Data from 500 million Facebook accounts posted online: reports

WASHINGTON - Data affecting more than 500 million Facebook users that was originally leaked in 2019, including email addresses and phone numbers, has been posted on an online hackers forum, according to media reports and a cybercrime expert.

"All 533,000,000 Facebook records were just leaked for free," Alon Gal, chief technology officer at the Hudson Rock cybercrime intelligence firm, said Saturday on Twitter.

He denounced what he called the "absolute negligence" of Facebook.

Some of the data appeared to be current, according to a report in Business Insider which AFP was unable to confirm independently. It said some of the leaked phone numbers still belong to the owners of Facebook accounts.

"This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked," Gal said. 

But Facebook said the reports were old news.

"This is old data that was previously reported on in 2019," a company spokesperson told AFP. "We found and fixed this issue in August 2019."

Close to 32 million American accounts and 20 million French accounts were among those affected, Gal tweeted in January, when the person holding the data was trying to sell it. 

The data include phone numbers, complete names, birthdates and, for some accounts, email addresses and relationship status.

"Bad actors will certainly use the information for social engineering, scamming, hacking and marketing," Gal said on Twitter.

This is not the first time leaks or use of data from the world's largest social network -- with nearly two billion users -- has embroiled Facebook in controversy.

In 2016, a scandal around Cambridge Analytica, a British consulting firm that used the personal data of millions of Facebook users to target political ads, cast a shadow over the social network and its handling of private information.

Agence France-Presse

Web inventor Berners-Lee launches plan to stop internet abuse

BERLIN - World Wide Web inventor Tim Berners-Lee on Monday unveiled a "Contract for the Web" to halt "misuse" by governments, companies and individuals, bringing several capitals and tech titans like Google aboard.

"If we don't act now -- and act together -- to prevent the web being misused by those who want to exploit, divide and undermine, we are at risk of squandering" its potential for good, Berners-Lee said in a statement from his World Wide Web Foundation.

Credited with laying the groundwork for the web -- the universe of multimedia webpages accessible via the internet -- in 1989, the computer scientist has since last year been developing the so-called Contract for the Web.

His unveiling of the final document Monday comes as government, business and civil society leaders gather in Berlin for the four-day UN Internet Governance Forum.

Berners-Lee said his contract, developed in cooperation with dozens of experts and members of the public, is "a roadmap to build a better web."

He called on governments to "strengthen laws and regulations" and companies "to ensure pursuit of profit is not at the expense of human rights and democracy."

"Citizens must hold those in power accountable, demand their digital rights be respected and help foster healthy conversation online," Berners-Lee added.

More than 150 organisations including companies like Google, Microsoft, Facebook and Reddit and interest groups like Reporters Without Borders and the Electronic Frontier Foundation have backed the plan.

Meanwhile, the governments of France, Germany and Ghana are on board, as are thousands of individuals.

"I will stand up for the preservation of the free internet that we have grown to know and love in recent decades," German economy minister Peter Altmaier said in a statement ahead of the UN gathering.

Berners-Lee originally conceived the web while working at European particle physics lab CERN, as a way for scientists around the world to share information about their research.

But in recent years he has grown alarmed by abuse of the technology in society, business and politics.

The WWW Foundation highlighted rising cyber-bullying, growing use of the web by politicians to manipulate news media and widespread online scams.

It also noted that rates of web access in emerging economies lag far behind those in industrialized nations, with 46 percent of people worldwide not online.

"We need real and durable involvement of emerging and developing countries," Germany's Altmaier said. "Free access to the internet must be a fundamental, human right, valid for people around the world."

As well as his "Contract for the Web," Berners-Lee has looked to tackle the web's issues from a technical angle, in 2018 launching a development platform called "Solid" aimed at giving users control of their data.

source: news.abs-cbn.com

Two top executives leave Facebook public relations team

SAN FRANCISCO -- Two of Facebook's top executives in its public relations team are leaving the company, stepping away after the most tumultuous period in the history of the social networking giant.

Caryn Marooney put out word on Wednesday that she was quitting her job as leader of Facebook's communications group after 8 years at the social network and that she was working with chief executive Mark Zuckerberg on finding a replacement.

Marooney wrote on her Facebook page that "it's time to get back to my roots" but also noted that "I have more faith in Facebook than ever."

Meanwhile, vice president of global communications and public affairs Debbie Frost confirmed that she told the company a while ago she was resigning, with plans to leave Facebook in March after nearly 11 years on the team. 

The departures come with Facebook, following a period of extraordinary growth, under fire in many parts of the world over privacy and data security and for failing to curb manipulation of the platform.

Marooney wrote however: "There is so much good happening on Facebook and the entire family of apps every day. And for our challenges -- we have plans in place and the right people working on them."

Zuckerberg marked the 15th anniversary of Facebook this week with a message saying he sees the social network largely as a "positive" force for society.

Zuckerberg has acknowledged that Facebook needs to do more to restore trust, and ferret out misinformation and abuse, and on Monday repeated his pledge to spend more "on safety and security."

Late last year, outgoing head of Facebook's communications team Elliot Schrage took responsibility for the controversial hiring of a conservative consulting firm accused of using "black ops" style techniques, acknowledging critics including investor George Soros were targeted.

Facebook stumbled from one mess to another last year as it grappled with the continuing fallout from Russia's use of the platform to interfere in the 2016 US presidential election, the Cambridge Analytica scandal in which user data was harnessed in a bid to help candidate Donald Trump, and a huge security breach involving millions of accounts.

British former deputy prime minister Nick Clegg, a leading anti-Brexit advocate, was hired as the new head of global affairs and communications at the California-based company.

"With Nick Clegg settled in at Facebook, this felt like the right time to start the transition," Marooney said of timing her departure.

source: news.abs-cbn.com

What to expect at CES 2019, world's largest technology fair

WASHINGTON -- Under the shadow of trade wars, geopolitical tensions and a decline in public trust, the technology sector is seeking to put its problems aside with the Consumer Electronics Show, the annual extravaganza showcasing futuristic innovations.

The Jan. 8 to 11 Las Vegas trade event offers a glimpse into new products and services designed to make people's lives easier, fun and more productive, reaching across diverse sectors such as entertainment, health, transportation, agriculture and sports.

"Smart" devices using various forms of artificial intelligence will again be a major focus at CES.

Visitors are likely to see more dazzling TV screens, intuitive robots, a range of voice-activated devices, and folding or roll-up smartphone displays. Also on display will be refinements to autonomous transportation and gadgets taking advantage of 5G, or fifth-generation wireless networks.

