of Innovation Alliance
Congress Passes Bill To Confront Rising Risks Of Cyberattack
Sun, 21 Dec 2014 04:55
Research Triangle Park, North Carolina, USA '' The United States Congress earlier this week took an important step forward to better protect America from the increasing risks of industrial cyberattack when it approved The Cybersecurity Enhancement Act of 2014.
The bipartisan bill'--which now goes to President Obama to be signed into law'--is designed to strengthen and protect the nation's economic and national security through public-private partnerships to improve cybersecurity and a greater reliance on cybersecurity standards; research and development; workforce development and education; and public awareness and preparedness.
Passage of the bill, which was sponsored by Senate Commerce, Science, and Transportation Committee Chairman John D. (Jay) Rockefeller IV (D-WV) and Ranking Member John Thune (R-SD), follows years of efforts to pass federal cybersecurity legislation. An earlier cybersecurity bill, The Cybersecurity Act of 2012, was defeated in the Senate. Its demise prompted President Obama to instruct the National Institute of Standards and Technology (NIST) to develop the US Cybersecurity Framework, which was introduced in February of this year.
As a leading authority on industrial automation control systems (IACS) security standards and the ''Voice of Automation,'' the Automation Federation and its founding association, the International Society of Automation (ISA), have worked closely for years with lawmakers in Washington'--Senator Rockefeller, in particular'--to build support for the passage of federal cybersecurity legislation.
At the federal government's request, representatives of both the Automation Federation and ISA served as expert consultants to NIST as it coordinated the development of the US Cybersecurity Framework. In fact, long before the President called for a federal initiative on cybersecurity, Automation Federation and ISA leaders have been consulting with White House National Security Staff, US federal agency officials, and members of Congress on the critical need to establish national cybersecurity standards, guidelines and compliance testing.
IACS security standards developed by ISA (ISA99/IEC 62443) are integral components of the federal government's plans to combat cyberattack because they're designed to prevent and offset potentially devastating cyber damage to industrial plant systems and networks'--commonly used in transportation grids, power plants, water treatment facilities, and other vital industrial settings.
''The passage of this bill represents great progress toward better preparing government and private industry to meet the significant challenges and reduce the serious risks of industrial cyberattack,'' says Michael Marlowe, Managing Director and Director of Government Relations at the Automation Federation. ''We know that safeguarding America and the world from cyberattack will require a comprehensive, multi-faceted effort'--implementing standards that can prevent and mitigate security vulnerabilities; educating and training a skilled cybersecurity workforce; facilitating greater public-private collaboration; and pursuing ongoing research, development and awareness initiatives.''
Marlowe said the Automation Federation is already in discussions with NIST officials about how to implement the key provisions of The Cybersecurity Enhancement Act of 2014 once it officially becomes law.
The Cybersecurity Enhancement Act of 2014:
Authorizes NIST to facilitate and support the development of voluntary, industry-led cyber standards and best practices for critical infrastructure'--drawing on many of the key recommendations outlined in the US Cybersecurity Framework.Strengthens cyber research and development by building on existing research and development programs, and ensuring better coordination across the federal government.Improves the cyber workforce and cyber education by ensuring that the next generation of cyber experts are trained and prepared for the future.Increases the public's awareness of cyber risks and cybersecurity.Advances cybersecurity technical standards.''The bill and its language regarding the public-private sector partnerships using existing standards within the NIST Framework is a great testament to the hard work of the Automation Federation, the Automation Federation Government Relations Committee members and the ISA-99 Security Standards Committee members,'' says Steve Huffman, Chair of the Automation Federation's Government Relations Committee and an ISA99 Security Standards Committee member. ''Cybersecurity of industrial automation and control systems from the OT (operational technology) side was not a prominent issue in initial legislative discussions. By raising its importance among lawmakers, industrial cybersecurity became a more vital part of the legislation passed by Congress.
''The Automation Federation and its representatives,'' Huffman emphasizes, ''share with Senators Rockefeller and Thune great excitement over the passage of this bill and a vision of a safer cyber world and a workforce prepared to meet the challenges of the future.''
Merck Buys Swiss Biotech With Promising Cancer Drug
Avon Products Settles Bribery Charges
U.S.-Cuba Thaw Could Benefit Farmers, Energy Firms
Explore more newshere.
Exclusive: Sony Emails Say State Department Blessed Kim Jong-Un Assassination in 'The Interview' - The Daily Beast
Sun, 21 Dec 2014 05:00
CEO Michael Lynton showed a rough cut of the movie to U.S. officials before moving ahead. Now hackers are threatening to bomb any theater that shows it.
The Daily Beast has unearthed several emails that reveal at least two U.S. government officials screened a rough cut of the Kim Jong-Un assassination comedy The Interview in late June and gave the film'--including a final scene that sees the dictator's head explode'--their blessing.
The claim that the State Department played an active role in the decision to include the film's gruesome death scene is likely to cause fury in Pyongyang. Emails between the Sony Entertainment CEO and a security consultant even appear to suggest the U.S. government may support the notion that The Interview would be useful propaganda against the North Korean regime.
Back on June 20, the first threat lobbed by North Korean officials against the holiday blockbuster seemed as empty as a North Korean villager's lunch box.
The Seth Rogen/James Franco-starrer, which centers on a TV host and his producer being tasked by the CIA with assassinating North Korean despot Kim Jong-Un, was branded ''an act of war.'' Studio executives at distributor Sony Pictures and the general public mostly laughed it off as yet another example of muscle-flexing by the rotund ruler.
But now, the controversy surrounding the political satire has gotten serious.
''Bruce '' Spoke to someone very senior in State (confidentially),'' wrote Lynton. ''He agreed with everything you have been saying. Everything. I will fill you in when we speak.''
In late November, a group that calls itself the Guardians of Peace breached Sony's company servers, and leaked several large caches of private internal data online, including the emails of several top Sony executives, Social Security numbers and private info of employees, screeners of upcoming feature films, and more. Some believe it to be the work of North Korean hackers as payback for The Interview, and while a spokesman for North Korea claimed ignorance, he added that the hack ''might be a righteous deed of the supporters and sympathizers with the DPRK in response to its appeal'' against the film. The Guardians of Peace, meanwhile, posted a message online that read, ''Stop immediately showing the movie of terrorism which can break the regional peace and cause the War.''
On Tuesday, the Guardians released what they referred to as a ''Chrsitmas gift'''--the eighth collection of hacked files consisting of the emails of Michael Lynton, CEO of Sony Entertainment.
READ MORE: Sony Emails Show How the Studio Plans to Censor Kim Jong Un Assassination Comedy 'The Interview'
The leak also came with a disturbing threat:
We will clearly show it to you at the very time and places 'The Interview' be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. Soon all the world will see what an awful movie Sony Pictures Entertainment has made. The world will be full of fear. Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you'd better leave.)
Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment. All the world will denounce the SONY.
Following the most recent threat, a source at Sony told Deadline that the studio is ''leaving it up to the discretion of the theater owners and chains'' as to whether or not they'll carry The Interview. Meanwhile, late Tuesday evening, Landmark Theatres announced it was canceling Thursday night's planned New York premiere of the film, which was scheduled for the Landmark Sunshine Cinema, and Carmike Cinemas, which operates 278 movie theaters in 41 states, announced it was pulling The Interview as well.
A series of leaked emails reveal that Sony enlisted the services of Bruce Bennett, a senior defense analyst at the RAND Corporation who specializes in North Korea, to consult with them on The Interview. After he saw the film, including the gruesome ending where a giant missile hits Kim Jong-Un's helicopter in slow-mo as Katy Perry's ''Firework'' plays, and Kim's head catches on fire and explodes, Bennett gave his assessment of it in a June 25 email to Lynton, just five days after North Korea's initial threat.
READ MORE: Sony Hack Reveals Jennifer Lawrence Is Paid Less Than Her Male Co-Stars
''The North has never executed an artillery attack against the balloon launching areas. So it is very hard to tell what is pure bluster from North Korea, since they use the term 'act of war' so commonly,'' wrote Bennett. ''I also thought a bunch more about the ending. I have to admit that the only resolution I can see to the North Korean nuclear and other threats is for the North Korean regime to eventually go away.''
He added, ''In fact, when I have briefed my book on 'preparing for the possibility of a North Korean collapse' [Sept 2013], I have been clear that the assassination of Kim Jong-Un is the most likely path to a collapse of the North Korean government. Thus while toning down the ending may reduce the North Korean response, I believe that a story that talks about the removal of the Kim family regime and the creation of a new government by the North Korean people (well, at least the elites) will start some real thinking in South Korea and, I believe, in the North once the DVD leaks into the North (which it almost certainly will). So from a personal perspective, I would personally prefer to leave the ending alone.''
That same day, Lynton responded saying that a U.S. government official completely backed Bennett's assessment of the film.
''Bruce '' Spoke to someone very senior in State (confidentially),'' wrote Lynton. ''He agreed with everything you have been saying. Everything. I will fill you in when we speak.''
The following day, June 26, an email from Bennett to Lynton'--as well as several other forwarded emails'--revealed that Robert King, U.S. special envoy for North Korean human-rights issues, was helping to consult on the film as well through Bennett and addressed the June 20 threat by North Korea.
''Michael, '¨I talked with Amb. King a few minutes ago,'' wrote Bennett. ''Their office has apparently decided that this is typical North Korean bullying, likely without follow-up, but you never know with North Korea. Thus, he did not appear worried and clearly wanted to leave any decisions up to Sony.''
(A spokesman for the U.S. State Department later admitted that Daniel Russel, Assistant Secretary of State for East Asian and Pacific Affairs, had a conversation with Sony executives but vaguely denied having any direct influence on the creative direction of The Interview.)
Still, Sony executives felt nervous about not only the film, but also the scene depicting the murder of Kim Jong-Un. An email dated June 20 from Amy Pascal, co-chairman of Sony Pictures Entertainment, sent to Vice-Chairman of Sony Pictures Jeff Black said, ''we need sonys name off this asap everywhere,'' asking to remove the name ''Sony'' from all of the film's promotional materials and package it as a Columbia Pictures release (a subsidiary of SPE). Then, a July 9 email from Lynton to Pascal expressed the company's desire to not show the DPRK leader die.
''Yeah we cannot be cute here,'' wrote Lynton. ''What we really want is no melting face and actually not seeing him die. A look of horror as the fire approaches is probably what we need.''
Kaz Hirai, CEO of the studio's parent corporation, also expressed his concerns over the death scene, igniting a lengthy email debate between Pascal and Rogen about the ending. On Aug. 14, an email from Pascal to Lynton seemed to express the execs' frustrations with how things were going.
''Are you having a nice holiday?'' Pascal wrote to Lynton. ''Just arrived in Bali. Seth rogan [sic] is driving me nuts.''
Lynton replied, ''Yeah. Heard all about it. Feels like he will drive you nuts for awhile.''
''Till December,'' Pascal wrote back.
READ MORE: Shocking New Reveals From Sony Hack: J. Law, Pitt, Clooney, and Star Wars
On Sept. 25, Sony seemed to be winning the creative battle against Rogen and The Interview crew. In an email to Pascal, Rogen wrote, ''We will make it less gory. There are currently four burn marks on his face. We will take out three of them, leaving only one. We reduce the flaming hair by 50%'... The head explosion can't be more obscured than it is because we honestly feel that if it's any more obscured you won't be able to tell its exploding and the joke won't work. Do you think this will help? Is it enough?''
The studio seemed to be satisfied with the results'--although still opted to censor the death sequence in many foreign territories.
Rogen recently addressed the hacking situation in an interview with The New York Times, saying, ''No one has officially told me our movie, 100 percent, has proven to be the cause of any of this stuff. We're not the first people to shed light on how crazy North Korea is, the myths that exist there and the oddities of the regime.''
