After an attack by a group of hackers-slash-cyber-terrorists, Sony Pictures is having a rough time. Countless embarrassing details about the organization — including executive salaries and salacious emails — have leaked to the media. Even worse, threats against theatergoers have caused Sony to pull The Interview — an upcoming Sony movie that is the motive of the hack — from distribution.
Behind the scenes, though, things are just as anarchic. According to a new report, Sony Pictures is now “stuck in 1992” at least as far as IT is concerned. But those on iOS or a Mac have gotten off much better.
According to a source inside Sony, employees now had to depend on face-to-face meetings and faxes instead of email and text messages.
“We had barely working email and no voicemail so people talked to each other. Some people had to send faxes. They were dragging old printers out of storage to cut checks,” she told Techcrunch. “It was crazy.”
But there is one exception: Mac and iOS users. Although Sony has locked down staff computers until they figure out the entry point of the hack, iOS devices and Mac computers are apparently exempt, at least for some employees. “A couple of people had their computers removed but people using Macs were fine,” Techcrunch’s source said.
Why are Macs and iOS okay? We can only speculate, but we’d guess it’s because both operating systems are more secure from hacks than the likes of Windows devices. Just another reason to choose an Apple product.
Source: Techcrunch
John Brownlee is a writer for Fast Company, and a contributing writer here at CoM. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his wife and two parakeets. You can follow him here on Twitter.
11 responses to “After hacks, Sony’s ‘stuck in 1992’ … except for Mac users”
Erm, no. More likely, the hack targeted windows because it had the biggest share.
That’s one of the things that makes the Mac more secure and that argument doesn’t hold true for iOS. But it was stupid of Sony to let everyone know they’re still using Macs and iOS devices.
Not sure if lack of market share makes something more secure. Thats a pretty naive way to looking at things. As for iOS, you must have you heard of WireLurker or Xsser? I can only assume no.
Actually, that’s exactly how it is. Security is a measure of both vulnerabilities and risk. However, vulnerability doesn’t matter if there’s little to no risk, which is the case with OS X and iOS. There just isn’t anything in the wild that is of great concern to either platform (that includes both WireLurker and Xsser). iOS’s closed nature means there is virtually no malware risk at all. With OS X, there isn’t a single piece of malware in the wild specifically targeted at Macs (not Flash and Java vulnerabilities, which affect Windows as well). This is why Mac users can get away with never touching A/V software, as I always mention to my clients. 99% of all malware is targeted at Windows and Android.
I agree with PMB01, iOS and OS X are pretty secure. Looking at the info that was hacked, these guys have server side access, it’s more than likely they got in from a windows endpoint, but I’ll think you’ll find once they punched a hole in the server side they used that to get onto email and other services pretty quickly.
I’m surprised the attackers didn’t lock the staff out, pretty easy once you’re in.
Either way, pretty embarrassing for Sony. Makes me glad I don’t have a Sony account.
wow. backing down from a bully.. let north korea attempt a terrorist attack on US soil.. it will be the last thing they do… its too bad US is not supporting freedom for its citizens.
The US? You mean Sony Right? Who did the US back down from? And don’t speak of our country winning war so easily, it takes allot of pain, heart, and skill. And many WW 2 vets will tell you Japan had all of that.
Sony’s a foreign corporation.
I really want a Surface Pro 3…not.
Sure a Mac can be hacked. But the skills and toolset vary greatly. The risk is much lower than Windows. Following best practice makes the Mac very secure. If the Macs at Sony Pictures are managed by IT they are likely managed by a unique department. Out of the box a Mac is pretty secure but enterprise managed it can be made much more secure. Google was hacked and lost source code. Google banned Windows, requiring CTO approval to use Windows. Employees were told to choose Mac or Linux. Google manages their Linux and Macs. A locked down Mac without local admin rights is very secure. Casper Suite can lockdown all network services, turning on sshd only momentarily then shutting it off when admin functions are finished. But it wasn’t just employee systems hacked but the server infrastructure. It looks like a user was infected then it spread internally. Once the hackers obtained a god account with Domain Admins they were unstoppable. They didn’t draw attention until they were finished. That means they were cruising Sony’s network for months. Then they nuked all the servers and the workstations right before the holiday. All the drives were wiped and only a demo screen booted with their skeleton msg.
It is painfully obvious that Sony had perimeter security but hardly any internal security. Firewall and AV endpoint protection is pretty useless. I know this because I rarely see end point AV detecting malware at all but network packet analysis and monitoring alerts picking up the infection. Our systems automatically detect and isolate a computer doing suspicious things and alert the security team. Domain Admin accounts are vaulted and admins have to checkout an account that expires in a few hours. The passwords are very strong as well. Certificates, signing and encryption are used everywhere. Course I don’t work for a movie studio who employs actors whose cell phones get hacked for nudie pics. I can not imagine the security was implemented properly. It’s a very different world in banking and finance where we protect customer data and assets. A breach would be terrible. Damage to the company reputation would be almost impossible to overcome.