But the celebration of innovation will be mixed with concerns about public trust in new technology and other factors that could cool the growth of a sizzling economic sector.

"I think 2019 will be a year of trust-related challenges for the tech industry," said Bob O'Donnell of Technalysis Research.

CES features 4,500 exhibitors across 2.75 million square feet (250,000 square meters) of exhibit space showcasing artificial intelligence, augmented and virtual reality, smart homes, smart cities, sports gadgets and other cutting-edge devices. Some 182,000 trade professionals are expected.

MUCH ADO ABOUT DATA

There will be a focus on artificial intelligence that can "personalize" a user's experience with a device or a car, or even predict what someone is seeking -- whether it's music or medical care.

But because this ecosystem is built around data, confidence has been eroded by scandals involving Facebook, Google and other guardians of private information.

"The public is wary because of recent events," said Roger Kay, analyst and consultant with Endpoint Technologies Associates. "I think the industry will be slowed by this skepticism."

Carolina Milanesi, an analyst with Creative Strategies, said, "You'll definitely hear people talk about security more, and really looking at how you secure the data," at CES.

TRADE FRICTIONS

The Consumer Technology Association, which operates the show, acknowledges that the sector is being hurt by tariffs and trade frictions between the two largest economic players, the United States and China.

Tariffs on tech products jumped to $1.3 billion in October, according to CTA, raising fears about growth.

"It's almost inevitable that an economic slowdown will occur if these tariffs continue," said Sage Chandler, CTA vice president for international trade.

The US-China trade issues and the arrest of a top executive of Chinese giant Huawei in Canada have thrown into question the "supply chain," the system in which US designs are manufactured in China for the global market.

"This does cast a shadow over CES," O'Donnell said.

ARTIFICIAL INTELLIGENCE AND PERSONALIZATION

The auto sector will again have a major presence at CES with most major manufacturers on hand, some with prototypes of self-driving vehicles.

Japanese carmaker Honda will be showing an "autonomous work vehicle" which can be configured for search and rescue operations, firefighting and other uses.

Other exhibitors will be showing technology designed to serve as the "brains" of self-driving vehicles, not only for navigation but to create a better, more personalized "user experience" for travelers.

The show includes startups offering "predictive" health care solutions designed to anticipate the kind of care senior citizens may need.

Facial recognition, which is already being used on many smartphones, will be incorporated into vehicles, doorbells and security systems as part of efforts to increase personalization and improve security.

And consumer products group Procter & Gamble, making its first appearance at CES, will demonstrate ways to use facial recognition and AI for improved skin care and beauty recommendations.

The new applications raise questions on whether consumers are ready for technologies that evoke the notion of Big Brother and a surveillance state.

Brenda Leong, senior counsel at the Future of Privacy Forum, a Washington think tank, said consumers should be mindful about whether data from facial recognition is kept only on the devices, such as in the iPhone, or held in a database.

"Even if commercial institutions are collecting the data, everybody is worried about government access," she said.

Patrick Moorhead of Moor Insights & Strategy said consumers have shown a willingness to adopt these new technologies if they offer convenience.

"If they are balanced from a benefit point of view, those worries are going to go away," he said.

Moorhead noted that as facial recognition has become a standard feature for many smartphones, "those fears have faded."

O'Donnell said consumers are starting to understand more about data and become more discerning about which companies and devices they trust.

"Personalization is something people want, and they are willing to give up some privacy to get it," he said.

"But if they can get personalization on the device without sending it to the cloud, they get the benefits without giving up privacy."

source: news.abs-cbn.com

Mystery hacker steals data on 1,000 North Korean defectors in South

SEOUL - The personal information of nearly 1,000 North Koreans who defected to South Korea has been leaked after unknown hackers got access to a resettlement agency’s database, the South Korean Unification Ministry said on Friday.

The ministry said it discovered last week that the names, birth dates and addresses of 997 defectors had been stolen through a computer infected with malicious software at an agency called the Hana center, in the southern city of Gumi.

“The malware was planted through emails sent by an internal address,” a ministry official told reporters on condition of anonymity, due to the sensitivity of the issue, referring to a Hana center email account.

The Hana center is among 25 institutes the ministry runs around the country to help some 32,000 defectors adjust to life in the richer, democratic South by providing jobs, medical and legal support.

Defectors, most of whom risked their lives to flee poverty and political oppression, are a source of shame for North Korea. Its state media often denounces them as “human scum” and accuses South Korean spies of kidnapping some of them.

The ministry official declined to say if North Korea was believed to have been behind the hack, or what the motive might have been, saying a police investigation was under way to determine who did it.

North Korean hackers have in the past been accused of cyberattacks on South Korean state agencies and businesses.

North Korea stole classified documents from the South’s defense ministry and a shipbuilder last year, while a cryptocurrency exchange filed for bankruptcy following a cyberattack linked to the North.

North Korean state media has denied those cyberattacks.

The latest data breach comes at a delicate time for the two Koreas which have been rapidly improving their relations after years of confrontation.

The Unification Ministry said it was notifying the affected defectors and there were no reports of any negative impact of the data breach.

“We’re sorry this has happened and will make efforts to prevent it from recurring,” the ministry official said.

Several defectors, including one who became a South Korean television celebrity, have disappeared in recent years only to turn up later in North Korean state media, criticizing South Korea and the fate of defectors.

source: news.abs-cbn.com

New Facebook bug may have exposed unposted photos

SAN FRANCISCO - Facebook apologized Friday for a "bug" that may have exposed unposted photos from as many as 6.8 million users over a 12-day period through third-party applications.

In the latest in a string of incidents on data protection, the leading social network said using Facebook login and granting permission to third-party apps to access photos may have led to the unintended lapse between September 13 and 25.

"When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline," engineering director Tomer Bar said in a message to developers.

"In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories."

Bar added that the bug also impacted photos that people uploaded to Facebook but chose not to post -- in situations where someone uploads a photo but doesn't finish posting it, for example.

"We store a copy of that photo so the person has it when they come back to the app to complete their post," he said.

Bar said affected users would be notified and directed to a help center where they will be able to see what images may have been affected.

"We're sorry this happened," he said. "Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users."

Facebook has been facing heightened scrutiny over its data protection practices in recent months, notably since the revelations over hijacking of personal data of tens of millions of users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 campaign.

source: news.abs-cbn.com

Facebook says hackers accessed data of 29 million users

Facebook said Friday that hackers accessed personal data of 29 million users in a breach at the world's leading social network disclosed late last month.

The company had originally said up to 50 million accounts were affected in a cyberattack that exploited a trio of software flaws to steal "access tokens" that enable people to automatically log back onto the platform.