The Interview is still scheduled to hit U.S. theaters on Dec. 25'... although that may change in the coming days.
PIPELINE-Vladimir Putin invites Kim Jong-un to Moscow | World news | The Guardian
Sun, 21 Dec 2014 05:02
Kim Jong-un will visit Vladimir Putin in Moscow next year to mark the 70th anniversary of the Soviet defeat of Nazi Germany. AP Photograph: AP
The Russian president, Vladimir Putin, has invited the North Korean leader, Kim Jong-un, to Moscow next year to mark the 70th anniversary of the Soviet defeat of Nazi Germany in the second world war, the Kremlin's spokesman said on Friday.
It would be Kim's first foreign visit since taking the helm of the reclusive east Asian state in 2011. His personal envoy travelled to Moscow last month as part of efforts by the two Cold War-era allies to improve relations.
''Yes, such an invitation was sent,'' a Kremlin spokesman, Dmitry Peskov, told the state news agency, Tass. Russia marks the former Soviet Union's 1945 victory every year on 9 May.
Moscow needs North Korean cooperation to boost its natural gas exports to South Korea as Gazprom would like to build a gas pipeline through North Korea to reach its southern neighbour.
Pyongyang is also seeking support from Russia, a permanent veto-wielding member of the UN security council, against international criticism relating to accusations of human rights abuses and its nuclear programme.
A UN committee passed a resolution last month calling for the security council to consider referring North Korea to the international criminal court for alleged crimes against humanity.
The Russian foreign minister, Sergei Lavrov, has also said North Korea is ready to resume the stalled international talks on its nuclear programme.
North Korea, South Korea, Japan, China, Russia and the United States began talks in 2003 to rid the Korean peninsula of nuclear weapons, but they were suspended after Pyongyang tested nuclear devices in 2006 and 2009.
The Interview Is "Desperately Unfunny", "Will Flop" If Not Cancelled According To Leaked Sony Emails | Zero Hedge
Sun, 21 Dec 2014 05:11
The conspiracy theories surrounding the story of The Interview's cancellation in the aftermath of the North Korean "hacking" just keep getting stranger by the day, (and will, in 6-9, months lead to the blockbuster drama: "How 'The Interview' Got Cancelled")
First, as we previously reported, at the same time as the NYT reported that according to the US the hack "undisputedly" originated in North Korea, Wired magazine released an article explaining why it is impossible to make such a determination (see Someone is Lying). That, however, did not stop the US on its inexplicable witch hunt, and moments ago Reuters reported that according to the US, it was indeed North Korea who was responsible for the hacks (although, the report adds, North Korea may have had a little help from China so nobody really know but whatever). From Reuters:
A U.S. investigation into the hack of Sony's computer system has determined that North Korea was behind the operation with a possible Chinese link, a U.S. official said on Friday.
The official, who spoke on condition of anonymity, said the conclusion was to be announced later by federal authorities.
The probe into the hack found North Korea was behind it and that there may be a Chinese link either through collaboration with Chinese actors or by using Chinese servers to mask the origination of the hack, the official said.
So far so good: hardly anyone would expect more, or less, from the country that invaded Iraq due to imaginary WMDs and almost launched a war against Syria based on a doctored YouTube clip.
Where it gets downright bizarre, however, is that as Reuters also reported earlier citing leaked emails of international Sony Pictures executive, the infamous movie in question "is "desperately unfunny" and would have flopped overseas if it had not been canceled."
Wait a minute, it sounds almost as if the evil North Korean "hackers" did Sony... a favor?
It sure does. Here is more from Reuters:
... even before the cancellation of the film, Sony executives responsible for the international release of the movie were concerned the action-comedy featuring Hollywood stars Seth Rogen and James Franco would not translate to a foreign audience, the leaked e-mails show.
Reuters has not been able to verify the authenticity of the documents, although Sony has confirmed that at least some are authentic.
"The unanimous point of view here is that this (is) another misfire from the pairing," said an e-mail purportedly written by Peter Taylor, of Sony Pictures UK.
Actually judging by outside reviews it would have most certainly been a bomb, pun intended, in the US as well:
Taylor said the film was "desperately unfunny and repetitive," and "James Franco proves once again that irritation is his strong suit which is a shame because the character could have been appealing and funny out of his hands."
Taylor and other executives agreed that the first half hour of the film, which features a satirical interview with hip-hop artist Eminem, was amusing but was later overshadowed by "realistic violence that would be shocking in a horror movie".
Staff in Holland said the film was "unbalanced," and a French executive said the film went too far. "Seth Rogen's humor doesn't really translate," the executive said.
South Korean colleagues raised concerns over the potential political issues and inaccuracies in the North Korean accents used in the film, and said the leading actors were "weak".
Sony staff in Taiwan said the film "didn't stand a chance" in their market, according to the e-mails. Australian executives, however, enjoyed the film and requested lead actor Franco lead a promotional tour of the country.
British executives were less enthusiastic. "Tour-wise, our choice would be to have no one. However if this is not an option (and I suspect it isn't) then we would like the lot," Taylor said. "Not just Rogen and (writer Evan) Goldberg, but God help us Franco as well."
Ok great, it would have flopped, but as Chris Rock said, at least the American public would want "to CHOOSE" not to see the movie (or not as likely would be the case).
And now, due to what appears the most convoluted false flag affair in US history, it may be time to nuke North Korea for depriving the US public from its god-given right of seeing straight-to-DVD flops.
Average:Your rating: NoneAverage: 4.9(18 votes)
Former Employees Are Suing Sony Over 'Epic Nightmare' Hack | WIRED
Sun, 21 Dec 2014 03:14
The plot of the Sony hack drama has taken a new turn.
Two former employees of Sony Pictures Entertainment filed a class-action lawsuit against the studio giant on Monday for failing to properly secure sensitive employee data.
The recent widespread breach of Sony has resulted in the theft and release of documents exposing Social Security numbers and birth dates of employees as well as information about medical conditions. The workers say the company had not only a duty to protect their data but a strict legal responsibility to secure medical information under California law.
Calling the breach an ''epic nightmare, much better suited to a cinematic thriller than real life,'' the plaintiffs also say that Sony failed to adequately notify former workers who may have been affected by the breach.
''Put simply, Sony knew about the risks it took with its past and current employees' data,'' the plaintiffs wrote in their suit. ''Sony gambled, and its employees'--past and current'--lost.''
The two plaintiffs in the lawsuit, Michael Corona and Christina Mathis, worked at Sony from 2004 to 2007 and from 2000 to 2002 respectively. Both say their Social Security numbers were leaked, and Corona says his salary history and reason for resigning were also exposed.
Sony has been hacked before, which could help bolster the plaintiffs' claims about lax security. In 2011, members of Anonymous and LulzSec tore through the company's networks'--first going after its PlayStation Network, where they stole data pertaining to more than 75 million customers. A second breach at Sony Online Entertainment compromised an additional 25 million customers. Sony Pictures and Sony BMG were also struck. Those breaches affected customers, not employees, but they work in the plaintiffs' favor to show that Sony might have had ongoing security problems that it failed to fix.
Internal Sony documents leaked by the hackers in the current breach indicate that Sony's security was still lax despite previous hacks. The leaks include data sheets listing servers holding unencrypted Social Security numbers and passwords for employees and others, as well as emails discussing a breach the company had in February that may or may not have been part of the wider breach exposed last month.
Sony breached its duty, according to the lawsuit by ''failing to design and implement appropriate firewalls and computer systems, failing to properly and adequately encrypt data, losing control of and failing to timely re-gain control over Sony Network's cryptographic keys, and improperly storing and retaining Plaintiffs' and the other Class members' [personally identifiable information] on its inadequately protected Network.''
Breach Lawsuits Rarely SucceedIt's not unusual for companies that suffer breaches, like Sony and Target, to find themselves besieged by lawsuits, but ones filed by the individuals whose personal data is stolen rarely succeed. Generally these lawsuits have involved stolen credit cards that could result in fraudulent charges or the theft of personal information that puts the person at risk of identity theft, and courts have thrown out the suits for lack of standing. With banks assuming liability for fraudulent charges made to stolen bank card accounts, victims don't have any damages they need to recover, and unless there is actual proof of identity theft, the mere potential for harm has been insufficient in most cases to successfully sue.
There's an exception to this, however, that could help give the Sony lawsuit legs: a recent class-action suit around a breach at Adobe could prove useful for the Sony plaintiffs. In the Adobe case, a California court declined to throw out the suit, saying the plaintiffs had standing because they suffered an impending threat of harm, not merely the potential for harm, because their data had been posted online for anyone to grab and use.
''The [Adobe] case signals that the courts are ready to start '... recognizing new types of harm that security breaches and inadequate security measures cause or trigger,'' says Princeton law professor Andrea Matwyshyn. ''We're seeing courts more willing to entertain these kinds of lawsuits because the problems are real'--particularly if you have evidence of a history of known security flaws that went unfixed a court would be more likely to consider a suit by employees or other harmed parties.''
Sony employees and former employees could argue they also suffer an impending threat, since their sensitive data has already been publicly released by the hackers. They would still have an uphill battle to prove harm, if they want damages, but it would provide them with an opportunity for discovery, which could further expose Sony's bad security practices to the public.
''Sony gambled, and its employees'--past and current'--lost.''
But the Sony case may also have staying power that other cases have lacked because employers have a duty of care for their employees that goes beyond their duty to customers, Matwyshyn says.
''This is untested territory,'' says Matwyshyn, a professor with Princeton's Center for Information Technology Policy, ''but employers are held to a higher standard of care with respect to the safety of their employees. Employers, for example, are responsible for providing a safe work environment of their employees and there are OSHA rules around the physical safety of employees. So it is arguably a natural extension that heightened levels of care would also extend to data management questions because of that trusted relationship.''
She's not aware of other lawsuits involving public companies that are similar to the Sony case, saying this is a new area of litigation that is bound to grow, particularly as the kinds of records stolen change. Although Social Security numbers and financial records of employees are sensitive, the medical information involved in the Sony breach raises new questions that could affect other companies involved in breaches, she says. Sony is not a health-care facility or so-called ''covered'' entity as it's defined under the federal statute HIPAA, and therefore is not subject to the same requirements for securing medical data that governs hospitals and doctors under that law, says Matwyshyn. But California has a medical records protection law that requires employers to secure employee medical records that would cover Sony. And, as an international company, Sony could also face problems in Europe where data-protection laws can be fierce.
Matwyshyn notes, also, that employees might not be Sony's only worry when it comes to litigation over its breach. Other suits could follow from Sony business partners, shareholders, celebrities and others if they claim the release of emails exposing sensitive information about business deals and private matters caused them harm.
''We're seeing the first traction of these types of embedded business relationships giving rise to data-breach litigation,'' she says. ''This will continue and that is the sort of situation that might have life [in a court].''
Sony could also face trouble with the Federal Trade Commission for deceptive trade practices, notes Brian Hall, a partner in the labor and employment department of the PorterWright law firm in Ohio. In 2012, the FTC filed a complaint against Wyndham Hotels for failing to protect consumer information.
If the FTC does get involved, it would put Sony's security practices under heavy scrutiny. ''They're definitely going to start looking at Sony's data security [practices]'' if that's the case, says Hall.
Shocking: Sony Learned No Password Lessons After The 2011 PSN Hack | Techdirt
Sun, 21 Dec 2014 03:13
The great Sony hack of 2014: what's it all about? Is it a subversive plot by North Koreans operating out of China in revenge for a film starring two guys from Freaks and Geeks? Or maybe it's simply fodder for stupid politicians to remind us that all the world's ills could be cured if only internet service providers took on the challenge of fixing all the things in all the places? No, my dear friends, no. The Sony hack of 2014 is a beautiful Christmas gift (your religious holiday may vary) of a wake-up call to anyone silly enough to think that Sony would bother to learn the lessons very recent history has tried to teach it.
