That Huge Sony Hack May Have Been North Korea Retaliating Against James Franco And Seth Rogen

from the wait...really? dept

You may have heard recently that Sony Pictures experienced what the company called a "system disruption" and what everyone else referred to as "Oh, look, Sony employees are completely locked out of their own computers." In place of a normal, working computer, Sony employees found poetic words and subtle imagery. Just kidding, it looked like an amateurish metal band CD insert artist vomited a splash page all over the screen.

It's fairly likely that the GOP claiming responsibility for the hack wasn't Karl Rove in his mother's basement and there was little early speculation on who they in fact were, beyond the "Guardians of Peace" name the hackers claimed. While it's not yet confirmed, reports are that the internal investigation Sony is conducting is eyeing none other than North Korea.

Sony Pictures Entertainment is exploring the possibility that hackers working on behalf of North Korea, perhaps operating out of China, may be behind a devastating attack that brought the studio’s network to a screeching halt earlier this week, sources familiar with the matter tell Re/code. The timing of the attack coincides with the imminent release of “The Interview,” a Sony film that depicts a CIA plot to assassinate North Korean leader Kim Jong-Un. The nation’s ever-belligerent state propaganda outlets have threatened “merciless retaliation” against the U.S. and other nations if the film is released.
Oh, North Korea. Look, if this was you, I'll certainly agree that forcing anyone to look at that garish screenshot above likely qualifies as "merciless retaliation," but I dare say it's probably not going to be all that effective. And should you be found out to be behind this, having the entire planet laugh at your complete lack of sense of humor probably doesn't take the sting out of the fact that you can't feed your own people, despite having a self-proclaimed necro-deity still technically heading up the government.

And to have this reaction over a Hollywood film and then add your own cliffhanger is downright ironic.
"Hostile forces" are casting blame on North Korea, said a spokesman for the country's mission at the United Nations, according to the Reuters news agency. "I kindly advise you to just wait and see."
In the meantime, this is generating so much free publicity for The Interview, one wonders if Pyongyang is serving as a Sony marketing consultant.

Admittedly, whoever did do the hack seems to have really shaken up Sony Pictures (which appears to have had almost no real security at all), as it is rumored to have resulted in the leak of a few upcoming movies and a treasure trove of HR info, including some embarrassing info. Whether or not it's North Koreans angry about a Rogen/Franco flick, or something else, it's not making anyone look very good right now.

Filed Under: guardians of peace, hack, james franco, north korea, seth rogen
Companies: sony, sony pictures


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 2 Dec 2014 @ 3:06pm

    'Pretty please don't' security?

    You know, given how easy it seems to be to hack Sony, I have to wonder if their entire security measures are nothing more than text telling would-be hackers 'Please don't break into our servers'.

    Seriously, hacked by North Korea? That's just sad.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 3:07pm

    You could sadly add American Politicians in place of North Korea and the shoe would fit pretty much the same.

    reply to this | link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 2 Dec 2014 @ 3:09pm

    Sony Pictures (which appears to have had almost no real security at all)

    This is Sony; what did you expect?

    reply to this | link to this | view in chronology ]

  • identicon
    Whoever, 2 Dec 2014 @ 3:09pm

    North Korea? Really?

    Since Internet access is so limited in North Korea, where is North Korea going to find any script kiddies to do this?

    My guess is that this is Sony trying to pretend that their security wasn't so bad that it was penetrated by some immature teenage basement dwellers.
    "It wasn't our fault, it was that scary country over there. Yes, that will keep the shareholders off our backs for doing such a cr*p job of securing our systems"

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Dec 2014 @ 8:30pm

      Re: North Korea? Really?

      I think it really is the Grand Old Party- GOP just pretending to be north Koreans.

      reply to this | link to this | view in chronology ]

    • icon
      Tobias Harms (profile), 3 Dec 2014 @ 12:43am

      Re: North Korea? Really?

      Well the article did say that they where probably hired from China.

      reply to this | link to this | view in chronology ]

    • identicon
      Mike, 4 Dec 2014 @ 7:01am

      Re: North Korea? Really?

