Attacks/Breaches
3/5/2012
01:29 PM
50%
50%

Sony Suffers Michael Jackson Song Hack Attack

Attackers last year reportedly stole 50,000 files, including music from Jackson and numerous Sony recording artists.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Hackers who targeted Sony servers in May 2011 made off with a reported 50,000 files, including Michael Jackson's entire back catalog, some of it unreleased. But the alleged theft of music came to light only recently, when two men--James Marks, 26, and James McCormick, 25--appeared in British court to deny new charges that were made against them.

According to BBC News, the two men have been charged with computer misuse and copyright violations. The latter charge doesn't mean that the men have been accused of releasing any of the songs. Rather, under British law, that charge is often leveled against people accused of having unlawfully accessed computer systems.

Marks and McCormick were arrested in May 2011 and are due to stand trial in January 2013. "Because they were brought before a court, and the charges are now public, people realized that they're not just being charged with hacking Sony, but with downloading 50,000 files--we don't know if they're songs," said Harry Sverdlove, CTO of Bit9, via phone. "We believe the thieves were hackers, so they were traced--allegedly--through social networking."

[ Today's increasingly mobile IT environment makes security more important than ever. Here's some advice from last week's RSA security conference on how you can beef up your company's security practices: 10 Lessons From RSA Security Conference. ]

Sony confirmed that a number of Michael Jackson tracks--including an unreleased duet with Black Eyed Peas singer Will.i.am--had been stolen in the attack, but didn't confirm the scale of the breach, or exactly what had been stolen beyond the songs from Michael Jackson, who died in June 2009 at the age of 50. In a deal worth $395 million, Sony Music had acquired the rights to the Jackson back catalog from the singer's estate for seven years, and the company released the first tracks in December 2010.

The Sony Music website also hosts songs from Avril Lavigne, Foo Fighters, Jimi Hendrix, Leonard Cohen, and Paul Simon, among other artists.

The investigation that resulted in the arrest of the two men was conducted by Britain's Serious Organized Crime Agency (SOCA). A SOCA representative, reached by phone, said that he could only confirm the charges but not comment on the case, as it's ongoing.

The music heist apparently occurred shortly after attackers broke into Sony PlayStation Network systems in April 2011, exposing information related to 77 million customers. In short order, Sony suffered an ongoing series of attacks, which saw hackers access numerous databases, deface website pages, and leak customer information.

Sony ultimately brought in a team of digital forensic experts to investigate the attacks and plug related holes in its infrastructure. Sony estimated that cleanup costs from the breach would reach $168 million.

But the latest disclosure now adds intellectual property (IP) to the list of what Sony has lost. "You know the stages of grief? Here we have Sony going through the stages of data theft: defacement, loss of personal customer information, and with the loss of intellectual property, they're now at the final phase," said Sverdlove. "The next stage, quite frankly, would be a destructive attack--if Sony's power grid were taken out--because there's really no stage left for those guys. At some point, you have to kind of feel bad when someone keeps getting kicked on the ground."

To protect company and customer data, we need to determine what makes it so vulnerable and appealing. We also need to understand how hackers operate, and what tools and processes they rely on. In our How (And Why) Attackers Choose Their Targets report, we explain how to ensure the best defense by thinking like an attacker and identifying the weakest link in your own corporate data chain. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2001-1594
Published: 2015-08-04
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, an...

CVE-2002-2445
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdwon user, which has unspecified impact and attack vectors.

CVE-2002-2446
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

CVE-2003-1603
Published: 2015-08-04
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

CVE-2004-2777
Published: 2015-08-04
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002...

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!