To prove this, one need only review the latest file dump in the leak, which features the wonderful naivete of whatever bright minds are in charge of Sony's internal password conventions and storage policies.
In a small file titled "Bonus.rar," hackers included a folder named "Password." It's exactly what it sounds like: 140 files containing thousands upon thousands of private passwords, virtually all of them stored in plaintext documents without protection of any kind. Some seem personal in nature ("karrie's Passwords.xls") while others are wider in scope ("YouTube login passwords.xls"). Many are tied to financial accounts like American Express, while others provide access to corporate voicemail accounts or internal servers, and come conveniently paired with full names, addresses, phone numbers, and emails.
In case you're unfamiliar with the hack against Sony's Playstation Network a mere three years ago, the problem was -- you guessed it -- the exact same thing. In that case, the hack produced customer names, addresses, emails and login/password information because that information was stored in plain text, contrary to the advice of every competent network security person on the planet. Take, for instance, one security researcher quoted in the link above:
Passwords in plaintext? These guys are pretty bad - I don't think I've ever encountered this before. What's the point of using common password storage/hashing techniques if your staff is keeping all your passwords in plain text on open fileshares? Shit, why bother having locks on the doors at all?
The worst of all the problem's this hack revealed is that this question should have been answered in the wake of the events of three years ago. It's one thing to screw up. It's quite another to screw up in a manner that went public in a spectacular way and simply refuse to take measures to ensure it doesn't happen again. But that's Sony for you: long live plain text.
56 total SONY hacks in 12 years
Sun, 21 Dec 2014 03:13
Over the last two months, the multi-national Sony Corporation has come under a wide range of attacks from an even wider range of attackers. The backstory about what event prompted who to attack and why will make a mediocre made-for-TV movie someday. This article is not going to cover the brief history of hacks; readers can find details elsewhere. Instead, the following only serves to create an accurate and comprehensive timeline regarding the recent breaches, a cliff notes summary for easy reference.
Other than Steve Ragan and The Tech Herald, most recent articles about Sony make vague references to ongoing problems, but do not enumerate the full history. This is likely because the past events, while only 45 days old at most, are convoluted and confusing. The table below should serve to fix that, hopefully giving journalists and security professionals a concrete and clear history.
One thing should be noted; the attacks against Sony are not coordinated, nor are they advanced. Sony has demonstrated they have not implemented what any rational administrator or security professional would consider "the absolute basics". Storing millions of customer's personal details and passwords without using any form of encryption is reckless and ridiculous. Even security books from the '80s were adamant about encrypting passwords at the very least. Several of Sony's sites have been compromised as a result of basic SQL injection attacks, nothing elaborate or complex.
If anyone... ANYONE at all uses the term "advanced persistent threat" in describing the attacks on Sony, please hit them very hard before disregarding them as ignorant charlatans hell-bent on serving their own interests. Given the wide variety of attackers (see below), the attacks on Sony can only be described as an uncoordinated effort at best.
That said, welcome to the recently coined term, "Sownage". The state of being thoroughly "owned like Sony is".
IncidentDateSiteStockWho (allegedly)Observation2011-04-04Anonymous Engages in Sony DDoS Attacks Over GeoHot PS3 Lawsuit31.45The group Anonymous declares Sony an enemy and begins a DDoS attack against PSN over the 'GeoHot' lawsuit filed earlier in the year.2011-04-20Sony PSN Offline30.14PSN taken offline by Sony due to hack.Network World has a timeline of events related to PSN.2011-04-26PSN Outage caused by Rebug Firmware29.79Sony drops PSN Network due to problems with the 'REBUG' firmware allowing developer access, and rumors of widespread piracy. Initial speculation said the outage was the result of a second DDoS attack by Anonymous. They denied it in a press release saying "for once we didn't do it".12011-04-26PlayStation Network (PSN) Hacked29.79Anonymous (?)Sony admits attack took place between April 17 and 19, but did not disclose until around the 26th. Anonymous blamed by Sony initially, but denies involvement in hack.Records breached: 77 million names, addresses, email addresses, birthdates, PlayStation Network/Qriocity passwords and logins, handle/PSN online ID, profile data, purchase history and possibly credit cards obtained (DatalossDB Entry)2011-04-27Ars readers report credit card fraud, blame Sony29.032011-04-28Sony PSN hack triggers lawsuitSony says SOE Customer Data Safe28.3922011-05-02Sony Online Entertainment (SOE) hackedSOE Network Taken Offline28.80(unknown)Sony Press Release.Records breached: 24.6 million customer dates of birth, email addresses and phone numbers, including 12,700 non-U.S. credit or debit card numbers and expiration dates and about 10,700 direct debit records including bank account numbers (DatalossDB Entry)2011-05-03Sony Online Entertainment (SOE) issues breach notification letter28.442011-05-05Sony Brings In Forensic Experts On Data Breaches27.98"Data Forte, Guidance Software, and Protiviti will investigate who hacked into Sony's servers and how they cracked the company's defenses."2011-05-06Sony Networks Lacked Firewall, Ran Obsolete Software: Testimony28.06Gene Spafford wrote an article describing his testimony, and how many media outlets misquoted him.32011-05-07Sony succumbs to another hack leaking 2,500 "old records"n/aSonyNote: This information was available via a Sony website and indexed by Google. This was not a "hack" by any means. File originally found at products.sel.sony.com/shared/santa/dbs/sweepstake.xls (now offline)Records Breached: 2,500 names and partial addresses of 2001 Sony sweepstakes2011-05-12Lawyers take aim at Sony hack, may miss on payout28.232011-05-14Sony resuming PlayStation Network, Qriocity servicesn/aAll SOE games/services were down for a total of 24 days.42011-05-17PSN Accounts still subject to a vulnerability28.07unknownWith this vulnerability, an attacker has the ability to change a user's password using only their account's email and date of birth. Rumors suggest it was being exploited by bad guys.TNW article titled "Not so fast: Sony's PlayStation Network hacked again" is misleading.Sony blog on incident (vulnerability fixed)2011-05-18Prolexic rumored to consult with Sony on security27.80"got a call from a recruiter who swore some company called prolexic was hired to protect Sony from Anonymous"Update: Prolexic did provide services to Sony, but only for DDoS mitigation.52011-05-20Phishing site found on a Sony server27.05unknown(additional article)62011-05-21Hack on Sony-owned ISP steals $1,220 in virtual cash (So-net Entertainment Corp)n/aunknown(additional article)Records Breached: e-mail and virtual currency of 128 accounts72011-05-21Sony Music Indonesia Defaced By k4L0ng666n/ak4L0ng666No evidence of personal information being compromised.82011-05-22Sony BMG Greece the latest hacked Sony siten/ab4d_viperaApparently done via SQL Injection. Pastebin dumpRecords Breached: 8,500 usernames, email addresses, phone numbers and password hashes (DatalossDB Entry)92011-05-23LulzSec leak Sony's Japanese Websites26.59LulzSecSQL Injection in www.sonymusic.co.jp (article)Sophos says databases do "not contain names, passwords or other personally identifiable information"2011-05-23Sony forecasts a $3.1B loss for FY 2011 due to quake, PSN failurePSN breach and restoration to cost $171M, Sony estimates26.59102011-05-24Sony says hacker stole 2,000 records from Canadian site (Sony Erricson)27.90IdahcSony Ericsson Got Hacked by Idahc - Lebanese hacker via SQL InjectionIdahc dumped 1,000 of the cords to http://pastebin.com/4YGAWxQZ (since removed)Records Breached: Email addresses, passwords and names of 2,000 users (DatalossDB Entry)2011-05-25Sony Begins Providing ID Theft Protection for PlayStation Hack27.65112011-06-02LulzSec versus Sony Pictures26.54LulzSecSophos says 4.5 million records exposed. LulzSec initially thought to target the elderly, but clarify they dumped the database by DoB and stopped at 1943.Lulz? Sony hackers deny responsibility for misuse of leaked dataRecords breached: Over 1,000,000 users' passwords, email addresses, home addresses, dates of birth, as well as administrator login passwords. Information taken from AutoTrader users database, Summer of Restless Beauty users database, Sony Wonder coupons database, Sony Wonder music codes database, Seinfeld Del Boca Vista database (DatalossDB Entry)122011-06-02Sony BMG Belgium (sonybmg.be) database exposed26.54LulzSecRecords Breached: Email addresses, usernames, cleartext passwords, internal release dates of records, sales reports (DatalossDB Entry)132011-06-02Sony BMG Netherlands (sonybmg.nl) database exposed26.54LulzSecRecords Breached: Usernames, cleartext passwords2011-06-02Sony, Epsilon Testify Before Congress26.54Tim Schaaff, President of Sony Network Entertainment International Witness Testimony (PDF)"Sony Network Entertainment and Sony Online Entertainment have always made concerted and substantial efforts to maintain and improve their data security systems."142011-06-03Sony Europe database leaked26.38IdahcDump of the apps.pro.sony.eu database via SQL InjectionRecords Breached: 120 names, phone numbers and e-mail addresses (DatalossDB Entry)2011-06-05Latest Hack Shows Sony Didn't Plug Holes"Group members said their motivation was to show Sony execs weren't telling the truth when they tried to reassure customers they had revamped security to prevent the simple, almost identical exploits that allowed a range of hackers to take over one of its networks after another beginning in mid-April."152011-06-05Sony Pictures Russia (www.sonypictures.ru) databases leakedunknownAnother SQL injection attack. @LulzSec confirms they did not find it.Records Breached: all (?) databases of Sony Pictures Russia2011-06-06LulzSec member arrestedBased on a post to Full-Disclosure, rumors that a member of LulzSec was arrested circulated widely. This news was included in several articles that did not validate the information. LulzSec issued a statement saying the news was wrong, and that "ev0" was not a member of the group. Arik Hesseldahl actually contacted a source at the FBI to confirm this and covered the details in an article.162011-06-06LulzSec Hackers Post Sony Computer Entertainment Developer Network (SCE Devnet)25.76LulzSec(additional article #1), (additional article #2), LulzSec "press release" on incidentData Leaked: 54meg torrent of Sony Computer Entertainment Developer Network (SCE Devnet) source code172011-06-06LulzSec hits Sony BMG, leaks internal network maps>25.76LulzSecWhile @LulzSec released the data in one torrent, the group confirmed the BMG maps did not come from SCE Devnet (tweet since deleted), making this a distinct and separate compromise.Data Leaked: Sony BMG internal network maps182011-06-08Sony Portugal latest to fall to hackers25.25IdahcDump of the sonymusic.pt database. Idahc says he found SQL injection, cross-site scripting (XSS) and Iframe injection vulnerabilities in the site.Records Breached: Customer e-mail addresses (DatalossDB Entry)192011-06-08Spoofing lead to fraud via shopping coupons at Sonisutoa / My Sony Club (Google Translation)25.25unknownThrough "spoofing", an attacker used 95 accounts to exchange online shopping coupons worth 278,000 points at Sonisutoa (My Sony Club), defrauding Sony of ~ 280,000 yen (~ US$3,500). Sony cannot confirm if e-mail addresses or passwords were leaked.2011-06-11Spain Arrests 3 Suspects in Sony Hacking CaseFrom the article: "According to a police statement, the suspects are part of Anonymous.."202011-06-20SQLI on sonypictures.fr24.28Idahc and Auth3ntiqSQL injection reveals hashed passwords and e-mail addresses. Idahc announced the day before that the site was vulnerable.Records Breached: 177,172 e-mail addresses (DatalossDB Entry)2011-06-23Class Action Lawsuit Filed Against Sony/SCEASuit alleges Sony fired employees in network security weeks before breach2011-06-28Sony CEO asked to step down on heels of hacking fiasco25.42".. the CEO sidestepped the request and instead pointed out that Sony is hardly the only company to face this kind of cyber assault."212011-07-06Hackers posts fake celebrity stories on Sony site26.93sonymusic.ie (Ireland) defaced to include the fake stories.2011-10-12Sony Press Release: 93,000 PSN Account Passwords Compromised20.06Note: The attack was performed using brute force guessing of accounts. The problem was due to customers using weak passwords. It could be argued that Sony should enforce a stronger password policy.Given the recent testimony from Tim Schaaff, President of Sony Network Entertainment International, one may be led to believe that Sony has been proactive in their digital security. Schaaff told the Subcommittee on Commerce, Manufacturing and Trade, part of the House of Representatives Energy & Commerce Committee, that "Sony Network Entertainment and Sony Online Entertainment have always made concerted and substantial efforts to maintain and improve their data security systems." Looking at a brief, and very likely incomplete, history of Sony's hacking problems, this statement seems absurd.