"We now know that fewer people were impacted than we originally thought," Facebook vice president of product management Guy Rosen said in an online post.

The hackers -- whose identities are still a mystery -- accessed the names, phone numbers, and email addresses of 15 million users, he said.

For another 14 million people, the attack was potentially more damaging.

Cyberattackers accessed that data plus additional information including gender, religion, hometown, birth date, and places they had recently "checked in" to as visiting, according to Facebook.

No data was accessed in the accounts of the remaining one million people whose "access tokens" were stolen, according to Rosen.

The attack did not affect Facebook-owned Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts, the company says.

- 'Vulnerability' in the code -

Facebook said engineers discovered a breach on September 25 and had it patched two days later.

That breach allegedly related to a "view as" feature -- described as a privacy tool to let users see how their profiles look to other people. That function has been disabled for the time being as a precaution.

"It's clear that attackers exploited a vulnerability in Facebook's code," said Rosen.

"We've fixed the vulnerability and informed law enforcement."

Facebook reset the 50 million accounts it thought could have been affected, meaning users will need to sign back in using passwords.

The breach was the latest privacy embarrassment for Facebook, which earlier this year acknowledged that tens of millions of users had their personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

"We face constant attacks from people who want to take over accounts or steal information around the world," chief executive Mark Zuckerberg said on his own Facebook page when the breach was disclosed.

"While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place."

Facebook said it took a precautionary step of resetting "access tokens" for another 40 million accounts which had accessed the "view as" function. Those users will need to log back in to Facebook.

source: news.abs-cbn.com

Facebook deals with Chinese firm draw ire from U.S. lawmakers

Facebook drew fresh criticism from U.S. lawmakers following revelations that it allowed Chinese smartphone makers, including one deemed a national security threat, access to user data.

The world's largest social network confirmed late Tuesday that China-based Huawei -- which has been banned by the U.S. military and a lightning rod for cyberespionage concerns -- was among device makers authorized to see user data.

Facebook has claimed the agreements with some 60 device makers dating from a decade ago were designed to help the social media giant get more services into the mobile ecosystem.

Nonetheless, lawmakers expressed outrage that Chinese firms were given access to user data at a time when officials were trying to block their access to the U.S. market over national security concerns.

Senator Ed Markey‏ said Facebook's chief executive has some more explaining to do following these revelations.

"Mark Zuckerberg needs to return to Congress and testify why @facebook shared Americans' private information with questionable Chinese companies," the Massachusetts Democrat said on Twitter.

"Our privacy and national security cannot be the cost of doing business."

Other lawmakers zeroed in on the concerns about Huawei's ties to the Chinese government, even though the company has denied the allegations.

"This could be a very big problem," tweeted Senator Marco Rubio, a Florida Republican.

"If @Facebook granted Huawei special access to social data of Americans this might as well have given it directly to the government of #China."

Representative Debbie Dingell called the latest news on Huawei "outrageous" and urged a new congressional probe.

"Why does Huawei, a company that our intelligence community said is a national security threat, have access to our personal information?" said Dingell, a Michigan Democrat, on Twitter.

"With over 184 million daily Facebook users in U.S. & Canada, the potential impact on our privacy & national security is huge."

'Approved experiences'

Facebook, which has been blocked in China since 2009, also had data-access deals with Chinese companies Lenovo, OPPO and TCL, according to the company, which had similar arrangements with dozens of other devices makers.

Huawei, which has claimed national security fears are unfounded, said in an emailed statement its access was the same as other device makers.

"Like all leading smartphone providers, Huawei worked with Facebook to make Facebook's service more convenient for users. Huawei has never collected or stored any Facebook user data."

The revelations come weeks after Zuckerberg was grilled in Congress about the hijacking of personal data on some 87 million Facebook users by Cambridge Analytica, a consultancy working on Donald Trump's 2016 campaign.

Facebook said its contracts with phone makers placed tight limits on what could be done with data, and "approved experiences" were reviewed by engineers and managers before being deployed, according to the social network.

Any data obtained by Huawei "was stored on the device, not on Huawei's servers," according to Facebook mobile partnerships chief Francisco Varela.

Facebook said it does not know of any privacy abuse by cellphone makers who years ago were able to gain access to personal data on users and their friends.

It has argued the data-sharing with smartphone makers was different from the leak of data to Cambridge Analytica, which obtained private user data from a personality quiz designed by an academic researcher who violated Facebook's rules.

Facebook is winding up the interface arrangements with device makers as the company's smartphone apps now dominate the service. The integration partnership with Huawei will terminate by the end of this week, according to the social network.

The news comes following U.S. sanctions on another Chinese smartphone maker, ZTE -- which was not on the Facebook list -- for violating export restrictions to Iran.

The ZTE sanctions limiting access to U.S. components could bankrupt the manufacturer, but Trump has said he is willing to help rescue the firm, despite objections from US lawmakers.

source: news.abs-cbn.com

Uber's messy data breach collides with launch of SoftBank deal

TORONTO/SAN FRANCISCO - A newspaper advertisement for an Uber Technologies Inc stock sale was juxtaposed on Wednesday with a report that the ride-service provider had covered up a data hack - something of a metaphor for Uber, a company with boundless investor interest, but whose penchant for rule-breaking has led to a series of scandals.

The stock sale advertised in the New York Times will enable Uber investors to sell their shares to Japanese investor SoftBank, a critical deal for the company whose problems included building software to spy on competitors and to evade regulators and being investigated in Asia for paying bribes.

Uber on Tuesday said that it had paid hackers $100,000 to destroy data on more than 57 million customers and drivers that was stolen from the company - and decided under the previous CEO Travis Kalanick not to report the matter to victims or authorities. Uber was first hacked in October 2016 and discovered the data breach the following month.

Chief Executive Dara Khosrowshahi, who took the helm in August with the mission of turning around the company and overhauling its culture, acknowledged in a blog that Uber had erred in its handling of the breach.

The timing of the disclosure could hardly have been worse.

The company is trying to complete a deal with SoftBank Group Corp in which the Japanese firm would invest as much as $10 billion for at least 14 percent of the company, mostly by buying out existing shareholders. SoftBank is advertising to find shareholders who want to sell.

Uber last month announced a preliminary deal for the SoftBank investment.

One question is whether SoftBank will now try to alter the price of the deal. One source familiar with the matter said SoftBank is planning to stick to its agreement to invest in Uber but may seek better terms. SoftBank has not yet made a final decision on whether to renegotiate, the source said.

Another question is the future of Kalanick, the co-founder who led Uber to becoming a global powerhouse but did so with aggressive and controversial tactics. He was forced out by investors in June who feared his leadership style would damage the company, although he stayed on the board and remains a significant shareholder.

