We publish the latest gaming and related news from the Industry and also captivating videos from our YouTube channel and partner websites for your daily enjoyment. Our mission is to be the number one media source for all things gaming…from reviews to game updates, strategies, cosplays and more. We bring excitement and enjoyment as well as innovation and inspiration to all fans while enhancing and fueling our community’s geeky passion! 💜
by James Cook Following the Sony hacking scandal, in which thousands of documents from the company’s movie studio were exposed, an IT worker employed by a firm that has access to Sony’s computer network has described the company’s security as a “mess.” “The security team has no f—ing clue,” the employee told Business Insider, speaking about the team’s unpreparedness for a cyberattack. […]
“The security team has no f—ing clue,” the employee told Business Insider, speaking about the team’s unpreparedness for a cyberattack.
Our source told us that Sony’s security was “outdated and ineffective.” The person described Sony’s security policies as “idiotic” and expected more from a company with more than 100,000 employees worldwide.
This attack is unprecedented in nature. The malware was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other organisations of this critical threat.
Our source described that letter as “pathetic,” a criticism that has been shared by many security researchers. Security researcher Adam Caudill told Mashable that Sony Pictures and Mandriant described the attack as “unprecedented” only to save face. Another expert, Adrian Sanabria, told Mashable that “you should definitely be able to detect somebody copying … data systematically.”
The employee who works with the Sony network said the company’s internal IT team was “terrible,” consisting of “incompetent people.”
We saw evidence of just how poor Sony’s security was in the files that hackers posted online. A series of documents stored in a folder named “Password” contained login information for administration accounts, social media accounts, and even SSL certificates. An SSL certificate digitally signs a web page to prove that it’s from that company.
Hackers used the passwords found in that folder to cause more damage, taking over Twitter accounts for Hollywood movies and using them to spread information about the hack.
The source close to Sony also said the company hadn’t learned from previous hacks.
In June 2011 the hacker group LulzSec, an offshoot from Anonymous, hacked into Sony Pictures. They said they obtained “usernames, passwords, email addresses, and dates of birth for thousands of people.” The group used a common tactic against Sony Pictures, using an SQL injection attack to gain access to the company’s computer network.
To our source’s knowledge, none of the security people in contact with the source were fired over previous hacks, and it’s unclear whether Sony terminated anyone for those security lapses. That could mean that the same people who were meant to defend the company’s servers in 2011 are still presiding over its security.
We reached out to Sony for this story and will update if we hear back from them.
We are Editors who write, edit and publish articles and YouTube videos that provide Industry news and reviews of video games and computer games. Our mission is to be the number one media source for all things gaming; from reviews to game updates, strategies, cosplays and more. We bring excitement and enjoyment as well as innovation and inspiration to all fans while enhancing and fueling our community’s gaming passion!
Leave a Reply