Schaaff goes on to say "The attack on us was, we believe, unprecedented in its size and scope." With the string of recent high-profile attacks against Lockheed Martin, RSA Security, and HBGary Federal (by the same group allegedly involved in the Sony PSN hack), this comment seems disingenuous. Further, between 2001-02-05 and 2001-05-05, Sony was attacked and compromised 11 times. While this is a slightly bigger time frame than the recent activity (2011-04-17 to 2011-06-02), given the first run was in 2001 and attacks were arguably less frequent (while defacements were considered high profile and got a lot of attention), can Sony really back up this comment?
Note: This list is likely incomplete, and just represents a quick search of past Sony activity related to the insecurity of their networks. Events involving vulnerable Sony software or the manyrootkit fiascos are not included.
Jun 4 Update: Elinor Mills pointed out the 06/03 Europe database eventJun 4 Update: Kane Lightowler sent 20 legacy eventsJun 4 Update: Gene Spafford sent a link to his blog about his testimonyJun 4 Update: Several pointed out Sony rootkit drama. Updated note disclaiming scope of legacy tableJun 4 Update: @pctservices01 provided link about PS3 Hackers UnbanningJun 4 Update: Tuna informs me that Prolexic provided DDoS mitigation services onlyJun 5 Update: Peter Downey provided link about PS3 Hackers / Modern Warfare 2Jun 5 Update: Added SNE closing stock price for the day of each incident. Idea courtesy Ryan RussellJun 5 Update: @LulzSec points out two missing compromises on Jun 6Jun 5 Update: Sony Music Brazil defacement confirmed as happening ~ 2010-11-12, and remains unfixed since (thanks Kane Lightowler)Jun 6 Update: Added Network World's timeline for the PSN breachJun 6 Update: Added confirmation to Sony Russia, that @LulzSec was not responsibleJun 6 Update: Added clarification about LulzSec targeting elderly to 6/2 Sony Pictures incidentJun 6 Update: Added entry to cover the supposed news of a LulzSec member being arrestedJun 9 Update: Added link to DatalossDB for #14Jun 9 Update: Thanks to @MasafumiNegishi and @superspryte for translation helpJun 12 Update: Added original DDoS and REBUG links. Thanks Laurens Vets for REBUG info.Jun 18 Update: Alldas.de sent us a copy of their defacement mirror from ~ 2001. Updated the legacy list to include a lot of defacementsDec 8 2014 Update: Added new huge Sony Pictures breach as separate table, since three years later
Sony Fires Back at Obama: "We Had No Choice" But to Cancel 'The Interview' Release - The Hollywood Reporter
Sun, 21 Dec 2014 03:07
After President Obama criticized Sony for its decision to cancel The Interview's release after theater chains decided not to show the film, the studio has issued a statement elaborating on the move.
"The decision not to move forward with the December 25 theatrical release of The Interview was made as a result of the majority of the nation's theater owners choosing not to screen the film," the statement said. "This was their decision."
A source tells The Hollywood Reporter that Sony was surprised by the president's comments and did, in fact, have many conversations with the White House both before and after the movie was pulled Wednesday. That would fly in the face of President Obama's claim that the studio never approached him for advice on how to handle the threats of violence that invoked the 9/11 terror attacks. Sony Pictures Entertainment chairman and CEO Michael Lynton taped an interview with CNN on Friday, and part of it was aired that reaffirmed the studio had been in contact with the White House.
"We definitely spoke to senior advisers or a senior adviser in the White House to discuss the situation," Lynton saidin the interview with CNN, adding that although he didn't directly talk to President Obama himself, "the White House was certainly aware of the situation."
During his press conference Friday, the president said he wished the studio would have "spoken to me first. I would have told them 'Do not get into a pattern in which you are intimidated by these kinds of criminal attacks.' " The source insists to THR that the studio engaged in multiple conversations with the White House; however, they were not directly with the president but were with his staff.
In the press conference, Obama had sharp words for the studio. "Sony is a corporation. It suffered significant damage. There were threats against its employees. I am sympathetic to the concerns that they faced. Having said all that, yes, I think they made a mistake," the president said.
Read moreObama: Sony "Made a Mistake" Canceling 'The Interview' Release
The FBI confirmed earlier in the day the link between the hacking group that calls itself Guardians of Peace and the North Korean regime. The "North Korean government is responsible for these actions," the agency said of the attack, which was first noticed by the studio Nov. 24 but was likely carried out well before.
Salaries, personal data, movie budgets and more than 12,000 messages from Sony Pictures Entertainment co-chairman Amy Pascal's email inbox were leaked.
Prior to the release of Seth Rogen and James Franco's The Interview, which featured the assassination of North Korean leader Kim Jong Un, hackers sent threatening messages to Sony invoking the terror attacks of Sept. 11, 2001.
Sony allowed theater chains to make the decision to show the film or not, and major theater chains decided against showing the film.
Sony's full statement reads:
Sony Pictures Entertainment is and always has been strongly committed to the First Amendment. For more than three weeks, despite brutal intrusions into our company and our employees' personal lives, we maintained our focus on one goal: getting the film The Interview released. Free expression should never be suppressed by threats and extortion.
The decision not to move forward with the December 25 theatrical release of The Interview was made as a result of the majority of the nation's theater owners choosing not to screen the film. This was their decision.
Let us be clear '-- the only decision that we have made with respect to release of the film was not to release it on Christmas Day in theaters, after the theater owners declined to show it. Without theaters, we could not release it in the theaters on Christmas Day. We had no choice.
After that decision, we immediately began actively surveying alternatives to enable us to release the movie on a different platform. It is still our hope that anyone who wants to see this movie will get the opportunity to do so.
Sony Hack: North Korea Proposes Joint Investigation - The Hollywood Reporter
Sun, 21 Dec 2014 03:06
SEOUL, South Korea (AP) '-- North Korea on Saturday proposed a joint investigation with the U.S. into the hacking attack against Sony Pictures Entertainment, warning of "serious" consequences if Washington rejects a probe that it believes would prove Pyongyang had nothing to do with the cyberattack.
The proposal was seen by analysts as a typical ploy by the North to try to show that it is sincere, even though it knows the U.S. would never accept its offer for a joint investigation.
Read more Chinese Newspaper: 'The Interview' Shows Hollywood's "Senseless Cultural Arrogance"
U.S. officials blame North Korea for the hacking, citing the tools used in the Sony attack and previous hacks linked to the North, and have vowed to respond. The break-in resulted in the disclosure of tens of thousands of confidential Sony emails and business files, and escalated to threats of terror attacks against U.S. movie theaters that caused Sony to cancel the Christmas Day release of The Interview, a comedy about a plot to assassinate North Korean leader Kim Jong Un.
On Saturday, an unidentified North Korean Foreign Ministry spokesman in Pyongyang proposed the joint investigation with the U.S., saying the North knows how to prove it's not responsible for the hacking. He also said Washington was slandering Pyongyang by spreading unfounded rumors.
"The U.S. should bear in mind that it will face serious consequences in case it rejects our proposal for joint investigation and presses for what it called countermeasures while finding fault with" North Korea, the spokesman said in a statement carried by Pyongyang's official Korean Central News Agency, or KCNA.
"We have a way to prove that we have nothing to do with the case without resorting to torture, as the CIA does," he said, adding that the U.S. lacks any specific evidence tying North Korea to the hacking.
The White House had no immediate comment Saturday.
Koh Yu-hwan, a professor at Seoul's Dongguk University, called the North's proposal a "typical" tactic the country has taken in similar disputes with rival countries. In 2010, North Korea proposed a joint investigation after a South Korean-led international team concluded that the North was behind a torpedo attack that killed 46 South Korean sailors, though Pyongyang denied its involvement. South Korea rejected the North's offer for the joint probe.
"They are now talking about a joint investigation because they think there is no conclusive evidence," Koh said. "But the U.S. won't accede to a joint investigation for the crime."
Read moreSony Hit With Fourth and Fifth Class-Action Lawsuits Over Stolen Data (Exclusive)
On Friday, President Barack Obama declared that Sony "made a mistake" in shelving the satirical film about a plot to assassinate the North Korean leader, and pledged that the U.S. would respond "in a place and manner and time that we choose" to the hacking attack on Sony that led to the movie's withdrawal.
"I wish they had spoken to me first. ... We cannot have a society in which some dictator someplace can start imposing censorship," Obama said at a year-end news conference, speaking of executives at Sony Pictures Entertainment.
Sony said it had had no choice but to cancel distribution of the movie because theaters were refusing to show it.
U.S. options for acting against North Korea are limited. The U.S. already has severe trade sanctions in place, and there is no appetite for military action. Even if investigators could identify and prosecute the individual hackers believed responsible, there's no guarantee that any located are overseas would ever see a U.S. courtroom. Hacking back at North Korean targets by U.S. government experts could encourage further attacks against American targets.
North Korea and the U.S. remain in a technical state of war because the 1950-53 Korean War ended with an armistice, not a peace treaty. The rivals also are locked in an international standoff over the North's nuclear and missile programs and its alleged human rights abuses.
Earlier Saturday, North Korea angrily denounced a move by the United Nations to bring its human rights record before the Security Council and renewed its threat to further bolster its nuclear deterrent against what it called a hostile policy by the U.S. to topple its ruling regime.
Pyongyang "vehemently and categorically rejects" the resolution passed by the U.N. General Assembly that could open the door for its leaders, including Kim Jong Un, to be hauled before the International Criminal Court for crimes against humanity, according to a Foreign Ministry statement carried by KCNA.
The Security Council is due to meet Monday to discuss Pyongyang's human rights situation for the first time.
The meeting caps almost a year of international pressure, and even though ally China could use its veto power to block any action against the North, the nonbinding resolution has broad support in the General Assembly and has drawn unusually strong and vitriolic protests from Pyongyang.
Sony Hackers Appear to Mock FBI in Latest Message - The Hollywood Reporter
Sun, 21 Dec 2014 03:06
Must ReadsMichael Wolff: 8 Hollywood Predictions for 2015
Chris Pratt, Angelina Jolie, Taylor Swift and Hollywood's 26 Rule Breakers of 2014
Angelina Jolie on Ditching Her Team, Directing Brad Pitt: "A Therapist Would Have a Field Day"
Film Fighters, All in One Frame: J.J. Abrams, Judd Apatow, Bennett Miller, Christopher Nolan and Edgar Wright
Perverted Wolves, Cheating Wives and a Fired 10-Year-Old: The Dark Path to Disney's 'Into the Woods'
Chris Rock Pens Blistering Essay on Hollywood's Race Problem
Hollywood's 100 Favorite Gifts
What Hollywood EarnsHollywood Salaries Revealed
Studio Perks of the Hollywood Exec: Home Screening Rooms, Private Jets, Huge Expense Accounts
Jessica Alba's Tears on Her Way to Building a $1 Billion Business
FAUXTRIBUTION? | Krypt3ia
Sat, 20 Dec 2014 16:48
Well here we are'... It's the beginning of the cyber wars my friends. POTUS came out on stage and said that we would have a ''proportionate response'' to the hacking of Sony and that in fact the US believes that it was in fact Kim Jong Un who was behind this whole thing. Yup, time to muster the cyber troops and attack their infrastructure!
