That Huge Sony Hack May Have Been North Korea Retaliating Against James Franco And Seth Rogen

from the wait...really? dept

You may have heard recently that Sony Pictures experienced what the company called a “system disruption” and what everyone else referred to as “Oh, look, Sony employees are completely locked out of their own computers.” In place of a normal, working computer, Sony employees found poetic words and subtle imagery. Just kidding, it looked like an amateurish metal band CD insert artist vomited a splash page all over the screen.

It’s fairly likely that the GOP claiming responsibility for the hack wasn’t Karl Rove in his mother’s basement and there was little early speculation on who they in fact were, beyond the “Guardians of Peace” name the hackers claimed. While it’s not yet confirmed, reports are that the internal investigation Sony is conducting is eyeing none other than North Korea.

Sony Pictures Entertainment is exploring the possibility that hackers working on behalf of North Korea, perhaps operating out of China, may be behind a devastating attack that brought the studio’s network to a screeching halt earlier this week, sources familiar with the matter tell Re/code. The timing of the attack coincides with the imminent release of “The Interview,” a Sony film that depicts a CIA plot to assassinate North Korean leader Kim Jong-Un. The nation’s ever-belligerent state propaganda outlets have threatened “merciless retaliation” against the U.S. and other nations if the film is released.

Oh, North Korea. Look, if this was you, I’ll certainly agree that forcing anyone to look at that garish screenshot above likely qualifies as “merciless retaliation,” but I dare say it’s probably not going to be all that effective. And should you be found out to be behind this, having the entire planet laugh at your complete lack of sense of humor probably doesn’t take the sting out of the fact that you can’t feed your own people, despite having a self-proclaimed necro-deity still technically heading up the government.

And to have this reaction over a Hollywood film and then add your own cliffhanger is downright ironic.

“Hostile forces” are casting blame on North Korea, said a spokesman for the country’s mission at the United Nations, according to the Reuters news agency. “I kindly advise you to just wait and see.”

In the meantime, this is generating so much free publicity for The Interview, one wonders if Pyongyang is serving as a Sony marketing consultant.

Admittedly, whoever did do the hack seems to have really shaken up Sony Pictures (which appears to have had almost no real security at all), as it is rumored to have resulted in the leak of a few upcoming movies and a treasure trove of HR info, including some embarrassing info. Whether or not it’s North Koreans angry about a Rogen/Franco flick, or something else, it’s not making anyone look very good right now.

Filed Under: , , , ,
Companies: sony, sony pictures

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “That Huge Sony Hack May Have Been North Korea Retaliating Against James Franco And Seth Rogen”

Subscribe: RSS Leave a comment
Whoever says:

North Korea? Really?

Since Internet access is so limited in North Korea, where is North Korea going to find any script kiddies to do this?

My guess is that this is Sony trying to pretend that their security wasn’t so bad that it was penetrated by some immature teenage basement dwellers.

“It wasn’t our fault, it was that scary country over there. Yes, that will keep the shareholders off our backs for doing such a cr*p job of securing our systems”

Mike says:

Re: North Korea? Really?

North Korea has a specialized group of govt trained cyberwarriors that are one of the largest threats in the world to technical infrastructure in the civilized world today. Don’t discount their abilities, this wouldn’t have been done by NK civilian script kiddies, it would have been done by a well funded, well trained, group of experts that also attack South Korean and US data systems pretty much around the clock in attempts to disrupt our way of life and steal our trade secrets.

John Fenderson (profile) says:

Re: Re: North Korea? Really?

“one of the largest threats in the world to technical infrastructure in the civilized world today”

NK’s hacking groups are extremely good, but why do you characterize them as a serious threat to the technical infrastructure? Are they remotely setting bombs at routers or severing trunk lines?

tqk (profile) says:

Re: Re: Re: North Korea? Really?

I don’t know how good NK’s hackers are, but that may be irrelevant. Richard Clarke classifies the current state of computing security into two groups: those who’ve been hacked, and those who don’t yet know they’ve been hacked (NY Times).

Add the scare stories about all the non-airgapped and net accessible micro-controllers on critical infrastructure, and you’ve got the bar to potential disaster set dangerously low.

