CD Projekt Red 'EPICALLY pwned': Cyberpunk 2077 dev publishes ransom note after company systems encrypted CD Projekt Red, the Polish developer of Cyberpunk 2077 and The Witcher 3, has disclosed a major security incident in which several company systems were encrypted and confidential data stolen. The studio took the unusual step of publishing the ransom note left by the hackers, which threatens to release the source code for its …
More than likely there is a proprietary game engine or AI system that CD Projekt will want to keep under wrappers.
Though if some of the reviews are to be believed, they might benefit from Open Sourcing Cyberpunk and asking people to fix some of the bugs.
There are very few gaming "journalists" who don't just jump however high game publishers tell them to.
But I wouldn't be surprised if the few people who do actually bite the hands that feed the games "journalism" industry see the "scum like these" as the lesser of two evils when compared to the activities of "triple-A" game publishers.
A good opportunity to open source these games? We could get some native Linux versions out of this! You never know, the community might even fix a few of those pesky bugs. ;-)
I'm only semi-serious, of course. Whatever they choose to do, this is still a shitty thing to happen to any company.
I want to say, “When will major companies learn!? Air-gap your most important Intellectual Property!”
Avoids theft and denial of access to it.
Closed source code crucial to the future of the company, should not be addressable outside of the company. And only key internal staff should have the physical and logical ability to create encrypted backups, as a part of their job requirements.
No Internet connected servers, no WiFi, no Bluetooth, no wireless keyboard or pointing devices, no USB access.
But then... COVID-19 threw a massive spanner into the works. :(
So the next best thing, NetSec with extensive defence-in-depth, minimum privs across the board, move fast on updates, encrypted data at rest and in flight, etc.
First, CD Projekt Red is not a major company. It's got a bit over 1k employees.
Second, even before the pandemic, developers worked remotely.
Air-gap is a great solution if your mainframe only accepts hardwired connections from dumb terminals operated by employees and you bury it all in a mountain. Otherwise securing your connections and users is the direction to go in the current and future environment.
Do you know anyone who drives a car made by a UK owned car company? One that is still UK owned? I don't think I know anyone at all who owns a Morgan, McClaren, or Caterham, and I know a few people who are actual classic car collectors (one tried to offload a Ford Model T ambulance on me, I wasn't biting!)
If you want to be pedantic about the term, "major company", it has nothing to do with number of employees. It's about revenue. On that basis, CD Projekt Red also would not be considered a major company, but I wasn't being pedantic with my use of that term.
Avoiding air-gapping even outside of a pandemic, does not refute the benefits of air-gapping. The point I raised about COVID-19 throwing a spanner in the works, is merely to say that a pandemic makes air-gapping essentially impossible to work with during that pandemic.
I've personally been involved with numerous air-gapped systems/data in corporate law. Where teams of people had access to systems and data which were physically and logically confined.
Air-gapping is a thing and it's not just used inside mountains by NORAD types. Other industries use air-gapping also. It's used for life critical systems, major infrastructure, finance and it is also used in software development.
The outcome here says it all though. If it is vital to your company that the Intellectual Property in your source code be kept secured, under normal circumstances air-gapping with minimum privs can be a viable option. It certainly is for some.
When I was a software developer in a previous life, we had all our source code on a network _physically_ separated from the rest of the World, on encrypted disks. To steal the code one would have to be physically in the building and to be able to break in the good servers.
Nowadays everything is open, connected, sometimes even in the cloud. That's like putting your money on a table visible to anyone, and thinking nobody will try to break that window.
You can't have the butter, the money for the butter, and the creamer lady butt..
It's always down to risk assessment: if you authorize WFH on your critical systems, be sure to have offline backups with restoration tested routinely, and don't mind to have your data potentially stolen.
Air gapping is a two-edged sword as had been pointed out. Years ago (early 00s) I worked for a company where they had 2 air-gapped networks and the "inner" (secure) network literally not routed outside the building at all. So how did people WFH or whatever? - KVM over IP. Yep, they literally VPN'd into the "outer" (admin/general) network and jumped onto a KVM switch that was attached to a desktop PC (I kid you not) in a rack that was on the "inner" network. So you had full access and could work with (and screen-shot!) anything. You just couldn't copy anything off to anywhere as there were precisely no routes off that network. All you could do is type, mouse and watch.
Always struck me as a simple answer to a problem.
To extract stuff I suppose you could pull something up, scroll through it and use OCR to reconstruct it or use a virtual keyboard to "type" malicious code in very quickly? - this is the thing. There's always a way.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