So yeah, let's take a step back here and ponder the FBI statement today on colonel mustard in the study with the laptop before we go PEW PEW PEW ok?
FBI Statement:Today, the FBI would like to provide an update on the status of our investigation into the cyber attack targeting Sony Pictures Entertainment (SPE). In late November, SPE confirmed that it was the victim of a cyber attack that destroyed systems and stole large quantities of personal and commercial data. A group calling itself the ''Guardians of Peace'' claimed responsibility for the attack and subsequently issued threats against SPE, its employees, and theaters that distribute its movies.
The FBI has determined that the intrusion into SPE's network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees' personally identifiable information and confidential communications. The attacks also rendered thousands of SPE's computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the company's business operations.
After discovering the intrusion into its network, SPE requested the FBI's assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber attack. Sony's quick reporting facilitated the investigators' ability to do their jobs, and ultimately to identify the source of these attacks.
As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea's attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attempt'--whether through cyber-enabled means, threats of violence, or otherwise'--to undermine the economic and social prosperity of our citizens.
The FBI stands ready to assist any U.S. company that is the victim of a destructive cyber attack or breach of confidential business information. Further, the FBI will continue to work closely with multiple departments and agencies as well as with domestic, foreign, and private sector partners who have played a critical role in our ability to trace this and other cyber threats to their source. Working together, the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests.
Parsing the language:Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.The language of this report is loose and very much like an FBI statement would be when they are not so sure. Remember that the FBI did not originally link all of this to DPRK. Now though, with the same data as we all had before they are definitively tentatively saying ''It's DPRK'' which makes people like me mental. So let's look at these IP's that were hard coded into the malware and take the idea to task that they are assets that ONLY the DPRK could use or has used and how that very idea has so much cognitive dissonance where ''evidence'' is concerned. Especially evidence where a nation state is going to ''respond proportionally'' to another for actions they claim they perpetrated.
The key here is to pay attention to the GEO-IP stuff they are using:
A summary of the C2 IP addresses:
IP AddressCountryPortFilename22.214.171.124Thailand8080Diskpartmg16.exeigfxtrayex.exeigfxtpers.exe126.96.36.199Poland8000Diskpartmg16.exeigfxtrayex.exe188.8.131.52Italy8000Diskpartmg16.exeigfxtrayex.exe184.108.40.206Bolivia8000File 7220.127.116.11Singapore8080File 718.104.22.168Cypress8080File 722.214.171.124United States''igfxtpers.exe
See now all of these IP's could be used by just about anyone. They are not in country at the DPRK and they are not on Chinese soil either. In fact here is the dope on each one:
Thailand: 126.96.36.199: Thailand port 8080 is a proxy:188.8.131.52-184.108.40.206220.127.116.1118.104.22.168/23 Proxy-registered route object THAMMASAT Thammasat University 2 Phrachan Road, Phranakorn, Bangkok 10200, ThailandAS37992 THAMMASAT-BORDER-AS Thammasat UniversityThailandIt has also been seen as a very dirty player in SPAM and other nefarious actions.. Not just DPRK/CN APT Activities
So really, this one could be used by anyone and everyone.
Poland: 22.214.171.124 8080:126.96.36.199-188.8.131.52184.108.40.206220.127.116.11/16 TPNET INTER-PARTS INTER-PARTS IMPORT EKSPORT WALDEMAR BACLAWSKI UL. JARZEBINOWA 4 11-034 STAWIGUDAAS5617 TPNET Orange Polska Spolka AkcyjnaOlsztyn, PolandPoland too is known to be dirty and used for SPAM and malware C&C's as well. Many different groups are using this and it too is a proxy. So once again, this does not prove out solidly that this is DPRK. It could in fact be anyone who is in the know about it's being there and use. Many of these addresses are on sites all over the web for use in this and other capacities.
In fact here is a site that has the password to the system (Chinese)
Italy 18.104.22.168 800088.53.215.64-22.214.171.124126.96.36.19988-53-215-64.WDSL.NEOMEDIA.IT188.8.131.52/15 INTERBUSINESS IT-INTERBUSINESS-20050930 Telecom Italia S.p.a.AS3269 ASN-IBSNAZ Telecom Italia S.p.a.ItalyOnce again, Italy has the same issue. It is a known dirty address/system and has been used for SPAM and Malware C&C's before. This does not mean that it is in fact solely under the control of DPRK.
Site listing the proxy as available and the qualities of the anonymity
Here's another listing: http://dogdev.net/Proxy/IT
Bolivia 184.108.40.206 8000220.127.116.11-18.104.22.16822.214.171.124126.96.36.199/20188.8.131.52/24 This is a DiViNetworks customer route-object which is being exported under this origin AS6568 (origin AS). This route object was created because no existing route object with the same origin was found. Please contact firstname.lastname@example.org if you have any questions regarding this object. BO-ESEN-LACNIC Entel S.A. '' EntelNetAS6568 ENTEL-SA-BOLIVIA ENTEL S.A. BOLIVIALa Paz, Bolivia
Here's a listing from 2012 on the Bolivian proxy (blackhat forum)
Another listing: http://www.vipsocks24.com/2012/01/20-01-12-l1l2-anonymous-proxies-list.html
Starting Nmap 6.47 ( http://nmap.org ) at 2014-12-20 05:15 ESTNmap scan report for 184.108.40.206Host is up (0.17s latency).Not shown: 92 closed portsPORT STATE SERVICE VERSION80/tcp open http Apache httpd 2.2.3 ((Win32))135/tcp open msrpc Microsoft Windows RPC139/tcp filtered netbios-ssn445/tcp filtered microsoft-ds1720/tcp filtered H.323/Q.9315800/tcp open vnc-http RealVNC 4.0 (resolution: 400250; VNC TCP port: 5900)(remote auth bypass)5900/tcp open vnc RealVNC Personal (protocol 4.0)10000/tcp open http GeoVision GeoHttpServer for webcams
Singapore 220.127.116.11 808058.185.154.99-18.104.22.16822.214.171.124126.96.36.199/17 Singapore Telecommunications Ltd SINGNET-SG SingNet Pte Ltd 2 Stirling Road #03-00 Queenstown Exchange Singapore 148943AS3758 SINGNET SINGNETSingapore, Singapore
Singapore Proxy on offer online
Cyprus 188.8.131.52 8080184.108.40.206-220.127.116.1118.104.22.168NB5-100.STATIC.CYTANET.COM.CY22.214.171.124/20126.96.36.199/22 Proxy-registered route object CYTANET PROVIDER Local RegistryAS6866 CYTA-NETWORK Cyprus Telecommunications ACyprus
USA 188.8.131.52 (no port listed)184.108.40.206-220.127.116.1118.104.22.168RRCS-208-105-226-235.NYS.BIZ.RR.COM22.214.171.124/17 RR-Route RCNYAS11351 RoadRunner RR-Binghamton-RochesterSyracuse, United States
Starting Nmap 6.47 ( http://nmap.org ) at 2014-12-19 21:13 ESTNmap scan report for rrcs-208-105-226-235.nys.biz.rr.com (126.96.36.199)Host is up (0.070s latency).Not shown: 94 filtered portsPORT STATE SERVICE135/tcp open msrpc443/tcp open https3128/tcp closed squid-http
Hollywood Cowardice: George Clooney Explains Why Sony Stood Alone In North Korean Cyberterror Attack | Deadline
Fri, 19 Dec 2014 15:29
EXCLUSIVE: As it begins to dawn on everyone in Hollywood the reality that Sony Pictures was the victim of a cyberterrorist act perpetrated by a hostile foreign nation on American soil, questions will be asked about how and why it happened, ending with Sony cancelling the theatrical release of the satirical comedy The Interview because of its depiction of North Korean dictator Kim Jong-un. One of those issues will be this: Why didn't anybody speak out while Sony Pictures chiefs Amy Pascal and Michael Lynton were embarrassed by emails served up by the media, bolstering the credibility of hackers for when they attached as a cover letter to Lynton's emails a threat to blow up theaters if The Interview was released?
George Clooney has the answer. The most powerful people in Hollywood were so fearful to place themselves in the cross hairs of hackers that they all refused to sign a simple petition of support that Clooney and his agent, CAA's Bryan Lourd, circulated to the top people in film, TV, records and other areas. Not a single person would sign. Here, Clooney discusses the petition and how it is just part of many frightening ramifications that we are all just coming to grips with.
RelatedSony Hit With Third Hacking Class Action Lawsuit By ''Left In The Dark'' Ex-Employees
DEADLINE: How could this have happened, that terrorists achieved their aim of cancelling a major studio film? We watched it unfold, but how many people realized that Sony legitimately was under attack?GEORGE CLOONEY: A good portion of the press abdicated its real duty. They played the fiddle while Rome burned. There was a real story going on. With just a little bit of work, you could have found out that it wasn't just probably North Korea; it was North Korea. The Guardians Oof Peace is a phrase that Nixon used when he visited China. When asked why he was helping South Korea, he said it was because we are the Guardians of Peace. Here, we're talking about an actual country deciding what content we're going to have. This affects not just movies, this affects every part of business that we have. That's the truth. What happens if a newsroom decides to go with a story, and a country or an individual or corporation decides they don't like it? Forget the hacking part of it. You have someone threaten to blow up buildings, and all of a sudden everybody has to bow down. Sony didn't pull the movie because they were scared; they pulled the movie because all the theaters said they were not going to run it. And they said they were not going to run it because they talked to their lawyers and those lawyers said if somebody dies in one of these, then you're going to be responsible.
RelatedSony Hack Needs Tempered Response, White House Says
We have a new paradigm, a new reality, and we're going to have to come to real terms with it all the way down the line. This was a dumb comedy that was about to come out. With the First Amendment, you're never protecting Jefferson; it's usually protecting some guy who's burning a flag or doing something stupid. This is a silly comedy, but the truth is, what it now says about us is a whole lot. We have a responsibility to stand up against this. That's not just Sony, but all of us, including my good friends in the press who have the responsibility to be asking themselves: What was important? What was the important story to be covering here? The hacking is terrible because of the damage they did to all those people. Their medical records, that is a horrible thing, their Social Security numbers. Then, to turn around and threaten to blow people up and kill people, and just by that threat alone we change what we do for a living, that's the actual definition of terrorism.
RelatedSony Hack Deepens Rift Between Film & Television Group
DEADLINE: I've been chasing the story of the petition you were circulating for a week now. Where is it, and how were these terrorists able to isolate Sony from the herd and make them so vulnerable?CLOONEY: Here's the brilliant thing they did. You embarrass them first, so that no one gets on your side. After the Obama joke, no one was going to get on the side of Amy, and so suddenly, everyone ran for the hills. Look, I can't make an excuse for that joke, it is what it is, a terrible mistake. Having said that, it was used as a weapon of fear, not only for everyone to disassociate themselves from Amy but also to feel the fear themselves. They know what they themselves have written in their emails, and they're afraid.
Related'The Interview' Faces Uncertain Future Internationally
DEADLINE: What happened when you sent the petition, and who did you ask to sign it?CLOONEY: It was a large number of people. It was sent to basically the heads of every place. They told Bryan Lourd, ''I can't sign this.'' What? How can you not sign this? I'm not going to name anyone, that's not what I'm here to do, but nobody signed the letter, which I'll read to you right now.