A bitter battle among investors over how to resolve Uber's problems led to a lawsuit by early investor Benchmark, which sought to oust Kalanick from any role. But a settlement was reached earlier this month to pave the way for the SoftBank deal, with Kalanick retaining his board seat and other rights.

Kalanick was made aware of the hack last November and was aware of the $100,000 payment, according to a person close to the matter. Kalanick has declined to comment. Uber did not respond to questions from Reuters on Wednesday.

MULTIPLE INVESTIGATIONS, LAWSUITS

The scope of the repercussions Uber will face for the October 2016 data breach began to take shape Wednesday with governments around the world opening investigations.

Authorities in Britain, Australia and the Philippines said they would investigate Uber's response to the data breach. London's transport regulator, which has been in discussions with Uber after stripping it of its license to operate, said it was pressing Uber for details.

Canada's privacy watchdog said that it had asked Uber for details on the breach, though it had not launched a formal investigation.

Attorneys general offices in at least six U.S. states along with the Federal Trade Commission (FTC) have announced they are looking into the matter. Some states are likely to go after Uber for breaking laws on data breach notification within a reasonable period of time.

At least 2 class action lawsuits have been filed against the company in the United States for failing to disclose the data breaches and causing potential harm to consumers.

Uber said that it has been in touch with the FTC and several states to discuss a hack and pledged to cooperate.

Legal experts said the company is likely to face limited financial fallout from data-breach lawsuits. Uber might succeed in squelching them outright because its agreements with both customers and drivers call for mandatory arbitration of disputes.

Uber fired its chief security officer, Joe Sullivan, and a deputy, Craig Clark, over their role in handling the hack.

The board of directors had commissioned an investigation into Sullivan and his team, which is how the breach was discovered. The board committee concluded that neither Kalanick nor Salle Yoo, who was general counsel at the time, had been consulted in the company's response to the breach, according to a second person familiar with the matter.

It is unclear what the board of directors knew, if anything.

Multiple board members did not respond to requests for comment.

"The scope of this breach is something the Uber board should have been briefed about and consulted on at the very least," said Cynthia Clark, an associate professor of management at Bentley University. "It's a monitoring issue and one of strategy and reputation."

Clark said that these sorts of risks could affect Uber's IPO, which the board has agreed will take place in 2019.

The company has begun overhauling its security practices with help from Matt Olsen, former general counsel of the U.S. National Security Agency and director of the National Counterterrorism Center, CEO Khosrwoshahi said.

Uber in August settled with the FTC after the regulator found the company failed to protect the personal information of passengers and drivers, an agreement that requires 20 years of regular auditing of Uber's data.

After this week's disclosures, Uber can expect "more audits and more people inside of the company" from regulators, said cyber security attorney Steven Rubin.

source: news.abs-cbn.com

Israeli firm can steal phone data in seconds

Petah Tikva, Israel - It only takes a few seconds for an employee of one of the world's leading hacking companies to take a locked smartphone and pull the data from it.

Israeli firm Cellebrite's technology provides a glimpse of a world of possibilities accessible to security agencies globally that worry privacy advocates.

The company has contracts in more than 115 countries, many with governments, and it shot to global prominence in March when it was reported the FBI used its technology to crack the iPhone of one of the jihadist-inspired killers in San Bernardino, California.

There have since been reports that Cellebrite was in fact not involved, and the company itself refuses to comment.

Regardless, it is recognised as one of the world's leaders in such technology.

It can reportedly take a wide range of information off devices: from the content of text messages to potentially details of where a person was at any given moment.

Even messages deleted years before can be potentially retrieved.

"There are many devices that we are the only player in the world that can unlock," Leeor Ben-Peretz, one of the company's top executives, told AFP in English.

But privacy and rights activists worry such powerful technology can wind up in the wrong hands, leading to abuses.

'Cat and mouse'

Cellebrite's technology is not online hacking. It only works when the phone is physically connected to one of the firm's devices.

The company recently demonstrated its capabilities for an AFP journalist.

The password on a phone was disabled and newly taken photos appeared on a computer screen, complete with the exact location and time they were taken.

The phone in the demonstration, an LG G4 run on Google's Android operating system, is a model Cellebrite had already cracked, so the extraction did not take long.

The real challenge, Ben-Peretz agrees, is staying in the lead in a race where phone manufacturers constantly launch new models and update software with ever more complicated security.

In the firm's lab they have 15,000 phones -- with around 150-200 new models added each month.

When a new phone is launched, Ben-Peretz said, their 250-person research team races against competitors to find a chink in its armour, a process that can range from a few days to months.

iPhones present a particular challenge because, unlike many firms, Apple designs everything from the device's hardware to software, making its technology particularly difficult to hack, explained Yong Wang, a professor at Dakota State University in the United States.

Ben-Peretz remains confident his company can crack even the newest iPhones.

"iOS devices have strong security mechanisms that give us a challenge, but if anyone can address this challenge and provide a solution to law enforcement, it is Cellebrite," he said, referring to Apple's operating system.

Legitimate means?

According to Ben-Peretz, there is no phone on the market that is impossible to crack.

"Yes it is getting harder, it is getting more complex," he said. "But we still deliver results and they are results on the latest devices and latest operating systems."

Among the data the firm claims to be able to access are text messages deleted years previously.

"In some devices even if you would format the device and you would believe the data is deleted, still a significant portion of it exists," Ben-Peretz added.

The company sells its products largely to police and law enforcement agencies across the globe, though also increasingly to private firms doing corporate investigations.

It has seen particularly high growth in Asia, multiple times the 15 percent global growth rate, Ben-Peretz said without providing specific numbers.

Rights groups worry that the technology can be used by dictatorial regimes to abuse peoples' privacy.

"Any company, including Cellebrite, has a responsibility to ensure their business activities don't contribute to or benefit from serious human rights violations," said Sari Bashi, Israel advocacy director at Human Rights Watch.

Ben-Peretz said the company vets clients and always respects local laws, but the governments are primarily responsible.

"Take a look at any regime, potential regime around the world: Could you do anything to deprive them from throwing a stone at someone or from driving a car and running over people?

"You can't blame the car manufacturer at that point for delivering a car that was utilised to commit that kind of crime," he said.

Bashi called the comparison misleading as cars are mass-produced.

"A surveillance contract is a bit different. You have a small number of clients and there is an opportunity to ask questions or to ask for a commitment that the technology will not be used for X, Y and Z."

source: news.abs-cbn.com

US pressed to disclose secret court order on Yahoo email search

SAN FRANCISCO -- A US senator and civil groups critical of surveillance practices on Friday called on the government to release a 2015 order by a secret court directing Yahoo to scan all its users' incoming email, saying it appeared to involve new interpretations of at least two important legal issues.