      North Korea has a specialized group of govt trained cyberwarriors that are one of the largest threats in the world to technical infrastructure in the civilized world today. Don't discount their abilities, this wouldn't have been done by NK civilian script kiddies, it would have been done by a well funded, well trained, group of experts that also attack South Korean and US data systems pretty much around the clock in attempts to disrupt our way of life and steal our trade secrets.

      reply to this | link to this | view in chronology ]

      • icon
        John Fenderson (profile), 4 Dec 2014 @ 10:32am

        Re: Re: North Korea? Really?

        "one of the largest threats in the world to technical infrastructure in the civilized world today"

        NK's hacking groups are extremely good, but why do you characterize them as a serious threat to the technical infrastructure? Are they remotely setting bombs at routers or severing trunk lines?

        reply to this | link to this | view in chronology ]

        • icon
          tqk (profile), 4 Dec 2014 @ 1:10pm

          Re: Re: Re: North Korea? Really?

          I don't know how good NK's hackers are, but that may be irrelevant. Richard Clarke classifies the current state of computing security into two groups: those who've been hacked, and those who don't yet know they've been hacked (NY Times).

          Add the scare stories about all the non-airgapped and net accessible micro-controllers on critical infrastructure, and you've got the bar to potential disaster set dangerously low.

          A few days ago, I clicked onto a site that's displaying realtime CCTV output from thousands of security cameras whose owners hadn't bothered to secure them. There are plenty of professionals who tell stories about egregiously vulnerably implemented micro-controllers hooked up to potential Bhopal scary disaster situations.

          Any number of "bad guys" out there could be biding their time, accumulating access to controller after controller, just waiting for their perfect moment to spring the trap.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 4 Dec 2014 @ 3:13pm

            Re: Re: Re: Re: North Korea? Really?

            "Richard Clarke classifies the current state of computing security into two groups: those who've been hacked, and those who don't yet know they've been hacked (NY Times)."

            That's a very broad brush, but it's also not as far from wrong as it should be.

            Nonetheless, it doesn't address my question at all: how is this a threat to the technical infrastructure? It's certainly a threat to data, but that's a totally different thing.

            reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 2 Dec 2014 @ 3:12pm

    "Hostile forces" are casting blame on North Korea, said a spokesman for the country's mission at the United Nations, according to the Reuters news agency. "I kindly advise you to just wait and see."

    Sony should have some fun with this actually, and release a public statement along the lines of "After careful consideration, we have determined that the North Korean government is not in fact responsible for the recent attack on our servers, as we have determined that they lack the technological capability to do so."

    Then everyone gets to sit back and have a good laugh as NK blusters on about how big and bad and scary they are, and how they could totally hack Sony if they wanted to.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 3:35pm

    "[...] as it is rumored to have resulted in the leak of a few upcoming movies and a treasure trove of HR info [...]
    "


    One must ask what the hell creative content and personnel info are doing on the same network. Apparently Sony's IT personnel still think it's 1997.

    reply to this | link to this | view in chronology ]

  • icon
    AricTheRed (profile), 2 Dec 2014 @ 3:39pm

    Clickbait!!! I want my $0.04!

    I had to, just had to check out the "embarrassing info" link.

    Just think how pissed Michael Pavlic must be to be paid less than Michael Barker, all because of the alphabetical payroll scheme there @ Sony.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 4:27pm

    I wonder if it was actually a spoof to raise publicity by faking a hack for the movie. However when it was learned about actual hackers attacked and that is when the content was stolen along with the actual disruption of their network.

    reply to this | link to this | view in chronology ]

  • icon
    sorrykb (profile), 2 Dec 2014 @ 4:28pm

    It's fairly likely that the GOP claiming responsibility for the hack wasn't Karl Rove in his mother's basement

    Thank you for that mental image... at once terrifying and deeply enlightening.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 4:32pm

    I read the hackers completely formatted all of Sony's hard drives, including the master boot record and partitions. This hack definitely seemed like a giant FU.

    reply to this | link to this | view in chronology ]

  • icon
    Blackfiredragon13 (profile), 2 Dec 2014 @ 4:37pm

    Didn't kim-something say something about going to see it?

    reply to this | link to this | view in chronology ]

  • icon
    tqk (profile), 2 Dec 2014 @ 4:47pm

    More info.