On November 24 of this year, Sony Pictures was notified that it was the victim of a cyber attack, the effects of which is the most chilling and devastating of any cyber attack in the history of our country. Personal information including Social Security numbers, email addresses, home addresses, phone numbers and the full texts of emails of tens of thousands of Sony employees was leaked online in an effort to scare and terrorize these workers. The hackers have made both demands and threats. The demand that Sony halt the release of its upcoming comedy The Interview, a satirical film about North Korean dictator Kim Jong Un. Their threats vary from personal'--you better behave wisely'--to threatening physical harm'--not only you but your family is in danger. North Korea has not claimed credit for the attack but has praised the act, calling it a righteous deed and promising merciless measures if the film is released. Meanwhile the hackers insist in their statement that what they've done so far is only a small part of our further plan. This is not just an attack on Sony. It involves every studio, every network, every business and every individual in this country. That is why we fully support Sony's decision not to submit to these hackers' demands. We know that to give in to these criminals now will open the door for any group that would threaten freedom of expression, privacy and personal liberty. We hope these hackers are brought to justice but until they are, we will not stand in fear. We will stand together.
DEADLINE: That doesn't sound like a hard paper to sign.CLOONEY: All that it is basically saying is, we're not going to give in to a ransom. As we watched one group be completely vilified, nobody stood up. Nobody took that stand. Now, I say this is a situation we are going to have to come to terms with, a new paradigm and a new way of handling our business. Because this could happen to an electric company, a car company, a newsroom. It could happen to anybody.
RelatedSony Hacks, Amy Pascal & Scott Rudin's E-mails: Whose News Is It Anyway?
DEADLINE: You said you won't name names, but how many people were asked and refused to sign? CLOONEY: It was a fairly large number. Having put together telethons where you have to get all the networks on board to do the telethon at the same time, the truth is once you get one or two, then everybody gets on board. It is a natural progression. So here, you get the first couple of people to sign it and '... well, nobody wanted to be the first to sign on. Now, this isn't finger-pointing on that. This is just where we are right now, how scared this industry has been made. Quite honestly, this would happen in any industry. I don't know what the answer is, but what happened here is part of a much larger deal. A huge deal. And people are still talking about dumb emails. Understand what is going on right now, because the world just changed on your watch, and you weren't even paying attention.
RelatedSony Has ''No Further Release Plans'' For 'The Interview' On VOD Or Elsewhere
DEADLINE: What kind of constraints will this put on storytellers that want to shine a critical light on a place like Russia, for instance, with something like a movie about the polonium poisoning of Alexander Litvinenko, the KGB officer who left and became an outspoken critic of Vladimir Putin?CLOONEY: What's going to happen is, you're going to have trouble finding distribution. In general, when you're doing films like that, the ones that are critical, those aren't going to be studio films anyway. Most of the movies that got us in trouble, we started out by raising the money independently. But to distribute, you've got to go to a studio, because they're the ones that distribute movies. The truth is, you're going to have a much harder time finding distribution now. And that's a chilling effect. We should be in the position right now of going on offense with this. I just talked to Amy an hour ago. She wants to put that movie out. What do I do? My partner Grant Heslov and I had the conversation with her this morning. Bryan and I had the conversation with her last night. Stick it online. Do whatever you can to get this movie out. Not because everybody has to see the movie, but because I'm not going to be told we can't see the movie. That's the most important part. We cannot be told we can't see something by Kim Jong-un, of all f*cking people.
RelatedAl Sharpton Meets With Amy Pascal: Will Work To Address Hollywood's ''Cultural Blindness''
DEADLINE: Some have pointed fingers at the media that feasted on these tawdry emails. Were they culpable in giving the terrorists a foothold, as Aaron Sorkin has said?CLOONEY: I do know something about the news world. I was sitting on the floors of newsrooms since I was seven years old, and I've been around them my whole life. I understand that someone looks at a story with famous people in it and you want to put it out. OK. It's a drag, and it's lame. But there's not much you can do about it. You can't legislate good taste. The problem is that what happened was, while all of that was going on, there was a huge news story that no one was really tracking. They were just enjoying all the salacious sh*t instead of saying, ''Wait a minute, is this really North Korea? And if it is, are we really going to bow to that?'' You could point fingers at Sony pulling the film, but they didn't have any theaters, they all pulled out. By the way, the other studios were probably very happy because they had movies of their own going in for Christmas at the same cineplexes. There's this constant circle, this feeding frenzy. What I'm concerned about is content. I'm concerned that content now is constantly going to be judged on a different level. And that's a terrible thing to do. What we don't need happening in any of our industries is censorship. The FBI guys said this could have happened to our government. That's how good these guys were. It's a serious moment in time that needs to be addressed seriously, as opposed to frivolously. That's what is most important here.
RelatedJapan-North Korea Talks Seen Unaffected By Sony Hack Attack Revelations
DEADLINE: As Amy and Michael took their turn in the barrel because of these emails, some questioned why they'd approve a movie that ends with the death of a standing dictator in a hostile foreign country. Others have said she should be able to make any film she wants. It's a satire. What do you think?CLOONEY: The South Park guys did it. They blew up his father's head. The truth of the matter is, of course you should be able to make any movie you want. And, you should take the ramifications for it. Meaning, people can boycott the movie and not go see your film. They can say they'll never see a Sony movie again. That's all fine. That's the risk you take for the decision you make. But to say we're going to make you pull it. We're going to censor you. That's a whole other game. That is playing in some serious waters and it's a very dangerous pool.
RelatedHollywood Hits Twitter To Vent Anger About 'The Interview' Being Pulled
DEADLINE: You mentioned Team America. Some theaters wanted to show it on Christmas after The Interview was pulled as a show of defiance and Paramount pulled it back. They too are afraid of being in the hacker cross hairs.CLOONEY: Everybody is looking at this from self interest and they are right in this sense. I'm a movie theater and I say, ''OK, there's been a threat. Not really a credible threat, but there's a threat, and my lawyers call and tell me, ''Well, you run the movie and you could be liable.'' And all the other movies around it are going to have their business hurt. I understand that, and it makes complete sense. But that's where we really need to figure what the real response should be. I don't know what that is yet. We should be talking about that and not pointing fingers at people right now. Right now, it's not just our community but a lot of communities. We need to figure out, what are we going to do now '-- when we know the cyberattacks are real, and they're state-sponsored.
RelatedGore Verbinski On Cancellation Of North Korea-Based Steve Carell Film
DEADLINE: Knowing what we do now, what does the government owe Sony?CLOONEY: I've seen statements they've put out and what the president said and what the response is. The truth is, it's all new territory and nobody knows how to handle it. I don't think anyone was prepared for it. So now we'll be prepared for it, hopefully. Everybody was doing their jobs, but somehow, we have allowed North Korea to dictate content, and that is just insane.
DEADLINE: You said everyone acts based on self interest. What's yours?CLOONEY: I wanted to have the conversation because I'm worried about content. Frankly, I'm at an age where I'm not doing action films or romantic comedies. The movies we make are the ones with challenging content, and I don't want to see it all just be superhero movies. Nothing wrong with them, but it's nice for people to have other films out there.
Death of a President (2006) - IMDb
Sun, 21 Dec 2014 02:00
6 wins & 1 nomination.See more awards >>Learn morePeople who liked this also liked... The Great Dome Robbery
Jul 13 2002
The Day Britain Stopped
May 13 2003
Kyongaehanun choego saryonggwan tongjinun uriui unmyong
Mort d'un pr(C)sident
Apr 12 2011
Crime | Drama | News
123456789107.4/10X Post 9/11 definitions, ideas and notions of terrorism are challenged in this highly controversial and experimental film. Machetero is an allegorical narrative that follows French journalist... See full summary >>
Director: vagabond Beaumont
Stars: Isaach De Bankol(C), Not4Prophet, Kelvin Fernandez
Director: Laurent Touil-Tartour
Stars: Vincent Sze
123456789107/10X A group of young employees bet a month's salary, winner takes all, on who can last the longest without going outside.
Director: Gary Burns
Stars: Fab Filippo, Don McKellar, Marya Delver
Action | Comedy
1234567891010/10X Dave Skylark and producer Aaron Rapoport run the celebrity tabloid show "Skylark Tonight." When they land an interview with a surprise fan, North Korean dictator Kim Jong-un, they are recruited by the CIA to turn their trip to Pyongyang into an assassination mission.
Directors: Evan Goldberg, Seth Rogen
Stars: James Franco, Seth Rogen, Randall Park
123456789106.7/10X A thriller set in London's slave trade and centered on a woman's fight for freedom.
Director: Gabriel Range
Stars: Wunmi Mosaku, Isaach De Bankol(C), Lubna Azabal
The Great Dome Robbery
Jul 13 2002
Crime | Drama
123456789105.2/10X Drama that tells the true story of a gang of robbers who planned to steal the world's largest diamond from the Millennium Dome where it is on show, unaware that they have been under police ... See full summary >>
Director: Gabriel Range
Stars: Craig Fairbrass, George Innes, Terry Bird
The Day Britain Stopped
May 13 2003
123456789107.7/10X One day in the near future, a rail strike, traffic congestion and a mid-air plane collision bring the UK's transport system to a halt.
Director: Gabriel Range
Stars: Tim Pigott-Smith, Eric Carte, Andrew Shield
Director: Alejandro P(C)rez Blanco
Stars: Nacho Aldeguer, Miriam Aza, Javier Botet
Kyongaehanun choego saryonggwan tongjinun uriui unmyong
Mort d'un pr(C)sident
Apr 12 2011
Director: Pierre Aknine
Stars: Jean-Fran§ois Balmer, Andr(C) Marcon, Evelyne Buyle
EditStorylineYears after the assassination of President George W. Bush in Chicago, an investigative documentary examines that as-yet-unsolved crime.
Plot Summary|Add SynopsisTaglines:Do not rush to judge.
EditDetailsRelease Date:21 December 2006 (South Korea) See more >>Also Known As:A Morte de George W. Bush See more >>Box OfficeBudget:$2,000,000 (estimated)
Opening Weekend:$167,000 (USA) (27 October 2006)
Gross:$167,000 (USA)(27 October 2006)
See more >>Company CreditsTechnical SpecsRuntime:97 min
Aspect Ratio:1.85 : 1
See full technical specs >>EditDid You Know?TriviaPreexisting footage of President George W. Bush and CGI effects help to create the scenes of his assassination. See more >>GoofsThe archive footage meant to depict President Bush greeting people on the rope line outside a speech to the Economic Club of Chicago was actually taken from an event at Georgia Tech in Atlanta. While the speech in the movie takes place in the evening, President Bush greets one of the people on the rope line by saying "Good morning." See more >>Quotes[end title cards]Title card: One year after his conviction, Jamal Abu Zikri has still not been granted leave to appeal.Title card: He remains on death row in Statevill Correctional Center.Title card: Since recording the interview for this film Robert H Maguire has resigned as Head of the Chicago Field Office of the FBI.Title card: USA PATRIOT III, introduced in the days after the assassination, has since been turned into permanent law.Title card: It has granted investigators unprecedented powers of detention and surveillance, and further expanded ...See more >>
CNN & NPR Refuse to Run Ads for 'Death Of A Prez'; Major Papers See No Problem | Deadline
Sun, 21 Dec 2014 03:40
Neither CNN nor NPR will run ads for Newmarket Films' Death of a President opening this weekend on October 27th, a press release issued by the film's PR rep said today. Already, two major American cinema chains '-- Regal Entertainment Group, the No. 1 U.S. cinema operator with more than 6,300 screens in 40 states, and Cinemark USA, which operates roughly 2,500 screens in 34 states '-- have said they will not show a controversial new movie that depicts the assassination of President George W. Bush. The hugely controversial political thriller from director Gabriel Range, about the fictional assassination of President George W. Bush, became one of the most talked-about films at the Toronto Film festival in September. Since then, the 93-minute pic's subject matter has led to many protests against even the fictional idea of a movie about the killing a U.S. president, much less a sitting U.S. president. Others, however, believe the documentary-style film has an anti-violence message. Range has said he has received death threats since it screened at Toronto, where it won the Prize of the International Critics (FIPRESCI Prize). (The jury of international film critics cited the film ''for the audacity with which it distorts reality to reveal a larger truth.'') Because of its subject matter, the pic had a hard time finding a U.S. distributor until Newmarket stepped forward. Today's PR release helps the film get publicity before it opens this weekend in mostly art houses and regional venues. Even though both print and electronic ads for the pic have been approved by the Motion Picture Association of America, Newmarket Films said it was told by CNN in an email today that the news organization ''has decided not to take the ads because of the extreme nature of the movie's subject matter.'' NPR cited similar reasons in refusing to run sponsorship announcements on behalf of Death of a President, according to the distributor. Other advertising platforms aren't objecting: people connected with the film say broadcast and digital ads for the movie have been accepted by MSNBC, Fox.com, and CNET.com, among others, and print ads have already appeared in major newspapers, including The New York Times, Los Angeles Times, Washington Post, Boston Globe, Chicago Tribune, and Philadelphia Inquirer. ''To refuse to accept ads for a movie is tantamount to saying it shouldn't be seen, and this runs counter to everything we are supposed to believe in as a free society,'' Newmarket co-founder Chris Ball said in a news release today. ''What we find especially troubling is that these decisions are being made by people who we believe have not seen even seen the movie. This rush to judgment tramples on the basic American values of fairness and free expression.'' The director, who also co-wrote the film, uses archive footage of Bush to create the scenes that lead up to the president being shot. Digital effects are used to superimpose his head onto an actor for the assassination scene.
