A Blog by Jonathan Low

 

Dec 12, 2014

Sony Is Using Its Own Cyber Attacks to Keep Leaked Files From Spreading

Fighting digital fire with digital fire certainly makes sense tactically. But to use other cliches, the best offense is a good defense or an ounce of prevention...

This is not to pick on poor, old Sony, only the latest corporate behemoth embarrassed by hackers whose breaching techniques were either dismissed by the company's no-doubt numerous cyber-security experts with 'couldn't  happen here' assurances or were simply never imagined.

What makes the hack and the company's response, is the aggressiveness in both counts.

The hackers didnt just take credit card numbers, though apparently they took plenty of those. They also grabbed, figuratively speaking, lots of other data, some of the most embarrassing or strategically sensitive of which they have released to the media. Who, in turn, have exhibited not a whit of discretion or sensitivity in trumpeting all the delicious details. As 2014 winds down, let's be clear: we are NOT family.

Glee at your discomfort is a lot more prevalent than concern for your well-being. So, given that one lousy turn deserves another, Sony is employing its own DDOS (denial of service) attacks to stop the spread of its previously classified material. If some organizations, individuals and nation states (?) like, oh, just picking some random names such as North Korea, China, Russia or Iran get hurt, well, there's collateral damage in war. You don't want to pay, you'd better not play.

Given the web's co-evolutionary nature, this is likely to lead to escalation. Pity the next victim. And, ironically, it may lead to increases in government funding despite the global calls for austerity, as enterprises demand more protection and public officials heed the need to defend their job creators, funding mechanisms and tax bases. JL

Lily Newman reports in Slate:

Using counterattacks to contain leaks and deal with malicious hackers has been gaining legitimacy. It’s understandable that Sony Pictures wants to take countermeasures, but it also probably shouldn’t have kept its passwords in a folder named “Password.”
Sony Pictures has been dealing with a terrible hack since late November, but the company is taking a stand and counterhacking to keep its leaked files, which include five unreleased movies, from spreading across torrent sites.
Two sources told Recode that Sony is using hundreds of computers in Asia to perform distributed denial of service, or DDoS, attacks on sites that are hosting exposed files from the original hack. But apparently this isn’t happening in a sketchy warehouse somewhere—sources say that Sony is working with Amazon Web Services (Amazon’s cloud service) to launch the counterattacks. 
Advertisement
The hackers who infiltrated Sony Pictures, known as “Guardians of the Peace,” have released five troves of Sony data over the past few weeks. The company’s countermeasure involves overwhelming torrenters with network requests if they attempt to download files from the leak.
Sony used to use a similar approach in the early 2000s, when illegal file sharing exploded. Sony would plant fake torrent “seeds” on popular sites, and when someone tried to use them, the download would take hours, be extremely processor-intensive, and yield ... nothing. Sony developed the strategy with anti-piracy firm MediaDefender, and the idea was to make the experience painful enough for torrenters that they would want to avoid it in the future by purchasing legitimate media.
Using counterattacks to contain leaks and deal with malicious hackers has been gaining legitimacy. Some cybersecurity experts even feel that the Second Amendment can be interpreted as applying to “cyber arms.” But this approach could also escalate cyber-battles in unintended ways. It’s understandable that Sony Pictures wants to take countermeasures, but it also probably shouldn’t have kept its passwords in a folder named “Password.”

0 comments:

Post a Comment