When movies fall short

There is nothing as intensely satisfying as when we are confronted with a reality that is a lot more entertaining than a movie would be. Those are moments you live for, that is unless you are a part of Sony and it is your system getting hacked. Life tends to suck just a little at that point.

This is not the latest story to look at, but in light of the elements that have been visibly resolved, it is the best one around. Some will state that the Hostage story in Martin’s Place, Sydney is the big issue, but that is an event that is getting milked for every second possible by the media, I checked! The price of chocolate remains unaffected, so let’s move on to Sony!

The first part is seen in the article ‘Sony hack would have challenged government defences – FBI’ (at http://www.theguardian.com/technology/2014/dec/12/sony-hack-government-defences-fbi), those who think it is new news seem to have forgotten the issues people had in May 2011 (at http://uk.playstation.com/psn/news/articles/detail/item369506/PSN-Qriocity-Service-Update/). “As the result of a criminal cyber-attack on the company’s data centre located in San Diego, California, USA, SNEI shut down the PlayStation Network and Qriocity services on 20 April 2011, in order for the company to undergo an investigation and make enhancements to the overall security of the network infrastructure” 77 million accounts were compromised and the perpetrators got away with a truckload of data.

So when we see the quote “The cyber-attack that crippled Sony Pictures, led to theft of confidential data and leak of movies on the internet would have challenged almost any cyber security measures, the US Federal Bureau of Investigation (FBI) has said“, we should consider the expression once bitten twice shy and not, when bitten use antiseptic, go into denial and let it be done to your network again.

The fact that this revolves around another branch of Sony is just ludicrous, it’s like listening to a prostitute stating that the sick man used the other entrance this time, so we need not worry! If you think that this is an over the top graphical expression, consider that twice in a row that the personal details of millions in the form of data ‘leaked’ to somewhere.

The second quote will not make you feel any safer ““In speaking with Sony and separately, the Mandiant security provider, the malware that was used would have slipped or probably got past 90% of internet defences that are out there today in private industry and [would have] challenged even state government,” Joseph Demarest, assistant director of the FBI’s cyber division told a US Senate hearing“, as we know that governments tend to be sloppy with their technology as they do not have the budgets the bulk of commercial enterprises get, we can look at the quote and regard the statement to be a less serious expression of ‘do we care’, which is nothing compared to the ignored need to keep personal data safe.

You see, commercial enterprises have gotten sloppy. getting newly graduates to look into a system where you need seasoned veterans and you need a knowledge base and a good setup, all factors that seem to be in ‘denial’ with a truckload of companies the size of Sony, as they are all cutting corners so that they can project revenue and contributions in line with the ‘market expectations’.

The quote that becomes interesting is “A link between Gop and North Korea has been muted over Pyongyang’s reaction to the Sony Pictures film The Interview, which depicts an assassination attempt on Kim Jong-un“, so is this group calling itself Guardians of Peace (Gop), the ‘simpleton’ group they are trivialised to be, or is there more. You see, we see a growing abundance of data collections that seem to go nowhere, but is this truly the case? You see, data is money, it is a currency that can be re-used several times, the question becomes, finding someone willing to buy it. If we regard the 2 billion Microsoft paid for Minecraft to be more than just the IP of the sandbox game, then what is it? Which part of that 2 billion is seen as value for the 120 million registered users on PC? Do you now see the currency we are confronted with?

In my book the Sony exercise is a display of the expression ‘a fool and his money are soon parted‘. In light of the 2011 issue, the fact that security was increased to the extent that it could be done again makes for entertainment on a new level, in addition, like a bad infomercial it does not stop here, no! For $9.95 you get so much more then you see now. That we see in the article that was published two days before that (at http://www.theguardian.com/technology/2014/dec/10/fbi-doubts-north-korea-link-sony-pictures-hack). The part that should make you howl like a hyena is seen here “The security firm hired by Sony to investigate the attack, FireEye, described the attack as an “unparalleled and well-planned crime, carried out by an organised group, for which neither SPE nor other companies could have been fully prepared” in a leaked report“, So did you notice ‘unparalleled and well-planned crime‘ and ‘leaked report‘, oh sarcasm, thy name be Miss Snigger Cackle!

The leaked report, which was from the 7th of December (at http://recode.net/2014/12/07/sony-describes-hack-attack-as-unprecedented/) gives us “demanding that organizations which have obtained the leaked information avoid publishing any more material from the hackers, and destroy existing copies. Boies called it “stolen information.”“, you see, the issue here is that if we consider the quote “This attack is unprecedented in nature. The malware was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other organizations of this critical threat“, so even after the malware, info was still going past the firewall, or was this just ‘leaked’ by an internal source? It takes a little twist when we look at the quote in the December 10th article “The malware had been signed and authorised by Sony Pictures, allowing it to bypass certain security checks“, in my mind this reads as follows: ‘Some idiot gave a pass to malware to roam free on the system‘, so is it that, or was this an internal operation all along? If the second part is true, then who was the beneficiary of all that private data? Who is it means for? You see, many forget that our information is not always for stealing from our credit cards, sometimes it is used to profile us, as a customer, as marketing or as leverage. Why the word leverage? Consider healthcare, consider usage, what happens when an insurance company gets to profile 20 million couch potatoes, what if your healthcare premium suddenly goes up by 15%, do you have any idea how much money that is? So as insurance companies keep the leveraged margins of charge, whilst overcharging risks in addition, we see a growing margin of profit for these insurance companies, whilst getting them to pay for what you are insured for has not gotten any easier has it?

So is this simply a cinematography from Sony Pictures film, called The Interview, which depicts an assassination attempt on Kim Jong-un, or was that the smoke screen? The FBI seems to have ruled out North Korea, as far as I have been able to tell, the only fans of North Korea are the North Koreans and Dennis Rodman (who has no fame in any IT endeavour), so is there enough doubt regarding the reality of what happened and why it happened? Yes, as I see it there is, the question becomes, when there is this much smoke, where are we not looking? That part is to some extent seen in another Guardian Article (at http://www.theguardian.com/film/2014/dec/12/hackers-attack-film-studios-sony-pictures-leak-cybersecurity-warning). We see this quote “Sean Sullivan, senior adviser and researcher at the security company F-Secure, said that he believes the purpose of the Sony hack was extortion. “If it was just hacktivists, they’d have released everything all at once,” he said. “But these releases, it’s like they’re shooting hostages. One thing one day, another the next. This is a really different tactic from what we usually see.”“, this is certainly plausible, but is that it? Why ransom of data and sell it back with the FBI and others on your tail, when you can sell it in Hong Kong, Bangkok, Riyadh and a host of other locations. A simple transaction for an external encrypted drive, a deal you can offer to ALL parties for amount X, the more you offer, the higher X is.

Whilst our data is sold on and on, we run additional risks of getting invoiced for our lives choices and extorted by other financial firms because our privacy is no longer a given in the age of data and it is directly linked to corporations that cannot clean up their act. In the mean time we see leaked report on impossible hack successes, whilst it took only one executive to ‘accidently’ sign and authorise a mere trinket of malware.

So yes, the movies are falling short; reality can be scary and entertaining all at the same time. The question becomes, will there be a change to our invoice of life because of corporate considerations, or lack there off?

 

Advertisements

1 Comment

Filed under Finance, IT, Law, Media, Science

One response to “When movies fall short

  1. Pingback: Last Clooney of the year | Lawrence van Rijn - Law Lord to be

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s