“FBI blames North Korea for Sony hack,” by Eric Tucker and Ted Bridis, AP story at Daily Local News, 12/19/14:
WASHINGTON (AP) — President Barack Obama said Friday that Sony Pictures Entertainment “made a mistake” in shelving a satirical film about a plot to assassinate North Korea’s leader, and he vowed the United States will respond “in a place and manner and time that we choose” to a hack attack the FBI blamed on the secretive Communist regime….
Our taxpayer-funded public servants are hard at work to trace the hack:
The FBI said the tools themselves contained subtle clues linking them to that country’s government….
Our friends at NSA are also in on the case. The past and future US response sounds like its not a free service (except to Sony, of course). For example, according to the usual anonymous sources in a Yahoo! News article:
U.S. experts say Obama’s options could include cyber retaliation, financial sanctions, criminal indictments against individuals implicated in the attack or even a boost in U.S. military support to South Korea.
Anything like that is a legitimate function of our government, right? Or is it?
The anti-government sector that comprises most of the right wing today keeps proclaiming that the US government should work only about things that no one else can do, like defense. I usually disagree with that argument but let’s see how it applies to the current imbroglio with one pariah country.
Are American citizens being attacked in their homes? Are North Koreans massing an army at our borders? No, a multinational corporation has been attacked on their own computer systems. I bet Sony could do a really good job of cyber retaliation if they had to. At their own expense, of course. People in Sony’s video games division probably know all about this sort of thing.
But isn’t poor Sony a loyal US company that deserves our taxpayers’ help, something like a cyber bailout? Actually not, per Wikipedia, it’s a “Japanese multinational conglomerate” whose headquarters are in Tokyo and whose many subsidiaries include Sony Pictures Entertainment, the Hollywood-related division having the problem right now.
Sony’s worldwide sales and operating revenues in the current fiscal year ending March 31, 2015 are forecast as 7,800,000,000,000 yen (yes, trillions). At the current exchange rate of 1 yen = 0.008365, that comes to $65,247,000,000 (down about $7 billion from 2 years ago, but still fairly impressive). That’s more than twice Pennsylvania’s $29 billion budget for the current fiscal year (2014-15 Mid-Year Briefing). It’s also well over 5 times the annual GDP of North Korea.
Well, at least Sony pays taxes, right? Well, not to California, where it makes all those movies. According to Sabe Hamedy and Richard Verrier, “New California film tax credit ‘NOT good’ for Sony, email says,” Los Angeles Times, 12/12/14, a Sony exec emailed to his colleagues that new California tax credit for films won’t benefit Sony because:
“The program provides that the credits are off-set against California income tax liability and because we file taxes on a unitary basis with other Sony group companies and combined we’re in an overall loss position, there is no way to monetize the credits.”
In other words, “overall loss position” (after the usual tax-minimizing strategies, of course), no tax, no credit. I’ve been working hard to figure out Sony’s taxes to the US, but can’t find the right info. I’m inclined to think it also has had a “paper loss” in recent years, meaning no tax whatever its real profits. Those multinationals receive (or, to be more accurate, purchase from Congress) all sorts of tax breaks, for example, Christopher Rowland, “Tax lobbyists help businesses reap windfalls,” The Boston Globe, 3/17/13″
…Hollywood production companies received a $430 million tax benefit for filming within the United States. As a result, companies like Walt Disney Co., Viacom, Sony, and Time Warner — with the help of the Motion Picture Association of America, chaired by former Connecticut senator Christopher J. Dodd — realized a return on their lobbying investment of about 860 percent….
So we the taxpayers of hard-pressed states like California and Pennsylvania are apparently expected to help a giant foreign multinational in its problem with a foreign government. North Korea and Japan may not be the friendliest of neighbors and the North Korean dictator doesn’t like being made fun of (if, indeed, he is behind this; remember Saddam Hussein’s weapons of meas destruction).
Is that neighbors’ spat our problem? Are the Japanese taxpayers going to contribute to Sony as they did to Tepco, the Fukushima disaster company?
Well, who is going to protect these poor international corporations if we don’t?
They could start by protecting themselves with some elementary anti-hacking measures. Tom Fox-Brewster. “Sony needed to have basic digital protection. It failed,” The Guardian, 12/20/14, points out:
Sony’s role should not be forgotten. Its failings have lessons for everyone.
And they were plentiful, bordering on parody. The leaks revealed Sony was storing passwords for internal accounts in a file called “passwords”. This is gold dust to any hacker who has found his or her way on to a network. It gives them the keys to other doors, or in Sony’s case, the kingdom.
Those at the top of Sony’s hierarchy were guilty of egregious security practices too. Chief executive Michael Lynton’s password, Sonyml3, was easily guessable to any semi-skilled hacker. Let’s not even entertain the possibility that Lynton went through Sonyml1 and Sonyml2 first. If it’s not apparent already, using passwords that contain your employer’s name, your initials and a single number is a rookie error….
Sony’s lax security practices are sort of like Tepco putting its emergency systems on the ground floor of a nuclear reaction near the ocean. (Yes indeed: per Wikipedia, “The tsunami water quickly flooded the low-lying rooms in which the emergency generators were housed.”)
I have been looking at other examples of the US government helping out those big corporations, but I’ll write that up in the next.
Personally, I think these too-big-to-fail international conglomerates are smart enough and rich enough to fend off hackers, to insure and reinsure themselves, and to watch their bottom line without being propped up by the rest of us.
David Carr, “How the Hacking at Sony Over ‘The Interview’ Became a Horror Movie,” New York Times, 12/21/14, says rightly, referring to the Motion Picture Association of America:
…The breach of Sony would seem to be exactly the kind of moment when an association has real value, when it can collectively respond to a fundamental threat to the industry. The organization and the studios it represents hid instead.
If I were in charge, I’d say to Sony: I feel your pain that you spent $44,000,000 — under 0.1% of your annual revenues — on a film you have decided you can’t show. Why don’t you go and negotiate with your insurance company now? And if you want to try to convince the entertainment moguls to set up a damage fund for companies in your situation in the future, fine, just don’t ask the government to be part of it.
Ah, but don’t hacking and blackmailing an entertainment company threaten Americans’ way of life? I don’t know about yours, but not mine. I get the point about free speech; but I don’t happen to agree with the 5-4 Supreme Court majority that corporations benefit from the same rights as individual Americans
Is there a constitutional right to see, at our convenience, any movie that any company makes? We can talk about that, but I think there are more important and clearer rights under threat today that need attention first, like the rights of assembly, protest, and the press. Why are we talking about a movie anyhow, at a time when the feds are trying to put journalists and whistleblowers in jail?
Here’s a compromise solution: Any Americans who feel that the ongoing Sony drama (currently providing us some free entertainment, by the way) threatens their way of life should send Sony a few dollars to help it get unhacked.
That’s my final offer to Sony: crowdfunding.