Japanese entertainment titan Sony had the dubious honor of winning a “Most Epic Fail” award on Thursday at a prestigious Black Hat gathering of computer security professionals in Las Vegas.
Sony and hacked computer security powerhouse RSA were mockingly honored with Pwnies, annual awards named in a reference to geek slang for “owning” or totally dominating an opponent.
“After learning the hard way that their PlayStation Network was about as porous as air, Sony had to shut it down for over two months to rebuild it from scratch,” Pwnie judges said of the winning choice. “In doing so, they made everyone from your eight-year-old cousin to your barber learn about the importance of security. Hooray for us, sorry Sony shareholders.”
Last month, Sony finished restoring PlayStation Network and Qriocity online distribution services that were shut down in April because of hacker attacks.
The hacking attack on Sony compromised personal data from 100 million accounts.
Sony later suffered attacks on Web sites, including in Greece, Thailand and Indonesia, and on the Canadian site of mobile phone company Sony Ericsson.
Analysts say the breach could cost it about US$1 billion, but that attacks threatened deeper damage to Sony’s brand image and its efforts to link its gadgets to an online network of games, movies and music.
George Hotz, a celebrated hacker known as “GeoHot” sued by Sony for cracking software defenses of PlayStation 3 game consoles, was awarded a Pwnie for a rap song firing back at the Japanese firm.
A Pwnie for “Lamest Vendor Response” was awarded to RSA, the security division of EMC Corp, for its handling of a network break-in early this year.
“They got hacked, their SecurID tokens were totally compromised and they basically passed it off as a non-event until Lockheed-Martin got attacked because of them,” Pwnie judges said of the reasoning behind the award.
The Stuxnet computer worm beat out notorious hacker group Lulz Security to receive an “Epic Ownage Pwnie” for “delivering the most damaging, widely publicized or hilarious ownage.”
“How many national nuclear programs did your worm disrupt?” Pwnie judges asked rhetorically.
Stuxnet targets control systems made by German industrial giant Siemens AG, commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.
Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there.
The worm was crafted to recognize the computer system it was to attack.