    See http://krebsonsecurity.com/2014/12/sony-breach-may-have-exposed-employee-healthcare-salary-data/

    and

    h ttp://torrentfreak.com/sony-movies-leak-online-after-hack-attack-141129/?utm_source=feedburner&u tm_medium=feed&utm_campaign=Feed%3A+Torrentfreak+%28Torrentfreak%29

    Eleven TB of data! "Their network admins never noticed this shit being siphoned off?" -- SunnyZ@TF.

    The last time somebody hacked Sony, it was learned they were running servers which hadn't been updated in years, and their tiny tech support staff had no chance to keep up with what would be expected of them.

    Sony cheaps out on tech support, screws over users and customers, loses shareholders' IP, and exposes their employees (including Angelina Jolie's) personal information to crackers.

    Fairly stunning faceplant for a corp the size of Sony.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Anonymous Coward, 2 Dec 2014 @ 5:29pm

    Money for Security? Ha!

    Sony cheeped out on security by running their root-kit on every machine in their organization. The IT security department then sat back and gleaned the fruits of the keyloggers, voice recognition, and supervisor rights on all computers and laughed at the NSA (bet those guys wish they had this). Meanwhile, our intrepid hackers reverse engineered the root-kit that Sony distributed with their PlayStations and rightly guessed that the 'kit' had not been updated. They then proceeded to create their own root-kit that rooted the Sony root-kit. And as Stan said to Laurel, "What a fine mess we are in"!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Anonymous Coward, 2 Dec 2014 @ 5:30pm

      Re: Money for Security? Ha!

      Dang-it, that should be as Stan said to Oliver, otherwise he would be talking to himself...well not so out of character.

      reply to this | link to this | view in chronology ]

  • identicon
    Wiilain, 2 Dec 2014 @ 6:37pm

    Chamber Of Commerce pushing Cybersecurity bill because of SONY today:

    Please read: From the Hill

    http://thehill.com/policy/cybersecurity/225758-industry-still-pushing-for-lame-duck-cyber-bill as many of you know CISA legalizes NSA Spying http://www.theguardian.com/commentisfree/2014/jul/12/senate-nsa-secret-cybersecurity-information-sha ring-act and gets rid of Net Neutrality online without FCC approval http://www.usnews.com/news/articles/2014/07/07/nsa-net-neutrality-fears-overshadow-senate-cybersecur ity-vote I know I am conspiratorial, but I find it very strange all these hacker attacks are happening and I remember last October when Congressman Mike Rodgers promised he would do everything in his power to get CISA on the Senate floor http://thehill.com/policy/technology/219429-house-chairman-fears-political-tantrums-could-sink-cyber -bill With a case being decided about controlling and arresting people for there Free Speech when making comments on the web http://www.latimes.com/nation/la-na-supreme-court-facebook-threats-free-speech-20141201-story.html (I wonder after this decision would it be legal to want death for Usama Bin Laden especially if people were so angry about the towers falling and this case was ruled before 9/11 happened would then the BIG BAD FBI come over your house and put you in jail?) Insane. Techdirt please let your readers know the Chamber Of Commerce has not given up in putting CISA to a vote this month before the Senate Christmas recess. Do not let the Senate take over the internet. Help stop CISA S.2588 and for all you readers call the Senate www.senate.gov 2022243121 and after you give the operator your Zip Code, tell your 2 Senators NO TO CISA S.2588

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 7:08pm

    So what's in the SPEData.zip?

    reply to this | link to this | view in chronology ]

    • icon
      DaveK (profile), 2 Dec 2014 @ 10:37pm

      Re: So what's in the SPEData.zip?

      There's no actual data in that zip file. It's just got a couple of *enormous* text files with listings of the filenames of all the data they're claiming to have stolen, and a readme.txt that says:

      These two files are the lists of secret data we have acquired from SPE.

