Posts

Sony, Hacked: It’s Not One Massive Breach – It’s More Than 50 Breaches in 15 Years

Cybersecurity_MerrillCollegeofJournalismEver try to follow an evolving story in which the cascade of trouble grew so big and moved so fast it was like trying to stay ahead of a pyroclastic flow?

That’s what it’s like keeping up with emerging reports about the massive cyber attack on Sony. (Granted, it’s nothing like the torture report, but Hollywood has a way of making the story spin harder when it’s about them.)

The second most ridiculous part of the Sony hack story is the way in which the entertainment industry has studiously avoided criticizing those most responsible for data security.

In late November, when the hacker(s) self-identified as “Guardians of Peace” made threats across Sony Pictures’ computer network before releasing digital film content, members of the entertainment industry were quick to revile pirates they believed were intent on stealing and distributing digital film content.

When reports emerged implicating North Korea as the alleged source of the hack, the industry backpedaled away from their outrage over piracy, mumbling instead about hackers.

The industry’s insiders shifted gears once again it was revealed that Sony’s passwords were in a password-protected file, and the password to this file was ‘password.

At this juncture you’d think Sony’s employees and contractors – whose Social Security numbers, addresses, emails, and other sensitive information had been exposed – would demand a corporate-wide purge of IT department and Sony executives.

You’d think that anyone affiliated with Sony, whose past and future business dealings might also be exposed would similarly demand expulsion of the incompetents who couldn’t find OPSEC if it was tattooed on their asses. Or perhaps investors and analysts would descend upon the corporation with pitchforks and torches, demanding heads on pikes because of teh stoopid.

Nope.

Instead the industry has been tsk-tsking about the massive breach, all the while rummaging through the equivalent of Sony Pictures’ wide-open lingerie drawer, looking for industry intelligence. Reporting by entertainment industry news outlets has focused almost solely on the content of emails between executives.

But the first most ridiculous part of this massive assault on Sony is that Sony has been hacked more than 50 times in the last 15 years.

Yes. That’s More Than Fifty.

Inside Fifteen Years. Read more

North Korea and the Bush Administration’s Toxic Legacy

Map, NK's proliferation trading partners (see PBS' Frontline: Kim's Nuclear Gamble)

Map, NK’s proliferation trading partners (see PBS’ Frontline: Kim’s Nuclear Gamble)

Over the last several weeks there has been considerable re-evaluation of the Iraq War, launched ten years ago by the Bush Administration. Eulogies and opinions from pundits of all types ranged from “I told you so,” to “It was a qualified success.”

We all know what the truth is without punditry: the war was a bolloxed-up mess before it began, and its outcome is tragic no matter the angle from which one views the results.

But with all the reassessment of the Bush years and its policies on Iraq, there’s been little revisiting of tangential foreign policies and their equally disturbing outcomes.

In particular, in spite of the ramped up threats of nuclear missile deployment, the damage of Bush policies on North Korea have not been discussed.

North Korea has been able to grow its nuclear program primarily because the Bush administration abruptly vacated the previous Clinton administration policy of engagement — in March 2001, a dozen years ago this month. Bush told a shocked South Korean president Kim Dae Jung about this unanticipated policy change in private during a summit. To reporters and the public at large, Bush says,

“Part of the problem in dealing with North Korea, there’s not very much transparency. We’re not certain as to whether or not they’re keeping all terms of all agreements.”

At the end of 2002, North Korea kicked out all IAEA inspectors — those which had been monitoring NK’s nuclear program under the Clinton administration’s previously negotiated 1994 Agreed Framework — thereby eliminating any transparency just as North Korea removed monitoring devices and seals from their nuclear program equipment.

In 2003, the Bush administration entered Six-Party talks with NK; the talks were on-again-off-again until 2009, when NK walked away entirely from discussions. Visiting U.S. scientists were allowed to see functioning uranium enrichment equipment in 2010. Read more