[jarcane]

Sony owns several digital release platforms.

If they want this movie out, they could make it happen tomorrow.

This is just PR speak. They might cave and release anyway, but Lynton's statement is deliberately weak and duplicitous, once again attempting to deflect all blame from themselves rather than admit to any mistake on their part.

[zaroth]

I'm not sure they are in complete control, although it's a great image of master manipulation to imagine they are. I'm waiting until I really understand the whole story to start assigning any blame.

I'm more interested at this point in figuring out what this means for the future. Do we live in a world now where state-actors will target specific companies and basically try to rip them to shreds and extort them? Now I'm supposed to personally defend my company and my network against state-sponsored targeted persistent threats?

It should be possible to lock down individual machines which aren't ever supposed to be networked. That's hard enough. I'm personally of the belief that any networked device is ultimately hack-able up to the physical constraints of the network. It's all about how much it will cost an attacker to gain access, and how much they can steal once they get it.

If governments start routinely sponsoring these attacks, I'm very concerned the cost-levels we impose today are 5 - 6 orders of magnitude too low, and the network bandwidth 5 - 6 orders of magnitude too high, to deter these types of attack.

[ikawe]

The state has targeted lots of private conpanies for decades, offering the advice to American companies as a competitive advantage.

This is different from states trying to explicitly destroy another company, but the bottom line is the same: you need to include state actors in your list of potentially hostile attackers, same as any black hat.

[srj]

For probably most nations the "state-actors" part is irrelevant as they have no magic hacking method not afforded to anyone else. The exceptions are nations host to companies that supply hardware and software to be backdoored.

This whole thing has been blown out of proportion.

[thefreeman]

The thing is that from what I can tell this attack is not even in the same order of magnitude as the state sponsored attacks you are referring to.

I haven't found a good write up on the attack, however my understanding is it was mainly due to Sony's lack of security and not the prowess of the hackers.

This was something like SQL Injection and non password protected excel files with employees social security numbers. The state-sponsored APTs you are talking about are hundreds of millions of dollars worth of custom software engineering.

However I agree with your general premise that another government essentially blackmailing one of our private companies is worrying.

[tmzt]

Whatever else there is one thing I'm sure of: we won't let any facts get in the way of Cybergeddon 15.

[tripzilch]

I'm assuming there's all sorts of dirt in that stolen data. Whoever has it, has Sony by the balls.

I'm not blaming Sony for bad security, because as was stated elsewhere, spear-fishing of IT-admins is incredibly hard to protect against. However, depending on how bad the dirt is (and every big corporation probably has a bunch of rather smelly skeletons in the closet), some of that blame may lie with Sony. But if that is so, getting hacked just means they didn't get away with whatever incriminating stuff is in that data.

[k-mcgrady]

>> "Sony owns several digital release platforms."

Which ones?

[mparlane]

PSN for starters.

[jarcane]

And Crackle.

[bigtunacan]

I was thinking the same thing. While I don't believe it is well known, Crackle is available to most platforms.

[palmer_eldritch]

If they released it today on that platform, it would be well known in a matter of hours.

[bigtunacan]

Agreed; an official announcement from Sony to the major news outlets that it would be released on Crackle and nearly as many people would have that installed as iTunes :)

[k-mcgrady]

I don't know much about PSN but is it restricted to Playstation owners?

[jarcane]

PSN is just the Playstation-targeted wing of their Sony Entertainment Network, which is cross platform: https://en.wikipedia.org/wiki/Sony_Entertainment_Network

They have the means and the platform. Blaming it on others when they have their own internal platforms is blatant blame-shifting and nothing more.

[jusben1369]

Are those platforms able to withstand the traffic and interest that an event like this will trigger?