Their concerns center on the nature of the technical assistance the court required Yahoo to provide and the scope of the search that legal experts said appeared to cover the Silicon Valley internet company's entire network.

Yahoo installed a custom software program to search messages to hundreds of millions of accounts at the behest of US intelligence officials with an order from the Foreign Intelligence Surveillance Court, a secret tribunal, Reuters reported on Tuesday.

They were looking for messages containing a single piece of digital content, three former employees and a fourth person apprised of the events told Reuters.

Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages.

But the pornography filters are aimed only at video and still images and cannot search text, as the Yahoo program did. The spam filters, meanwhile, are viewable by many employees who curate them, and there is no confusion about where they sit in the software stack and how they operate.

The court-ordered search Yahoo conducted, on the other hand, was done by a module attached to the Linux kernel - in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled, according to three former Yahoo employees.

They said that made it hard to detect and also made it hard to figure out what the program was doing.

How much companies can be forced to do to comply with government orders for searching data is being debated in the courts. Companies have successfully argued that changes that would degrade users' experience or force them to write new code, essentially a form of speech, would violate basic rights.

Most famously, Apple refused to write code that would unlock an iPhone belonging to a gunman in last year's mass shooting in San Bernardino, California. The FBI later dropped its demand.

In the case of Yahoo, company security staff discovered a software program that was scanning email but ended an investigation when they found it had been approved by Chief Executive Officer Marissa Mayer, the sources said.

Lawmakers are concerned about the request and whether information about it is being properly disclosed to the public.

"Recent reports of a mass-email scanning program have alleged that federal law is being interpreted in ways that many Americans would find surprising and troubling," said Democratic Senator Ron Wyden of Oregon, a member of the intelligence committee and frequent critic of government surveillance programs.

"The USA Freedom Act requires the executive branch to declassify Foreign Intelligence Surveillance Court opinions that involve novel interpretations of laws or the Constitution," Wyden said.

Intelligence officials said the Yahoo order resembled other requests for monitoring online communications of suspected terrorists. The program is far different from the bulk collection of emails and telephone records that was disclosed by fugitive National Security Agency contractor Edward Snowden, they said, stressing the target was a digital "signature" associated with a single entity's suspected terrorist activity.

But legal experts question whether the order might have stretched the concept of a "facility" used by a foreign power from its traditional definition, involving a single phone number or an email account, to include a large company's entire communication network.

"If the facility means all of Yahoo's network, I don't see how that's consistent with the Fourth Amendment," which bars unreasonable searches, said Greg Nojeim, senior counsel at the Center for Democracy & Technology.

(Reporting by Joseph Menn and John Walcott; Additional reporting by Dustin Volz and Mark Hosenball; editing by Jonathan Weber and Grant McCool)

source: www.abs-cbnnews.com

Microsoft gets support in gag order lawsuit from U.S. companies

WASHINGTON -- Technology, media, pharmaceutical and other companies, along with major corporate lobbying groups, filed legal briefs on Friday in support of a Microsoft Corp lawsuit that aims to strike down a law preventing companies from telling customers the government is seeking their data.

Friday was the deadline for filing of friend-of-the-court briefs by nonparticipants in the case. The filings show broad support for Microsoft and the technology industry in its latest high-profile clash with the U.S. Justice Department over digital privacy and surveillance.

Microsoft's backers included the U.S. Chamber of Commerce, the National Association of Manufacturers, Delta Air Lines Inc , Eli Lilly and Co, BP America, the Washington Post, Fox News, the National Newspaper Association, Apple Inc, Alphabet Inc's Google, Amazon.com Inc, the Electronic Frontier Foundation and many others.

Microsoft filed its lawsuit in Seattle federal court in April, arguing that a law allowing the government to seize computer data located on third-party computers and often barring companies from telling their customers that they are targets is unconstitutional.

The Justice Department argues that Microsoft has no standing to bring the case and the public has a "compelling interest in keeping criminal investigations confidential." Procedural safeguards also protect constitutional rights, it contends. A Justice Department spokesman declined comment on Friday's filings.

Microsoft says the government is violating the Fourth Amendment, which establishes the right for people and businesses to know if the government searches or seizes their property, in addition to Microsoft's First Amendment right to free speech.

In the suit, which focuses on the storage of data on remote servers that are often referred to as "cloud" computers, Microsoft said it had been subjected to 2,600 federal court orders within the past 18 months prohibiting the company from informing customers their data was given to authorities pursuing criminal investigations.

Under the authority of the 30-year-old Electronic Communications Privacy Act (ECPA), the government is increasingly directing investigations at parties that store data in the cloud, Microsoft argued in its suit.

Five former law enforcement officials who worked for the FBI or Justice Department in Washington state also submitted a brief supporting Microsoft.

In July, a federal appeals court sided 3-0 with Microsoft in a separate case against the Justice Department, ruling the government could not force the tech company to hand over customer emails stored on servers outside the United States.

The Justice Department has not decided whether to appeal that decision, a spokesman said.

The case is Microsoft Corp v United States Department of Justice et al in the United States District Court, Western District of Washington, No. 2:16-cv-00537.

source: www.abs-cbnnews.com

FBI trick for breaking into iPhone likely to leak, limiting its use

SAN FRANCISCO - The FBI's method for breaking into a locked iPhone 5c is unlikely to stay secret for long, according to senior Apple Inc engineers and outside experts.

Once it is exposed, Apple should be able to plug the encryption hole, comforting iPhone users worried that losing physical possession of their devices will leave them vulnerable to hackers.

When Apple does fix the flaw, it is expected to announce it to customers and thereby extend the rare public battle over security holes, a debate that typically rages out of public view.

The Federal Bureau of Investigation last week dropped its courtroom quest to force Apple to hack into the iPhone of one of the San Bernardino shooters, saying an unidentified party provided a method for getting around the deceased killer's unknown passcode.

If the government pursues a similar case seeking Apple’s help in New York, the court could make the FBI disclose its new trick.

But even if the government walks away from that battle, the growing number of state and local authorities seeking the FBI’s help with locked phones in criminal probes increases the likelihood that the FBI will have to provide it. When that happens, defense attorneys will cross-examine the experts involved.

Although each lawyer would mainly be interested in whether evidence-tampering may have occurred, the process would likely reveal enough about the method for Apple to block it in future versions of its phones, an Apple employee said.

