ISPs Must Take Responsibility For Sony Movie Leaks, MP Says

[Scubbie]

ISPs Must Take Responsibility For Sony Movie Leaks, MP Says | TorrentFreak

As the fallout from the Sony hack continues, who is to blame for the leak of movies including Fury, which has been downloaded a million times? According to the UK Prime Minister's former IP advisor, as "facilitators" web-hosts and ISPs must step up and take some blame.

Last week’s massive hack of Sony Pictures could hardly have been more high-profile and if reports thus far are to be believed, damage to the company could be significant. Rather than dropping away, this week momentum is building. In addition to the early leaks, available on BitTorrent networks right now is a 25.87GB data dump featuring the personal details of Sony staff including their names, addresses, salaries and social security numbers.

Not only is this file damaging (it reveals rather healthy executive remuneration packages) it’s also adding to the already considerable mystery surrounding the case. Early in the torrent’s life, dozens of Sony-linked Amazon IP addresses were observed on the torrent provoking theories ranging from honey-pots to hijacked servers.

Another mysterious element emerging now involves the torrent’s unique hash. Search for 957DC0A8 04EB8C28 2F33988E B9096974 FC3761C9 using Google or Bing and there are zero results (at least before publication of this article) which is extremely unusual indeed. Whichever way this torrent made its way online, it almost certainly wasn’t via any conventional route.

As the drama continues, finding someone to blame for the whole debacle is at the forefront. Speculation is rife, with accusatory fingers being pointed as far away as North Korea and as close to home as current Sony employees. It comes as no surprise, however, that picking on easier targets has already slipped onto the agenda.

As first reported here on TF, following the hacks last week several unreleased Sony movies leaked online. Fury, featuring Brad Pitt, was by far the highest profile and today we can confirm that the title has been downloaded by BitTorrent users more than a million times.

But with Kim Jong Un beyond Western justice and millions of torrent users too much of a headache to round up, the middle men are yet again being drawn into the fight.

Mike Weatherley MP, the recent IP advisor to Prime Minister David Cameron, has published several piracy reports including one earlier in the year examining the advertising revenue on pirate sites. He believes that companies with no direct connection to the hack or subsequent leaks should shoulder some blame.

“Piracy is a huge international problem. The recent cyber-attack on Sony and subsequent release of films to illegal websites is just one high-profile example of how criminals exploit others’ Intellectual Property,” Weatherley writes in an email to TF.

“Unfortunately, the theft of these films – and their subsequent downloads – has been facilitated by web-hosting companies and, ultimately, ISPs who do have to step-up and take some responsibility.”

Weatherley doesn’t provide detail on precisely why web-hosts and ISPs should take responsibility for the work of malicious hackers (possibly state-sponsored) and all subsequent fall out from attacks. The theory is that “something” should be done, but precisely what remains elusive.

In the UK, on Weatherley’s home turf, almost every major torrent site is already blocked by ISPs. The latest wave arrived in the past few days but with proxy sites appearing even more quickly, progress is limited.

Overall, it’s clear that forcing technology companies into shouldering blame for the actions of others is a difficult game and one that has yet to make any noticeable dent in piracy volumes. Still, that won’t stop rightsholders pursuing claims against them and influential characters like Weatherley pushing for reform.

[gymno]

Asking isp's to do something here is like asking the highways agency to do something about burglars driving to their victims' home.

[Scubbie]

Yep, lets all blame someone who has no responsibility for the actions of another because some fool couldn't ensure that their servers were secure.

[Scubbie]

Ahhh... We finally have the reason why Sony was hacked.

Sony saved thousands of passwords in a folder named 'Password' - Telegraph

Sony is facing further embarrassment over its latest data breach, after it emerged that its security precautions were somewhat lacking

Sony Pictures Entertainment saved thousands of company passwords in a file directory entitled 'Password', it has emerged, after hackers published a new trove of leaked documents online.

In what is turning out to be one of the most embarrassing corporate hacks in history, it appears that the leaked files include the Social Security numbers of 47,000 employees and actors, including Sylvester Stallone, Judd Apatow and Rebel Wilson.

They also include a file directory entitled 'Password', which includes 139 Word documents, Excel spreadsheets, zip files, and PDFs containing thousands of passwords to Sony Pictures’ internal computers, social media accounts, and web services accounts.

Most of the files are labelled in plain text and without password protection. One file uncovered by BuzzFeed included hundreds of clearly-labelled Facebook, MySpace, YouTube and Twitter usernames and passwords for major motion picture social accounts.

Sony had no immediate comment, although earlier this week Sony Pictures Entertainment CEO Michael Lynton and co-chairman Amy Pascal issued a company-wide memo calling the hack a “brazen attack on our company, our employees and our business partners”.

Some former Sony Pictures employees reportedly told Fusion that they were disappointed but not surprised by the hack, given the company's "long-running lax attitude towards security".

They said that employees had highlighted specific vulnerabilities on Sony websites and systems, but many of these were ignored. The company also reportedly did risk assessments to identify vulnerabilities but then failed to act on the advice that came out of them.

The news comes amid ongoing confusion about the source of the attack. Evidence suggests that it originated in North Korea, with some reports suggesting that anger over film The Interview, depicting a CIA plot to assassinate Kim Jong-un, could be the motivation behind it.

However, North Korea denies any involvement, with one New York-based diplomat claiming that linking North Korea to the hack is "another fabrication targeting the country", and that Pyongyang has publicly declared it will follow international norms banning hacking and piracy.

The Pyongyang government has previously denounced The Interview, which stars James Franco and Seth Rogen, describing it as "undisguised sponsoring of terrorism, as well as an act of war" in a letter to UN Secretary-General Ban Ki-moon.

(Ok, I know that Disnet now distribute the Muppets)