US theatres refuse to screen 'Death of a President' | Zee News
Sun, 21 Dec 2014 03:40
Washington, Oct 8: Most of the biggest theatre chains in the US have reportedly refused to screen the controversial film 'Death of a President', which depicts a fictional assassination of President George W. Bush.The R-rated film sparked controversy when it was premiered last month at the Toronto Film Festival, where it won the International Critics Prize and scored a U.S. distribution deal with Newmarket Films.
Mike Campbell, CEO of Regal Entertainment Group says that portrayal of the future assassination of a sitting President is a big turn off for them, as they don't consider it to be an appropriate subject matter for a film.
"We would not be inclined to program this film. We feel it is inappropriate to portray the future assassination of a sitting President, regardless of political affiliation," E!online quoted him as telling Hollywood Reporter.
Set in 2007, after the passage of the so-called Patriot Act 3, Death of a President plays out like a typical TV documentary, but its writer-director Gabriel Range has used digitally blended archival footage of President Bush with staged scenes to depict his murder, and its aftermath.
The film focuses more on the FBI`s hunt for Bush`s killer, and whether a Syrian-born suspect is really the triggerman.
Bureau Report with ANI inputs
Iranian Hackers Hit Sheldon Adelson's Sands Casino in Las Vegas - Businessweek
Sat, 20 Dec 2014 17:04
Most gamblers were still asleep, and the gondoliers had yet to pole their way down the ersatz canal in front of the Venetian casino on the Las Vegas Strip. But early on the chilly morning of Feb. 10, just above the casino floor, the offices of the world's largest gaming company were gripped by chaos. Computers were flatlining, e-mail was down, most phones didn't work, and several of the technology systems that help run the $14 billion operation had sputtered to a halt.
Computer engineers at Las Vegas Sands Corp. (LVS) raced to figure out what was happening. Within an hour, they had a diagnosis: Sands was under a withering cyber attack. PCs and servers were shutting down in a cascading IT catastrophe, with many of their hard drives wiped clean. The company's technical staff had never seen anything like it.
''This isn't the kind of business you can get into in Iran without the government knowing''
The people who make the company work, from accountants to marketing managers, were staring at blank screens. ''Hundreds of people were calling IT to tell them their computers weren't working,'' says James Pfeiffer, who worked in Sands' risk-management department in Las Vegas at the time. Most people, he recalls, switched over to their cell phones and personal e-mail accounts to communicate with co-workers. Numerous systems were felled, including those that run the loyalty rewards plans for Sands customers; programs that monitor the performance and payout of slot machines and table games at Sands' U.S. casinos; and a multimillion-dollar storage system.
In an effort to save as many machines as they could, IT staffers scrambled across the casino floors of Sands' Vegas properties'--the Venetian and its sister hotel, the Palazzo'--ripping network cords out of every functioning computer they could find, including PCs used by pit bosses to track gamblers and kiosks where slots players cash in their tickets.
This was no Ocean's Eleven. The hackers were not trying to empty a vault of cash, nor were they after customer credit card data, as in recent attacks on Target (TGT), Neiman Marcus, and Home Depot (HD). This was personal. The perpetrators wanted to punish the company, or, more precisely, its chief executive officer and majority owner, the billionaire Sheldon Adelson. Although confirming their conjectures would take some time, executives suspected almost immediately the assault was coming from Iran.
This was new. Other countries have spied on American companies, and they have stolen from them, but this is likely the first time'--occurring months before the late November attack on Sony Pictures Entertainment (SNE)'--that a foreign player simply sought to destroy American corporate infrastructure on such a scale. Both hacks may represent the beginning of a geopolitically confusing, and potentially devastating, phase of digital conflict. Experts worry that America's rivals may have found the sweet spot of cyberwar'--strikes that are serious enough to wound American companies but below the threshold that would trigger a forceful government response. More remarkable still, Sands has managed to keep the full extent of the hack secret for 10 months. In October 2013, Adelson, one of Israel's most hawkish supporters in the U.S., arrived on Yeshiva University's Manhattan campus for a panel titled ''Will Jews Exist?'' Among the speakers that night were a famous rabbi and a columnist from the Wall Street Journal, but the real draw for the crowd in the smallish auditorium was Adelson, a slightly slumped 81-year-old man with pallid jowls and thinning hair who had to be helped onto the stage by assistants. With a net worth of $27.4 billion, Adelson is the 22nd-wealthiest person in the world, thanks mostly to his 52 percent stake in Las Vegas Sands. He has built the most lucrative gaming empire on earth by launching casinos in Singapore and China whose profits now dwarf those coming from Las Vegas. An owner of three news outlets in Israel and a friend of Prime Minister Benjamin Netanyahu, Adelson also spends large sums of money to support conservative politicians in the U.S.; he may be best known for contributing some $100 million in a failed attempt to unseat President Obama and elect Republicans to Congress in the 2012 election.
At Yeshiva he described how he'd handle talks with Iran about its ongoing nuclear program. ''What are we going to negotiate about?'' Adelson asked. ''What I would say is, 'Listen. You see that desert out there? I want to show you something.'''' He would detonate an American warhead in the sand, he said, where it ''doesn't hurt a soul. Maybe a couple of rattlesnakes and scorpions or whatever.'' The message: The next mushroom cloud would rise over Tehran unless the government scrapped any plans to create its own nukes. ''You want to be wiped out? Go ahead and take a tough position,'' Adelson said, to light applause. It took only a few hours for his remarks to be posted on YouTube (GOOG) and ricochet around the Internet. Iran's Supreme Leader Ayatollah Ali Khamenei responded two weeks later, according to the country's semiofficial Fars News Agency, saying America ''should slap these prating people in the mouth and crush their mouths.''
Physically, Adelson and Sands are well protected. He appears in public with a phalanx of armed bodyguards, said to be former agents of the U.S. Secret Service and Mossad, Israel's intelligence agency. Sands paid almost $3.3 million to protect Adelson and his family last year, according to a company filing. That's on top of what Sands spends on vaults, security cameras, biometric screening devices, and one of the largest private police forces of any U.S. company, all to safeguard the millions of dollars of cash and chips that flow through its operations every day.
But the company has been slow to adapt to digital threats. Two years ago it had a cybersecurity staff of five people protecting 25,000 computers, according to a former executive. The board authorized a major upgrade of tools and personnel in 2013, but the project was slated to be rolled out over 18 months, and it was in its infancy as Adelson mused about nuclear strikes at Yeshiva. Unbeknownst to Sands, one month after Khamenei's fiery speech, hackers began to poke around the perimeter of its computer networks, looking for weaknesses. Only later, after the attack, were investigators able to sift through computer logs and reconstruct their movements. These details appear in internal documents describing ''Yellowstone 1,'' the company's code name for the incident, and have been corroborated in interviews with a half-dozen people familiar with the breach and its aftermath. Ron Reese, a spokesman for Sands, declined to answer specific questions about the attack or to make Adelson available.
By Jan. 8, 2014, the hackers were focused on Sands Bethlehem, a 3,000-slot-machine casino and resort in Bethlehem, Pa., which has its own website and computer network. It's a minor outpost in the company's empire, but going after the weak link in the security chain is a well-worn hacker trick. That day, the hackers launched a first, hourlong attack to try to break into the Sands Bethlehem virtual private network, or VPN, which gives employees access to their files from home or on the road.
The hackers used software that cracks password logins by systematically trying as many as several thousand letter combinations per minute; the software keeps going until it either guesses right or runs out of permutations. It's a brute-force method, sort of like the safecracking tools in movies that spin through every possible combination to find the correct set of numbers.
The hackers redoubled their efforts on Jan. 21 and 26, again throwing hourslong attacks at the Bethlehem Sands network. Later, investigators would detect the work of at least two different hackers or teams trying different ways to get in. At the time, IT managers in Bethlehem, alarmed at the sudden surge in failed login attempts, began a conference call with Sands security managers in Las Vegas. But brute-force attempts are common'--almost half of all companies experience them, according to Alert Logic, a Houston security firm'--and the casino staff wasn't overly concerned. They put another layer of security on the accounts that were being attacked, so that entering the network would require more than just a password.
It was of little use: Five days later, on Feb. 1, the hackers found a weakness in a Web development server used by Sands Bethlehem to review and test Web pages before they went live. Once inside, the pace of the attack quickly escalated. Hackers used a tool called Mimikatz to reveal passwords used previously to log in to a computer or server. Collecting passwords as they went, the hackers gained access to almost every Sands file in Bethlehem, according to three people familiar with the incident. But the Bethlehem computer system was a box'--and what they were really after was the key that would let them out.
Sometime before Feb. 9, they found it: the login credentials of a senior computer systems engineer who normally worked at company headquarters but whose password had been used in Bethlehem during a recent trip. Those credentials got the hackers into the gaming company's servers in Las Vegas. As they rifled through the master network, the attackers readied a malware bomb. Typing from a Sony (SNE) VAIO computer, they compiled a small piece of code, only about 150 lines long, in the Visual Basic programming language. The program proved potent. Not only does it wipe the data stored on computers and servers, but it also automatically reboots them, a clever trick that exposes data that's untouchable while a machine is still running. Even worse, the script writes over the erased hard drives with a random pattern of ones and zeros, making data so difficult to recover that it is more cost-effective to buy new machines and toss the hacked ones in the trash. Investigators from Dell SecureWorks working for Sands have concluded that the February attack was likely the work of ''hacktivists'' based in Iran, according to documents obtained by Bloomberg Businessweek. The security team couldn't determine if Iran's government played a role, but it's unlikely that any hackers inside the country could pull off an attack of that scope without its knowledge, given the close scrutiny of Internet use within its borders. ''This isn't the kind of business you can get into in Iran without the government knowing,'' says James Lewis, a senior fellow at the Center for Strategic and International Studies in Washington. Hamid Babaei, a spokesman for Iran's Permanent Mission to the United Nations, didn't return several phone calls and e-mails.