"The FBI would need to resign itself to the fact that such an exploit would only be viable for a few months, if released to other departments," said Jonathan Zdziarski, an independent forensics expert who has helped police get into many devices. "It would be a temporary Vegas jackpot that would quickly get squandered on the case backlog."

In a memo to police obtained by Reuters on Friday, the FBI said it would share the tool "consistent with our legal and policy constraints."

Even if the FBI hoards the information - despite a White House policy that tilts toward disclosure to manufacturers - if it is not revealed to Apple, there are other ways the method could come to light or be rendered ineffective over time, according to Zdziarski and senior Apple engineers who spoke on condition of anonymity.

The FBI may use the same method on phones in cases in which the suspects are still alive, presenting the same opportunity for defense lawyers to pry.

In addition, the contractor who sold the FBI the technique might sell it to another agency or country. The more widely it circulates, the more likely it will be leaked.

“Flaws of this nature have a pretty short life cycle,” one senior Apple engineer said. “Most of these things do come to light.”

The temporary nature of flaws is borne out in the pricing of tools for exploiting security holes in the government-dominated market for “zero-days,” called that because the companies whose products are targets have had zero days’ warning of the flaw.

Many of the attack programs that are sold to defense and intelligence contractors and then to government buyers are purchased over six months, with payments spaced apart in case the flaw is discovered or the hole is patched incidentally with an update from the manufacturer, market participants told Reuters.

Although Apple is concerned about consumer perception, employees said the company had made no major recent changes in policy. Instead, its engineers take pride in the fact that a program for breaking into an iPhone via the web was recently purchased by a defense contractor for $1 million, and that even that program is likely to be short-lived.

They said most iPhone users have more to fear from criminals than from countries, and few crooks can afford anything like what it costs to break into a fully up-to-date iPhone.

(Reporting by Joseph Menn; Editing by Dan Grebler)

source: www.abs-cbnnews.com

FBI's secret method of unlocking iPhone may never reach Apple

WASHINGTON - The FBI may be allowed to withhold information about how it broke into an iPhone belonging to a gunman in the December San Bernardino shootings, despite a U.S. government policy of disclosing technology security flaws discovered by federal agencies.

Under the U.S. vulnerabilities equities process, the government is supposed to err in favor of disclosing security issues so companies can devise fixes to protect data. The policy has exceptions for law enforcement, and there are no hard rules about when and how it must be applied.

Apple Inc has said it would like the government to share how it cracked the iPhone security protections. But the Federal Bureau of Investigation, which has been frustrated by its inability to access data on encrypted phones belonging to criminal suspects, might prefer to keep secret the technique it used to gain access to gunman Syed Farook's phone.

The referee is likely to be a White House group formed during the Obama administration to review computer security flaws discovered by federal agencies and decide whether they should be disclosed.

Experts said government policy on such reviews was not clear-cut, so it was hard to predict whether a review would be required. "There are no hard and fast rules," said White House cybersecurity coordinator Michael Daniel, in a 2014 blog post about the process.

If a review is conducted, many security researchers expect that the White House group will not require the FBI to disclose the vulnerability it exploited.

Some experts said the FBI might be able to avoid a review entirely if, for instance, it got past the phone's encryption using a contractor's proprietary technology.

Explaining the policy in 2014, the Office of the Director of National Security said the government should disclose vulnerabilities “unless there is a clear national security or law enforcement need."

The interagency review process also considers whether others are likely to find the vulnerability. It tends to focus on flaws in major networks and software, rather than individual devices.

During a press call, a senior Justice Department official declined to disclose whether the method used on Farook's phone would work on other phones or would be shared with state and local law enforcement.

Apple declined to comment beyond saying it would like the government to provide information about the technique used.

PROTECTING "CRUCIAL INTELLIGENCE"

The government reorganized the review process roughly two years ago and has not disclosed which agencies regularly participate other than the Department of Homeland Security and at least one intelligence agency. A National Security Council spokesman did not respond to a request for comment about agency participation.

In his April 2014 blog post, White House cybersecurity coordinator Daniel, who chairs the review group, said secrecy was sometimes justified.

“Disclosing a vulnerability can mean that we forego an opportunity to collect crucial intelligence that could thwart a terrorist attack stop the theft of our nation’s intellectual property,” Daniel wrote.

On Tuesday, a senior administration official said the vulnerability review process generally applies to flaws detected by any federal agency.

Paul Rosenzweig, a former deputy assistant secretary at the Department of Homeland Security, said he would be “shocked” if the Apple vulnerability is not considered by the group.

“I can’t imagine that on one of this significance that the FBI, even if it tried to, would succeed in avoiding the review process,” said Rosenzweig, founder of Red Branch Consulting, a homeland security consulting firm.

He predicted the FBI would not be forced to disclose the vulnerability because it appears to require physical possession of a targeted phone and therefore poses minimal threat to Internet security more broadly.

Many security researchers have suggested that the phone's content was probably retrieved after mirroring the device's storage chip to allow data duplication onto other chips, effectively bypassing limitations on the number of passcode guesses.

Kevin Bankston, director of the think tank Open Technology Institute, said there is no public documentation of how the review process has worked in recent years. He said Congress should consider legislation to codify and clarify the rules.

Stewart Baker, former general counsel of the NSA and now a lawyer with Steptoe & Johnson, said the review process could be complicated if the cracking method is considered proprietary by the third party that assisted the FBI.

Several security researchers have pointed to the Israel-based mobile forensics firm Cellebrite as the likely third party that helped the FBI. That company has repeatedly declined comment.

If the FBI is not required to disclose information about the vulnerability, Apple might still have a way to pursue details about the iPhone hack.

The Justice Department has asked a New York court to force Apple to unlock an iPhone related to a drug investigation. If the government continues to pursue that case, the technology company could potentially use legal discovery to force the FBI to reveal what technique it used, a source familiar with the situation told Reuters.

At least one expert thinks a government review could require disclosure. Peter Swire, a professor of law at the Georgia Institute of Technology who served on the presidential intelligence review group that recommended the administration disclose most flaws, said there is “a strong case” for informing Apple about the vulnerability under the announced guidelines.

“The process emphasizes the importance of defense for widely used, commercial software,” he said.

source: www.abs-cbnnews.com

Chinese hackers behind U.S. ransomware attacks - security firms

Hackers using tactics and tools previously associated with Chinese government-supported computer network intrusions have joined the booming cyber crime industry of ransomware, four security firms that investigated attacks on U.S. companies said.

Ransomware, which involves encrypting a target's computer files and then demanding payment to unlock them, has generally been considered the domain of run-of-the-mill cyber criminals.

