I wonder for how long were these guys inside Sony's network. This analysis may indicate weeks or months, as it does the fact that the attackers extracted terabytes of information without anyone noticing.

It isnt clear from the article, but how did Blue Coat get the sample? Is Sony their client and their product missed this malware and this is the postmortem?

OT but: "The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it"

That's because Chrome is phasing out SSL certificates issued using the outdated SHA-1, starting with the minor warning (the yellow triangle) for certificates with expiration date on or after Jan/2017. In this case, the certificate expires on 3/2018.

Ironically, Blue Coat is a security company [2].

[1] http://googleonlinesecurity.blogspot.com/2014/09/gradually-s...

[2] http://en.wikipedia.org/wiki/Blue_Coat_Systems