A few days ago, I clicked onto a site that’s displaying realtime CCTV output from thousands of security cameras whose owners hadn’t bothered to secure them. There are plenty of professionals who tell stories about egregiously vulnerably implemented micro-controllers hooked up to potential Bhopal scary disaster situations.

Any number of “bad guys” out there could be biding their time, accumulating access to controller after controller, just waiting for their perfect moment to spring the trap.

John Fenderson (profile) says:

Re: Re: Re:2 North Korea? Really?

“Richard Clarke classifies the current state of computing security into two groups: those who’ve been hacked, and those who don’t yet know they’ve been hacked (NY Times).”

That’s a very broad brush, but it’s also not as far from wrong as it should be.

Nonetheless, it doesn’t address my question at all: how is this a threat to the technical infrastructure? It’s certainly a threat to data, but that’s a totally different thing.

That One Guy (profile) says:

“Hostile forces” are casting blame on North Korea, said a spokesman for the country’s mission at the United Nations, according to the Reuters news agency. “I kindly advise you to just wait and see.”

Sony should have some fun with this actually, and release a public statement along the lines of “After careful consideration, we have determined that the North Korean government is not in fact responsible for the recent attack on our servers, as we have determined that they lack the technological capability to do so.”

Then everyone gets to sit back and have a good laugh as NK blusters on about how big and bad and scary they are, and how they could totally hack Sony if they wanted to.

tqk (profile) says:

More info.



Eleven TB of data! “Their network admins never noticed this shit being siphoned off?” — SunnyZ@TF.

The last time somebody hacked Sony, it was learned they were running servers which hadn’t been updated in years, and their tiny tech support staff had no chance to keep up with what would be expected of them.

Sony cheaps out on tech support, screws over users and customers, loses shareholders’ IP, and exposes their employees (including Angelina Jolie’s) personal information to crackers.

Fairly stunning faceplant for a corp the size of Sony.

Anonymous Anonymous Coward says:

Money for Security? Ha!

Sony cheeped out on security by running their root-kit on every machine in their organization. The IT security department then sat back and gleaned the fruits of the keyloggers, voice recognition, and supervisor rights on all computers and laughed at the NSA (bet those guys wish they had this). Meanwhile, our intrepid hackers reverse engineered the root-kit that Sony distributed with their PlayStations and rightly guessed that the ‘kit’ had not been updated. They then proceeded to create their own root-kit that rooted the Sony root-kit. And as Stan said to Laurel, “What a fine mess we are in”!

Wiilain (profile) says:

Chamber Of Commerce pushing Cybersecurity bill because of SONY today:

Please read: From the Hill as many of you know CISA legalizes NSA Spying and gets rid of Net Neutrality online without FCC approval I know I am conspiratorial, but I find it very strange all these hacker attacks are happening and I remember last October when Congressman Mike Rodgers promised he would do everything in his power to get CISA on the Senate floor With a case being decided about controlling and arresting people for there Free Speech when making comments on the web (I wonder after this decision would it be legal to want death for Usama Bin Laden especially if people were so angry about the towers falling and this case was ruled before 9/11 happened would then the BIG BAD FBI come over your house and put you in jail?) Insane. Techdirt please let your readers know the Chamber Of Commerce has not given up in putting CISA to a vote this month before the Senate Christmas recess. Do not let the Senate take over the internet. Help stop CISA S.2588 and for all you readers call the Senate 2022243121 and after you give the operator your Zip Code, tell your 2 Senators NO TO CISA S.2588

DaveK says:

Re: So what's in the

There’s no actual data in that zip file. It’s just got a couple of enormous text files with listings of the filenames of all the data they’re claiming to have stolen, and a readme.txt that says:

These two files are the lists of secret data we have acquired from SPE.

Anyone who needs the data, send an email titled ¡¶To the Guardians of Peace¡· to the following email addresses.

