CDPR hit with Cyberattack, source codes of Cyberpunk 2077, The Witcher 3, and more supposedly leaked.

[kvuj]

Meh

 

Ironically, in the (closed source) software market, source code is mostly worthless.

 

As soon as CDPR releases 1.2 that source becomes outdated. Many people also won't try to download & compile their own copy and if they would, they would simply download a pirated copy from a torrent site.

 

Now, if they don't have backups and this is a ransomware case, then the way they make software has deep problems.

[StDragon]

1 hour ago, leadeater said:

Main problem I expect them to be facing it known when to restore to and if the recovery points themselves contain compromised software that would allow them access back in and to do even more malicious damage than what has been done already. That's happened to companies before and it's an utter disaster when it happens as they forgo encrypting data and do straight to destruction and damage and then  try and target things like the backup infrastructure.

 

Integrity of the backups becomes a real problem under these situations.

I've professionally consulted and operationally been involved in ransomware remediation going back at least...seven years (it's been so long, can't remember exactly). 

 

In theory (because I've never seen it myself), the worst type of ransomware is the form that slowly encrypts data in random locations. It becomes a real b**ch to reconcile the data; even with grandfather-father-son backup scheme.

 

Thankfully the former is a rarity. I would say 99% of the ransomware hacks are delivered from e-mails with either a link, or a payload in macro within an MS Office document. Once it runs on the infected PC, it's typically timed to grind through all the data (local and via SMB share access) after-hours based on the user credentials of the person whom executed it. If the poor SOB was granted Domain Admin membership, the entire network gets 0wned. If just Domain User with limited share access, only the local profile data to the PC and SMB share he/she had access too gets encrypted. Either way. from start to finish it's usually within a 24 to 48 hour period.

 

This is why you have layers of defense.

• E-mail scanning; both spam, phishing, and anti-malware.
• Next Generation Firewall that blocks known categories of dubious software, protocols, content filter, and GW anti-virus.
• Anti-malware end-points installed on all client machines
• EDR, can also double as anti-malware, but often supplemental to an existing solution.
• Last but not least, employee security awareness training. In many ways, this is the first line of defense. Short of a zero-day exploit, the vast majority of exposure and infiltration starts with the end-users actions.

 

 

[leadeater]

1 hour ago, StDragon said:

In theory (because I've never seen it myself), the worst type of ransomware is the form that slowly encrypts data in random locations. It becomes a real b**ch to reconcile the data; even with grandfather-father-son backup scheme.

I only know of 2 real cases of this, in reality one. One of them was a laptop being taken on and off the network that was only slowly managing to encrypt files so there quite a number of days between the first files being encrypted and the last. Pretty odd, don't see that much.

 

1 hour ago, StDragon said:

Last but not least, employee security awareness training.

This is pretty much the most effective of the lot, once you tick off the very basics. It's just very hard to achieve full effectiveness across everyone. Like with our 30k+ users it's inevitable someone isn't going to follow proper diligence at some point, we know this to be true from running internal phising.

[D13H4RD]

10 hours ago, Middcore said:

 

This smacks of still further victim-blaming. I would agree it's publicity they would rather do without because I'm sure they would rather have not been hacked but the way you've phrased it makes it sound like they did something wrong that created a new "PR mess." 

 

I can see it now, next week some wacko firebombs CDPR's offices and then the internet will be like "Wow more bad publicity for them." 

Well, I’m definitely not trying to victim-blame. It’s still pretty bad regardless of how people feel about it. 

 

Just mentioning that whilst they likely would have been hacked even with a perfectly flawless launch of the game, the sombre reputation with gamers due to the reality of the game’s situation has kind of led to some people feeling what they do.

 

Not saying that’s right. Just trying to understand further on the why.

[wanderingfool2]

3 hours ago, leadeater said:

This is pretty much the most effective of the lot, once you tick off the very basics. It's just very hard to achieve full effectiveness across everyone. Like with our 30k+ users it's inevitable someone isn't going to follow proper diligence at some point, we know this to be true from running internal phising.

So true, I would say that a vast majority of people don't have awareness when it comes to things like phishing or even common sense.

 

e.g. Went to a manager who had visited a site that got flagged and blocked.  Asked why he was going to the site, and that it was blocked due to malware threats...he proceeds make excuses, saying it was an email from a customer, opens up the email and before I could even reacts he clicks on the link again right in front of me. Sometimes I wish I had the ability to fire people.

