Attacks/Breaches
3/5/2012
01:29 PM
50%
50%

Sony Suffers Michael Jackson Song Hack Attack

Attackers last year reportedly stole 50,000 files, including music from Jackson and numerous Sony recording artists.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Hackers who targeted Sony servers in May 2011 made off with a reported 50,000 files, including Michael Jackson's entire back catalog, some of it unreleased. But the alleged theft of music came to light only recently, when two men--James Marks, 26, and James McCormick, 25--appeared in British court to deny new charges that were made against them.

According to BBC News, the two men have been charged with computer misuse and copyright violations. The latter charge doesn't mean that the men have been accused of releasing any of the songs. Rather, under British law, that charge is often leveled against people accused of having unlawfully accessed computer systems.

Marks and McCormick were arrested in May 2011 and are due to stand trial in January 2013. "Because they were brought before a court, and the charges are now public, people realized that they're not just being charged with hacking Sony, but with downloading 50,000 files--we don't know if they're songs," said Harry Sverdlove, CTO of Bit9, via phone. "We believe the thieves were hackers, so they were traced--allegedly--through social networking."

[ Today's increasingly mobile IT environment makes security more important than ever. Here's some advice from last week's RSA security conference on how you can beef up your company's security practices: 10 Lessons From RSA Security Conference. ]

Sony confirmed that a number of Michael Jackson tracks--including an unreleased duet with Black Eyed Peas singer Will.i.am--had been stolen in the attack, but didn't confirm the scale of the breach, or exactly what had been stolen beyond the songs from Michael Jackson, who died in June 2009 at the age of 50. In a deal worth $395 million, Sony Music had acquired the rights to the Jackson back catalog from the singer's estate for seven years, and the company released the first tracks in December 2010.

The Sony Music website also hosts songs from Avril Lavigne, Foo Fighters, Jimi Hendrix, Leonard Cohen, and Paul Simon, among other artists.

The investigation that resulted in the arrest of the two men was conducted by Britain's Serious Organized Crime Agency (SOCA). A SOCA representative, reached by phone, said that he could only confirm the charges but not comment on the case, as it's ongoing.

The music heist apparently occurred shortly after attackers broke into Sony PlayStation Network systems in April 2011, exposing information related to 77 million customers. In short order, Sony suffered an ongoing series of attacks, which saw hackers access numerous databases, deface website pages, and leak customer information.

Sony ultimately brought in a team of digital forensic experts to investigate the attacks and plug related holes in its infrastructure. Sony estimated that cleanup costs from the breach would reach $168 million.

But the latest disclosure now adds intellectual property (IP) to the list of what Sony has lost. "You know the stages of grief? Here we have Sony going through the stages of data theft: defacement, loss of personal customer information, and with the loss of intellectual property, they're now at the final phase," said Sverdlove. "The next stage, quite frankly, would be a destructive attack--if Sony's power grid were taken out--because there's really no stage left for those guys. At some point, you have to kind of feel bad when someone keeps getting kicked on the ground."

To protect company and customer data, we need to determine what makes it so vulnerable and appealing. We also need to understand how hackers operate, and what tools and processes they rely on. In our How (And Why) Attackers Choose Their Targets report, we explain how to ensure the best defense by thinking like an attacker and identifying the weakest link in your own corporate data chain. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice post
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1950
Published: 2015-07-01
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.

CVE-2015-1951
Published: 2015-07-01
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.

CVE-2015-1967
Published: 2015-07-01
MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the absence of the compatibility-mode option, which allows remote attackers to obtain sensitive information by sniffing the network for a session in which TLS is not used.

CVE-2014-9734
Published: 2015-06-30
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.

CVE-2014-9735
Published: 2015-06-30
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to (1) upload and execute arbitrary files via an update_plugin a...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report