But executives of the security firms have seen a level of sophistication in at least a half dozen cases over the last three months akin to those used in state-sponsored attacks, including techniques to gain entry and move around the networks, as well as the software used to manage intrusions.

"It is obviously a group of skilled of operators that have some amount of experience conducting intrusions," said Phil Burdette, who heads an incident response team at Dell SecureWorks.

Burdette said his team was called in on three cases in as many months where hackers spread ransomware after exploiting known vulnerabilities in application servers. From there, the hackers tricked more than 100 computers in each of the companies into installing the malicious programs.

The victims included a transportation company and a technology firm that had 30 percent of its machines captured.

Security firms Attack Research, InGuardians and G-C Partners, said they had separately investigated three other similar ransomware attacks since December.

Although they cannot be positive, the companies concluded that all were the work of a known advanced threat group from China, Attack Research Chief Executive Val Smith told Reuters.

The ransomware attacks have not previously been reported. None of the companies that were victims of the hackers agreed to be identified publicly.

The security companies investigating the advanced ransomware intrusions have various theories about what is behind them, but they do not have proof and they have not come to any firm conclusions.

Most of the theories flow from the possibility that the Chinese government has reduced its support for economic espionage, which it pledged to oppose in an agreement with the United States late last year. Some U.S. companies have reported a decline in Chinese hacking since the agreement.

Smith said some government hackers or contractors could be out of work or with reduced work and looking to supplement their income via ransomware.

It is also possible, Burdette said, that companies which had been penetrated for trade secrets or other reasons in the past were now being abandoned as China backs away, and that spies or their associates were taking as much as they could on the way out. In one of Dell's cases, the means of access by the team spreading ransomware was established in 2013.

The cyber security experts could not completely rule out more prosaic explanations, such as the possibility that ordinary criminals had improved their skills and bought tools previously used only by governments.

Dell said that some of the malicious software had been associated by other security firms with a group dubbed Codoso, which has a record of years of attacks of interest to the Chinese government, including those on U.S. defense companies and sites that draw Chinese minorities.

PAYMENT IN BITCOIN

Ransomware has been around for years, spread by some of the same people that previously installed fake antivirus programs on home computers and badgered the victims into paying to remove imaginary threats.

In the past two years, better encryption techniques have often made it impossible for victims to regain access to their files without cooperation from the hackers. Many ransomware payments are made in the virtual currency Bitcoin and remain secret, but institutions including a Los Angeles hospital have gone public about ransomware attacks.

Ransomware operators generally set modest prices that many victims are willing to pay, and they usually do decrypt the files, which ensures that victims will post positively online about the transaction, making the next victims who research their predicament more willing to pay.

Security software companies have warned that because the aggregate payoffs for ransomware gangs are increasing, more criminals will shift to it from credit card theft and other complicated scams.

The involvement of more sophisticated hackers also promises to intensify the threat.

InGuardians CEO Jimmy Alderson said one of the cases his company investigated appeared to have been launched with online credentials stolen six months earlier in a suspected espionage hack of the sort typically called an Advanced Persistent Threat, or APT.

"The tactics of getting access to these networks are APT tactics, but instead of going further in to sit and listen stealthily, they are used for smash-and-grab," Alderson said.

source: www.abs-cbnnews.com

Apple removes some apps from online store over security concerns

Apple Inc. said on Thursday that it had removed "a few" applications from its App Store, expressing its concern that the security of some users' personal data could be compromised in certain circumstances.

The company said the apps threatened users' security by installing certificates that can expose data to monitoring by third parties. The company did not specify the precise number of apps at issue.

"Apple is deeply committed to protecting customer privacy and security," an Apple spokeswoman said in a statement. "We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk."

Apps with so-called root certificates route user data to servers where it can be analyzed. That opens the door for network providers to view encrypted traffic, leaving users vulnerable to data breaches.

Among the apps removed was Been Choice, which has attracted attention for its ability to block advertising in apps.

An Apple spokeswoman said the company would release a support page to help users remove the apps in question from their devices.

source: www.abs-cbnnews.com

Infidelity website Ashley Madison's hackers say 'nobody was watching' - report

NEW YORK - Hackers who stole a trove of sensitive data from AshleyMadison.com said "nobody was watching" as they scoured the infidelity website and vowed to release more emails from its executives, online technology website Motherboard reported on Friday.

The tech website said it was given a contact email address for the hackers, who call themselves the Impact Team, by an intermediary. The hackers replied with a message signed with the same signature and fingerprint, known as a PGP key, posted with the Ashley Madison data releases this week, Motherboard said.

"We were in Avid Life Media a long time to understand and get everything," the website quoted the hackers as saying. "Nobody was watching. No security."

David Kennedy, founder and security consultant at TrustedSec, said that the latest download, which was released with the warning "Time's Up!", appears to be authentic.

"We have explained the fraud, deceit and stupidity of ALM [Ashley Madison's parent company Avid Life Media] and their members. Now everyone gets to see their data," the hackers said in a statement.

Impact Team had threatened to publish names and nude photos and sexual fantasies of customers unless Ashley Madison and Established Men, another site owned by Avid Life Media were taken down.

Representatives of Avid Life Media could not immediately be reached for comment.

Cyber security experts said data dumps on Tuesday and Thursday by the group appeared to be genuine. Tuesday's release had customer information that included U.S. government officials, British civil servants and high-level executives at European and North America corporations.

Motherboard reported that in its exchange with the hackers, they said they had 300 gigabytes of employee emails and internal documents, "tens of thousands of Ashley Madison users pictures" and user chat messages from the site. On Tuesday, hackers released 10 gigabytes of data.

Cyber security experts have said they expect more staged releases of sensitive information.

source: www.abs-cbnnews.com

Uber discloses data breach, theft of license numbers

NEW YORK, United States - Global ride-sharing startup Uber said Friday a data breach last year may have allowed a hacker to gain access to the license numbers of some 50,000 of its drivers.

Uber said in a statement it identified "a one-time access of an Uber database by an unauthorized third party" in September 2014.

"Immediately upon discovery we changed the access protocols for the database, removing the possibility of unauthorized access," the statement from data privacy manager Katherine Tassi said.

"We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident."

Uber said it also filed a lawsuit to be able to gather information to help identify and prosecute the hacker.

The investigation found the breach "impacted approximately 50,000 drivers across multiple (US) states, which is a small percentage of current and former Uber driver partners," the statement said.

The Los Angeles Times reported that some 20,000 of the Uber drivers impacted were in California.

Uber said it was offering free credit monitoring to those affected to guard against the license information being used for identity theft.

Identity theft is the largest single element in US consumer fraud complaints, according to a Federal Trade Commission report Friday which cited 332,000 cases in 2014.