[ravenshrike]

20 hours ago, Orangeator said:

This metric is a little misleading. Certain portions of the Cyberpunk map, particularly the city itself, have multiple overlapping sections where the same "geographical point" can have multiple "levels", if that makes sense.

More importantly, all the towns in RDR2 fit into at most two sections of Night City. Hell, if you were to collect up every single 'inhabited' area in  RDR2 I doubt you'd manage to fill up 3.

[Bombastinator]

The behavior of the game company fits with the stereotypical National character of Poland.  During world war2 polish troops (what few of them there were left) were man for man literally THE most dangerous troops in the world.  They didn’t capitulate, they didn’t stop, and they didn’t forgive.  In world war2 board games I played this was simulated by the troops being  classed as fanatic.  The same classification given to the Russian troops defending Moscow in the siege of Stalingrad, except given to every counter of that nation permanently.  No American, German, Japanese, Chinese, or British troop counters received that designation.  There was only one battle where even Russian troops did.  They didn’t get deployed very much.  Most of them came to the US and fought under American commanders.  The American commanders were flat out terrified of them.   That a polish game company would completely refuse to even talk to an attacker does not surprise me.    The cyberattack group could possibly earned an implacable lifetime enemy.  I mean it.  This could bite them each individually 50 years from now.   Data release will do nothing but seal that. 

Edited February 10, 2021 by Bombastinator

[G4K]

On 2/9/2021 at 11:55 AM, flo_306 said:

This is just sad to see because the attacker is probably a sad fanboy. As if they didnt already have enough problems... Poor IT team.

I really enjoy playing cyperpunk... the game is so cool! i love the city and all the details. i think most ppl are overreacting. its impossible to NOT have bugs in a game with this size and complexity. Sure it could have been more polished but i truly believe that investors were pushing too hard....Yes its bad on console but you should be happy that there is even a ps4/ XBOX  version at all cuz their all last gen and just not really capable of running a detailed and complex world like that. 

I'm not sure that you can just put all of Cyberpunk's problems on "fans overreacting". They had an unfinished game on day 1, and they released it knowingly, and they even admitted to this, and I'm talking about the PC and next gen console variants. PLUS they forbid all the publicity and gameplay on the last gen console pre-release, AND they went ahead and sold people a game for those last gen console with an in-game resolution of 480-720P and 10-15 FPS.

 

Yes, it is impossible to test the game for different types of hardware when it comes to PC, and thus have a glitchy release that can be fixed with a Day 1 Patch, but then there's misleading people into buying a full price AAA game and promise them 60FPS while delivering 15...

[Actual_Criminal]

If the source code has been leaked, what are the actual day-to-day ramifications of this?

 

-Surely if it's just to find 'exploits' to hack users of the game, then these can be patched down the line.

-If it's to copy stuff, isn't that what Copyright law is for?

 

I'm genuinely asking. 

[Tristerin]

5 minutes ago, Actual_Criminal said:

If the source code has been leaked, what are the actual day-to-day ramifications of this?

 

-Surely if it's just to find 'exploits' to hack users of the game, then these can be patched down the line.

-If it's to copy stuff, isn't that what Copyright law is for?

 

I'm genuinely asking. 

I read this first post only, then came to end of post - also states they have had their server encrypted and 48 hours to respond.  So if the hackers encrypted all of their...everything....this is bad for them.  Unless they have backups, Im assuming.

[Jet_ski]

If you want your car to be thrown at you from the other end of the map, then go ahead and use CDPR’s code in your game.

 

 

[StDragon]

23 minutes ago, Jet_ski said:

If you want your car to be thrown at you from the other end of the map, then go ahead and use CDPR’s code in your game.

 

 

Hail a cab? 

[HenrySalayne]

1 hour ago, Actual_Criminal said:

If the source code has been leaked, what are the actual day-to-day ramifications of this?

 

-Surely if it's just to find 'exploits' to hack users of the game, then these can be patched down the line.

-If it's to copy stuff, isn't that what Copyright law is for?

 

I'm genuinely asking. 

Do you remember everything you stored on your system? Maybe most of the stuff is useless, but there could be anything: personal data, access keys, some secret and clever solution for a game mechanic, who knows?