Here’s the head and tail of the two listing files, just to give you an idea what they claim to have:

C:UsersMYNAMEDownloadsSPEData>head list1.txt list2.txt
==> list1.txt <==
Credit Templets Aug 2011.xlsx
J Belknip Inventory box pickup.doc
Blank Inventory Sheet.xlsx
Mixing Log.xlsx
ADR & Foley Crew Costs.xlsx

==> list2.txt <==
Shortcut to apps on ‘usccipwv05’ (I).lnk

C:UsersMYNAMEDownloadsSPEData>tail list1.txt list2.txt
==> list1.txt <==
10s DSR 10.25.10, 10-11-SP.xls
10s DSR 10.25.10, 09-10 and 10-11-KO.xls
Sloane’s DSR w-o 10-25.pdf
Sloane’s DSR w-o 11-8.pdf
10s DSR 10.18.10, 10-11-SP.xls
Kirk’s DSR w-o 10-25.pdf
Kirk’s DSR w-o 10-18.pdf
Kirk’s DSR w-o 11-8.pdf
Dr. Oz Fall11 Terre Haute.docx
Fargo.Dr. Oz Renewal Pitch.pdf

==> list2.txt <==


Anonymous Coward says:

Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.

NK is well known to use such vocabulary as “merciless retaliation” so that part would not surprise me. I sort of felt like I got a merit badge or something on Reddit as NK has a bot hunting for anyone saying bad about it. Bans you before you even know it was there. Can’t say I missed a dang thing; rather proud of being banned from it without showing up or even knowing of it’s existence.

Little chubby from NK gets butt hurt over the slightest things so I wouldn’t be surprised.

ltlw0lf (profile) says:

Re: Re:

Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.

I was soaking in the karma schadenfreude when Sony Entertainment of America laid off their network and security staff six months before PSN got hacked because they were too expensive. A friend of mine laid off six months before was asked by Sony to come back and help them fix PSN after it got hacked, and he told them to take a long walk off a short pier.

This is just icing on the cake I am already choking on.

ltlw0lf (profile) says:

Re: Re: Re: Re:

if you think computer security is expensive you should look at the costs of not having it.

I’m not of that opinion, though it is certainly valid.

There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA) and those should be removed or replaced with better security that is also cheaper. There is a lot of security that is cheap and absolutely necessary, like installing security patches on a regular basis. If you think computer security is expensive, you should look at what you have, determine if it is necessary and worth the risk of not having it, and go from there.

You should never make any decision on anything, security or otherwise, solely based on the cost alone. After all, Sony did replace their security/networking staff with cheaper ones, that brought with them the lack of experience and understanding of basic security/administration principles. Many of the machines compromised did not have the latest security patches…pretty basic system administration 101 type stuff.

sigalrm says:

This is a unique opportunity....

To allow the movie industry to validate some of their theories.

As part of this hack, it looks like DVD images of the following movies have been released: “Fury”, “Annie”, “Mr. Turner”, “Still Alice” and “To Write Love on Her Arms”

This seems like an excellent opportunity to determine if Piracy really will destroy the earnings for those films. By the film industries own logic, it should at this point be impossible for any of these movies to bring in any money, now that they’re available for free…

John85851 (profile) says:

Re: This is a unique opportunity....

I assume you’re being sarcastic.
Of course Sony will blame the low performace of these movies on this hack… whether the movies make money or not.

For example, “Annie” could go on to make a billion dollars, but Sony will still complain that it could have made more if not for the North Korean hackers.
Of course, this doesn’t address the question of why they decided the world needed an “Annie” remake, but whatever.

John Fenderson (profile) says:

Re: "self-proclaimed necro-deity"

This is a reasonable overview:

The summary is this:

North Korean authorities have co-opted portions of Christianity and Buddhism, and adopted them to their own uses, while greatly restricting all religions in general as they are seen as a threat to the regime. An example of this can be seen in the description of Kim Il-sung as a god, and Kim Jong-il as the son of a god or “Sun of the Nation”, evoking the father-son imagery of Christianity. According to author Victor Cha, during the first part of Kim Il-sung’s rule, the state destroyed over 2,000 Buddhist temples and Christian churches which might detract from fidelity to Kim. There is even widespread belief that Kim-il Sung “created the world” and that Kim Jong-il controlled the weather.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...