Uber joins the ranks of other companies hit by data breaches including retailers Target and Home Depot and banking giant JPMorgan Chase, each of which saw millions of customers affected.

source: www.abs-cbnnews.com

These cyber thugs may hold your data hostage

SAN FRANCISCO - Marriage therapist Valerie Goss turned on her computer one day and found that all of her data was being held hostage.

Malicious code referred to as "ransomware" had encrypted her files and locked them away. Cyber criminals demanded $500 in hard-to-trace virtual currency Bitcoin to give her the key. The ransom would jump to $1,000 in Bitcoin if Goss took more than a day to pay.

"I felt shocked; like I had been robbed," the Northern California therapist said. "And, I felt pressed for time to make a rational decision. It felt so surreal."

After online research by her son revealed that in a quarter of more of ransomware cases victims never see their files again even if they pay, Goss refused to pay.

Instead, she bought a new computer and fortified it with security software. She also started backing up data off the machine.

As painful as it was, Goss did the right thing, according to cyber security specialists interviewed by AFP.

"Unfortunately, it is the right thing to do," said Malwarebytes chief executive Marcin Kleczynski.

"If you do pay the ransom, that money is gone and there is no guarantee you will get your data back."

Kidnapping smartphone files

Ransomware has been around a while, but has been making a big comeback, according to Kleczynski and mobile security researchers at Lookout. Gross fell prey to the hacker tactic last year on the computer she used in her home office.

Data kidnappers are also taking aim at smartphones and tablets, particularly models powered by Google-backed Android software, said Lookout consumer safety advocate Meghan Kelly.

Lookout saw mobile malware "encounters" in the United States jump 75 percent in 2014 as compared with the prior year. Ransomware accounted for a big part of the jump, according to Kelly.

The United States seems to be a preferred target zone, perhaps because people here keep a lot of cherished, personal data on mobile devices and computers, or because they are seen as having the money to pay to get it back.

A US study released last year by Lookout revealed that one-in-three people considered pictures, contacts, and other digital files on mobile devices so precious they would pay to get them back.

Goss said that she was willing to pay the ransom, but had no assurance she would actually see her files again even if she did pony up the Bitcoin.

Like other forms of malicious code, ransomware can get into computers, smartphones or tablets when people click on dubious links or open infected email attachments.

Drive-by attacks
People can also be hit with ransomware at legitimate websites that have been unknowingly booby-trapped by hackers to infect visitors in what are referred to as "drive-by" attacks.

"Sometimes you don't have to do anything wrong, just visit a website that has been infiltrated and then all of a sudden you have a piece of malware on your computer," Kleczynski said.

Ransomware locks and encrypts all files on infected devices. Kleczynski said that ransom demanded typically ranges from $100 to $1,000.

Ransomware targeting mobile devices can lock phones, email and more, essentially stripping control from owners, according to Kelly.

"Ransomware is a pretty loud piece of malware," Kelly said. "It is going to be in your face saying you can't navigate away and we want money from you."

People can protect themselves by being wary of what links they click on or files they open, and by keeping operating software up to date so the latest security patches are in place.

It is also recommended to have security software running to intervene before malware takes root, and to keep back-up copies of files in the cloud or elsewhere in case defenses are breached.

"One day ransomware can hit you and you have to prepare for the worst," Kleczynski said.

"The threat is very serious, users are infected all of the time, and the encryption keys are so strong you can't get those files back."

Malwarebytes and Lookout offer free versions of their security applications.

source: www.abs-cbnnews.com

Attack could cost Sony half a billion dollars: experts

LOS ANGELES - The devastating cyberattack on Sony Pictures could see the Hollywood studio lose hundreds of millions of dollars in revenue and incur massive recovery costs, experts say.

The cancellation of "The Interview," which President Barack Obama called a "mistake," has significantly escalated the potential losses of last month's hack, Hemanshu Nigam of the SSP Blue cybersecurity consultancy told AFP.

In all, he said, the crisis would lead to "a loss of income of $500 million."

The film about a fictional CIA plot to assassinate North Korean dictator Kim Jong-Un angered Pyongyang, which called it a "terrorist act."

On November 24, Sony suffered a cyberattack claimed by a group calling itself the Guardians of Peace (GOP). The FBI blamed the assault on North Korea.

The unprecedented attack paralyzed Sony's computer systems and saw five films leaked online, some of them before their theatrical release.

In addition, the personal data of 47,000 staff and other workers were put online along with other confidential documents such as the script for the next James Bond movie.

There was also a series of highly embarrassing emails from Sony bosses.

Costly in time and money

On Wednesday, as the "GOP" threatened to attack movie theaters when the film was due to come out on December 25, most major US theater chains announced they would not show it.

Within hours, Sony announced it had canceled the Christmas Day release. With that decision, "the cost has significantly gone up," Nigam said.

Sony initially said it had canceled all release plans, though on Friday it suggested it was seeking distributors for other platforms, which could see the film released either through video on demand (VoD) or as a DVD.

But Sony's production and distribution costs were estimated at $75 million. To that should be added several hundreds of millions of dollars in unearned revenue, Nigam said.

He stressed the film got enormous media exposure thanks to the crisis, and could have earned much more than otherwise if a regular theatrical release had gone ahead.

"The movie itself could have generated several hundred millions dollars given the controversy," he said.

Nigam meanwhile said cleaning up and replacing Sony's entire computer system will cost at least a few tens of millions of dollars.

Kevin Haley, senior security advisor with Symantec, also highlighted "the loss of employee productivity because they cannot get access to their computers."

"The process of cleaning them up and getting rid of their attacker... that's going to be tremendously expensive," Haley said.

To that should be added monumental legal costs.

At least two lawsuits have already been filed on behalf of present and former staff seeking compensation for the leaking of their personal data.

Sony will have to battle with its insurers to try to get some of the costs covered.

The studio will also have to take responsibility for "potential identity theft," said Roel Schouwenberg of Kaspersky Lab, noting it would cost an enormous amount of time and money.

The experts stressed it would be hard to evaluate the damage to Sony's reputation, but agreed it would be considerable.

Sony will have to reestablish relationships with people like Angelina Jolie, who was described in one leaked email as "a minimally talented spoiled brat."

All this came as Sony Pictures was already facing multiple problems.

"Sony itself is in a difficult spot," said analyst Jeff Bock of box office tracker Exhibitor Relations.

"Their slate of upcoming films aren't necessarily the strongest, and with everything in a state of confusion, it will take a while before their film division sees the light," he added.

"That may come at the expense of a lot of their high-level employees. But only time will tell."

source: www.abs-cbnnews.com