[WhitetailAni]

Just now, HenrySalayne said:

Do you remember everything you stored on your system? Maybe most of the stuff is useless, but there could be anything: personal data, access keys, some secret and clever solution for a game mechanic, who knows?

I know maybe 80% of it.

The 20% is stuff from my dad and stuff in subsubsubsubsubsubsubsubsubfolders that I've never been to.

[Thaldor]

15 hours ago, Actual_Criminal said:

If the source code has been leaked, what are the actual day-to-day ramifications of this?

 

-Surely if it's just to find 'exploits' to hack users of the game, then these can be patched down the line.

-If it's to copy stuff, isn't that what Copyright law is for?

 

I'm genuinely asking. 

The source code in this case also includes REDengine 4 and while CP2077 might be buggy, it does include some quite impressive technology under the hood. Like only the optimization for mid- to high-end PCs is pretty impressive (GTX 1070 and ultra settings@1080p and no bigger hiccups, might not be 60fps but it also doesn't stutter) and there's probably quite many companies which would be even willing to pay to know how they did it and copy it for their own projects which would mean CDP would loose that edge in the competition. The game itself is just needless garbage filler put over the real treasure.

[wamred]

Oof, things like this are seeming to happen more and more lately. This doesn't seem good. 

[Actual_Criminal]

31 minutes ago, Thaldor said:

The source code in this case also includes REDengine 4 and while CP2077 might be buggy, it does include some quite impressive technology under the hood. Like only the optimization for mid- to high-end PCs is pretty impressive (GTX 1070 and ultra settings@1080p and no bigger hiccups, might not be 60fps but it also doesn't stutter) and there's probably quite many companies which would be even willing to pay to know how they did it and copy it for their own projects which would mean CDP would loose that edge in the competition. The game itself is just needless garbage filler put over the real treasure.

Still though, if the source code is copied and another dev team makes a non-copyrighted game based on the copied source code, who cares? - New decent games get released all the time.

 

Unless it directly affects Cyberpunk 2077 (or other games), or it's users, I don't see where the problem lies. 

[MultiGamerClub]

Sad to see shit like this happening when they could work on fixing the game instead.. Instead having to worry about this.. They fixed voice-lines in 1.12 patch, now for the rest of the game. Time will tell. Some times wish to refund all tho knowing ive pumped 70+ hours into it, most likely wont.

[Thaldor]

5 hours ago, Actual_Criminal said:

Still though, if the source code is copied and another dev team makes a non-copyrighted game based on the copied source code, who cares? - New decent games get released all the time.

 

Unless it directly affects Cyberpunk 2077 (or other games), or it's users, I don't see where the problem lies. 

It's not even the engine that any half-intelligent company would be after but the systems within the engine, like for example how CDPR made the pedestrian system so it was quite light for how much there is pedestrians. That is usually stuff that EA, Epic, Unity even Amazon today are interested about and may use millions in reverse-engineering or licensing from other games/engines to implement into their own game engines, not that they would directly copy-paste code from CP2077 source to their own engine and call it a day but to get someone twice smarter to understand how it was done and come up with a way to get to the same result with different enough method so the original developer can't sue them for it.

As said usually this is done through reverse-engineering that isn't the most pleasuring way to do it (everybody will say they don't do it but everybody does that, trust me) and often they just hire someone from the company who knows about those systems and get the knowledge through that or just license the shit, but having access to the source code of a game that includes the engine code intact, you can skip all that BS and just read how it was done and usually even have comments helping you to understand what the code does. Having that source code is a lot more nicer than reverse-engineering it and trying to make sense from that, most likely a lot cheaper than licensing it and you don't need to wait X months/years to ask about it from the guy hired from the original developer company (if you can even get the right guy).

[ravenshrike]

On 2/10/2021 at 2:33 PM, Actual_Criminal said:

If the source code has been leaked, what are the actual day-to-day ramifications of this?

Somewhat useful to modders as it allows them to see all the hooks in the game which in theory means they can change AI behavior and more. Not simple to do however and it will still take significant amounts of time. Not to mention that CDPR may be significantly changing things anyway.

[Bombastinator]

13 minutes ago, ravenshrike said:

Somewhat useful to modders as it allows them to see all the hooks in the game which in theory means they can change AI behavior and more. Not simple to do however and it will still take significant amounts of time. Not to mention that CDPR may be significantly changing things anyway.

Is it useful to entities looking to create competing games? Is it enough to produce a zero cost copy of the game?