The perpetrators released their malware early in the morning on Monday, Feb. 10. It spread through the company's networks, laying waste to thousands of servers, desktop PCs, and laptops. By the afternoon, Sands security staffers noticed logs showing that the hackers had been compressing batches of sensitive files. This meant that they may have downloaded'--or were preparing to download'--vast numbers of private documents, from credit checks on high-roller customers to detailed diagrams and inventories of global computer systems. Michael Leven, the president of Sands, decided to sever the company entirely from the Internet.
It was a drastic step in an age when most business functions, from hotel reservations to procurement, are handled online. But Sands was able to keep many core operations functioning'--the hackers weren't able to access an IBM (IBM) mainframe that's key to running certain parts of the business. Hotel guests could still swipe their keycards to get into their rooms. Elevators ran. Gamblers could still drop coins into slot machines or place bets at blackjack tables. Customers strolling the casino floors or watching the gondolas glide by on the canal in front of the Venetian had no idea anything was amiss.
Photograph by Paul Hilton/EPA/CorbisAdelson at the Venetian Macau
Leven's team quickly realized that they'd caught a major break. The Iranians had made a mistake. Among the first targets of the wiper software were the company's Active Directory servers, which help manage network security and create a trusted link to systems abroad. If the hackers had waited before attacking these machines, the malware would have made it to Sands' extensive properties in Singapore and China. Instead, the damage was confined to the U.S.
The next day, the hackers took aim at the company's websites, which were hosted by a third party and still running. The hackers defaced them, posting a photograph of Adelson chumming around with Netanyahu, as well as images of flames on a map of Sands' U.S. casinos. At one point, they posted an admonition: ''Encouraging the use of Weapons of Mass Destruction, UNDER ANY CONDITION, is a Crime,'' signing it ''Anti WMD Team.'' The hackers left messages for Adelson himself. One read, ''Damn A, Don't let your tongue cut your throat.'' They also included a scrolling list of information about Sands Bethlehem employees that had been stolen in the breach, including names, titles, Social Security numbers, and e-mail addresses.
In the days after the hack, Sands initially told the press only that its websites had been vandalized and that some office productivity systems, including e-mail, weren't working. Apparently angered that their attack was being minimized, the hackers took to YouTube, posting an 11-minute video set to the music of Carl Orff's pulsing cantata O Fortuna. It began by scrolling through a news article that highlighted Adelson's comments about nuking Iran. Then it showed a computer screen packed with thousands of files and folders, with names such as IT Passwords and Casino Credit, which had been pilfered from Sands.
In the video, which was removed within hours by law enforcement, an unseen hacker clicks into a disk drive titled ''Damn A'' and enters a folder containing almost a terabyte of data. A text box appears: ''Do you really think that only your mail server has been taken down?!! Like hell it has!!'' Three people familiar with the Sands hack confirmed the files seen in the video were genuine.
The company is still tallying the damage. Documents and interviews with people involved in Yellowstone 1 show that the hackers' malicious payload wiped out about three-quarters of the company's Las Vegas computer servers. Leven, in a brief interview last month before a private event, estimated that recovering data and building new systems could cost the company $40 million or more. For years, U.S. officials have warned of the threat of destructive digital attacks against American companies by foreign parties. The latest alarm came on Nov. 20, from National Security Agency Director Michael Rogers, as he testified before the House Intelligence Committee. Pointing to a 2012 attack on Saudi Aramco that wiped out 30,000 of the oil company's computers, Rogers suggested that corporate America so far has been lucky. He kept mum about Sands, even though the attack has been studied and discussed by U.S. national security officials since February.
Months after the Sands fiasco, and just days after Rogers's comments, hackers broke into Sony Pictures Entertainment, crippling the studio's e-mail, payroll, and other systems and leaking gigabytes of company secrets, including full-length cuts of five major holiday films and the Social Security numbers of 47,000 employees and contractors, including Sylvester Stallone and Judd Apatow. Sony hasn't publicly said who's responsible, but according to two people familiar with the incident, FireEye security experts the company hired have connected the attack to a group of hackers known as DarkSeoul, which South Korean and U.S. officials believe works for the North Korean government. The regime denies responsibility, but in June, after learning of the Sony project The Interview'--a comedy about an assassination plot against leader Kim Jong Un'--a government spokesman said North Korea would ''mercilessly destroy anyone who dares hurt or attack the supreme leadership of the country, even a bit.''
This is the next frontier of cyberwarfare. If an enemy of the U.S. were to digitally target the country's electrical grid or natural gas pipelines, the president would consider a range of powerful responses, including military options, according to leaked descriptions of two executive orders signed by President Obama. But Las Vegas casinos don't deliver essential services to the U.S. population, apart from Cirque du Soleil addicts. Nor do movie studios. Even months of nuisance attacks on the websites of major American banks in 2012 and 2013, which U.S. intelligence officials connected to Iran's Republican Guard, didn't meet the threshold. The damage wasn't serious enough.
''If this would have come across my desk when I was in government, I would have just put it in the outbox,'' Michael Hayden, former director of both the CIA and the NSA, says of the Sands attack. The U.S. government will help find who did it, but it won't hit back. That leaves most companies pretty much on their own to face a growing cast of global antagonists wielding devastating digital weapons, he says. ''If there is a physical Chinese attack coming up the Houston Ship Channel, I know who to call,'' Hayden says. ''If there is a cyber Chinese attack coming up the fiber-optic cable in the Houston Ship Channel, what does U.S. law say the U.S. government should do? I think what we're finding is there isn't a real robust answer.''
''Do you really think that only your mail server has been taken down?!! Like hell it has!!''
As early as 2008, military planners were at work on a series of briefing papers about deterrence in cyberspace, examining whether the same principles that kept the Cold War cold could be applied to the coming generation of digital conflict. The answer, they concluded, was no. It's a lot easier to tell who fired a nuclear weapon than a digital one, which is simple to acquire and hard to trace. States often outsource hacking to proxies, including groups that behave a lot like the ones that officially took credit for both Sands (the ''Anti WMD Team'') and Sony (the ''Guardians of Peace'').
In the Sony hack, the first big upload of stolen data was made from Thailand, using the Wi-Fi network of the St. Regis Bangkok, a luxury hotel. Internet functionality in North Korea is so limited that hackers working for the country's military have set up satellite offices in China, Syria, and other countries. But the attackers could also be hired guns. While denying involvement in the hack, a spokesman for the National Defense Commission in Pyongyang praised it as a ''righteous deed.'' The spokesman suggested the perpetrators might have been upset over The Interview, ''a film abetting a terrorist act while hurting the dignity of the supreme leadership.'' FireEye investigators initially prepared a blog post linking DarkSeoul to the attack, but during a meeting on Dec. 3, Sony's general counsel squelched it, perhaps unwilling to poke the hornet's nest again. A Sony spokesman said the company's investigation is ongoing. Similarly, Dell SecureWorks submitted an incident brief to Sands stating that the ''attack was in response to CEO comments regarding Iran.'' Sands executives made their displeasure known, and the next internal report from Dell, about a month later, omitted that page. Dell spokeswoman Elizabeth Clarke declined to comment.
Courtesy Las Vegas Sands CorporationThe Venetian, on the Strip
A growing number of experts, including former national security officials who've seen the problem from the inside, say the next escalation may be companies doing what the U.S. government won't. If states can hire hackers to do damage, why can't their victims defend themselves using the same techniques? The topic, discussed often at panels and conferences, is among the options U.S. officials have considered'--and rejected'--as a response to growing cyberthreats against companies. Hayden, the former NSA director, calls it the digital equivalent of the ''stand your ground'' laws that allow citizens of some states to defend themselves with lethal force. To critics, it's a path to a digital Wild West.
Federal law would have to be changed first, and the Department of Justice has signaled that companies trying to ''hack back'' would be subject to criminal penalties under the Computer Fraud and Abuse Act, among other statutes. Nations that are already a headache for Obama and his national security team seem to understand this and are turning to low-level digital skirmishing to wreak havoc in the computers of American companies.
It's not the cyberwar many predicted, yet it's devastating in its own way. ''Maybe we never get to a digital Pearl Harbor everyone is always talking about, where it all happens at once, and trillions of dollars in value is wiped out,'' says Jason Syversen, founder of Siege Technologies, which provides cyberwarfare tools to the U.S. government. ''Maybe it's just going to go like this'--death by a thousand cuts.''
AKB48-AP News : Why the Sony hack isn't big news in Japan
Sun, 21 Dec 2014 02:20
By TOMOKO A. HOSAKAPublished: TodayJapan's biggest newspaper, Yomiuri Shimbun, featured a story about Sony Corp. on its website Friday. It wasn't about hacking. It was about the company's struggling tablet business.
Over at newswire Kyodo News, just after the FBI formally blamed North Korea for the cyberattack, mega pop group AKB48 topped headlines online instead.
While American journalists have extensively covered the fallout from the unprecedented Sony hacking attack, it hasn't exactly been massive news in Japan. Stories certainly surfaced after President Barack Obama weighed in on the issue at his year-end press conference Friday. But overall it has received relatively modest attention, mostly in short stories on the inside pages of Japan's major newspapers.
This might all be perplexing to the rest of the world since Sony is one of Japan's most iconic global brands. Here are a few reasons why the story hasn't gotten major play in Japan's mainstream media:
SONY vs SONY PICTURES
While Sony Pictures is technically part of the Sony empire, it has long been run as an entirely separate U.S. company. So far, the Japanese media seems to view the hack as an American problem rather than a domestic one. Indeed, at Sony headquarters itself, officials have refused all comment and referred questions about Sony Pictures to the movie division's headquarters in Culver City, California.
"This is seen mainly as an attack on Hollywood," Damian Thong, a senior analyst at Macquarie Capital Securities in Tokyo, said earlier this week. "I feel they want to clean it up as fast they can and just get on with life."
The studio shelved the Christmas Day release of the North Korea spoof movie "The Interview" after the hackers threatened to attack theaters that showed the film. But for Japan, the movie's demise hardly matters. Sony Pictures never planned to show the film there.
Japan's newspapers, which have the highest daily circulations in the world, are inclined to avoid news that is technologically complex. Like hacking. Nobuyuki Hayashi, a veteran freelance tech journalist and consultant based in Tokyo, said the tendency stems from reporters and editors who often don't have a deep understanding of technology. And neither do their aging readers.
"If you are technically savvy and need information (about the Sony hack), you will get it from the Web news media," Hayashi said. "Some technically-savvy people subscribe to a printed newspaper as well, but that's only to read other kinds of news."
It has been a newsy December in Japan, especially with national elections last weekend. Prime Minister Shinzo Abe's Liberal Democratic Party locked up a solid majority in the lower house and reaffirmed his hold on power for up to four more years. In addition to politics, the national chatter was focused on a big blizzard that hit the northern island of Hokkaido this week, dumping heavy snow, derailing trains and killing several people.
AP Business Writer Elaine Kurtenbach contributed to this report.
Our History | Regional News Network
Sun, 21 Dec 2014 04:14
RNN is a privately owned enterprise based in Rye Brook, NY. In 1993 the current ownership purchased a single broadcast station in New York's Hudson Valley reaching less than a quarter million homes. Now our independent network reaches more than six million homes throughout New York, New Jersey and Connecticut. We have spent years building an experienced management team and cutting-edge technological infrastructure. We deliver reliability and professionalism to the news and content production businesses and air diverse programming with regional, national and international content partners. The company owns and operates WRNN-TV, a full-power television station in the New York DMA, and RISE Television. RISE is a cable network distributed on Time Warner, Verizon FiOS and over the air on WRNN-TV DT2. RNN owns, operates, produces or master controls nine channels from its facilities in Rye Brook. RNN and its affiliates produce two 24-hour news channels in the New York DMA and two content channels in the Washington D.C. region for its partners. RNN recently built a new state-of-the-art multi-platform content hub based around the philosophy of finding efficiencies by producing content in a centralized model with the latest technology. It is a scalable and dynamic facility.