      Anyone who needs the data, send an email titled ¡¶To the Guardians of Peace¡· to the following email addresses.

      marc.parker-8t52ebo@yopmail.com
      emma.murphy-0ohbp3m1@yopmail.com
      lisa.harris-cxkjch3@yopmail .com
      john.murphy-7o2h3uh3@yopmail.com
      axel.turner-ffqbv9c@yopmail.com
      lisa.harris-ezd6e1j@yopmail.com
      mi ke.morris-f2iyqki@yopmail.com
      abc@spambog.com
      lena@spambog.com
      john@spambog.com


      Here's the head and tail of the two listing files, just to give you an idea what they claim to have:

      C:\Users\MYNAME\Downloads\SPEData>head list1.txt list2.txt
      ==> list1.txt <==
      Credit Templets Aug 2011.xlsx
      DataRestorationSheet.docx
      DataRestorationSheet.pdf
      J Belknip Inventory box pickup.doc
      Blank Inventory Sheet.xlsx
      Mixing Log.xlsx
      ADR & Foley Crew Costs.xlsx
      PRORECAP.DOC
      PRORECA2.DOC
      PROPPROP.DOC

      ==> list2.txt <==
      voldata.tdf
      Shortcut to apps on 'usccipwv05' (I).lnk
      dev_rfc.trc
      wiped00
      Thumbs.db
      DATA_Inventory.html
      CIFS_testfile
      .DS_Store
      QA.CFG
      THESTUDI.LNK

      C:\User s\MYNAME\Downloads\SPEData>tail list1.txt list2.txt
      ==> list1.txt <==
      10s DSR 10.25.10, 10-11-SP.xls
      10s DSR 10.25.10, 09-10 and 10-11-KO.xls
      Sloane's DSR w-o 10-25.pdf
      Sloane's DSR w-o 11-8.pdf
      10s DSR 10.18.10, 10-11-SP.xls
      Kirk's DSR w-o 10-25.pdf
      Kirk's DSR w-o 10-18.pdf
      Kirk's DSR w-o 11-8.pdf
      Dr. Oz Fall11 Terre Haute.docx
      Fargo.Dr. Oz Renewal Pitch.pdf

      ==> list2.txt <==
      n38500311_31917115_5966.jpg
      boards.weddingbee.com.htm
      Thumbs.db
      n12128422_32339518_8425.jpg
      n38500 311_31917100_1902.jpg
      n12128422_32339516_6355.jpg
      n38500311_31917280_6102.jpg
      Desktop.ini
      SPE_DT.log
      SPE_ DT.sdb

      C:\Users\DKAdmin\Downloads\tablet\SPEData>

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Dec 2014 @ 7:12pm

    Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.

    NK is well known to use such vocabulary as "merciless retaliation" so that part would not surprise me. I sort of felt like I got a merit badge or something on Reddit as NK has a bot hunting for anyone saying bad about it. Bans you before you even know it was there. Can't say I missed a dang thing; rather proud of being banned from it without showing up or even knowing of it's existence.

    Little chubby from NK gets butt hurt over the slightest things so I wouldn't be surprised.

    reply to this | link to this | view in chronology ]

    • icon
      ltlw0lf (profile), 2 Dec 2014 @ 8:24pm

      Re:

      Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.

      I was soaking in the karma schadenfreude when Sony Entertainment of America laid off their network and security staff six months before PSN got hacked because they were too expensive. A friend of mine laid off six months before was asked by Sony to come back and help them fix PSN after it got hacked, and he told them to take a long walk off a short pier.

      This is just icing on the cake I am already choking on.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 2 Dec 2014 @ 11:10pm

        Re: Re:

        Ultimate lesson: if you think computer security is expensive you should look at the costs of not having it.

        reply to this | link to this | view in chronology ]

        • icon
          ltlw0lf (profile), 3 Dec 2014 @ 7:15am

          Re: Re: Re:

          if you think computer security is expensive you should look at the costs of not having it.

          I'm not of that opinion, though it is certainly valid.

          There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA) and those should be removed or replaced with better security that is also cheaper. There is a lot of security that is cheap and absolutely necessary, like installing security patches on a regular basis. If you think computer security is expensive, you should look at what you have, determine if it is necessary and worth the risk of not having it, and go from there.

          You should never make any decision on anything, security or otherwise, solely based on the cost alone. After all, Sony did replace their security/networking staff with cheaper ones, that brought with them the lack of experience and understanding of basic security/administration principles. Many of the machines compromised did not have the latest security patches...pretty basic system administration 101 type stuff.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 3 Dec 2014 @ 9:43am

            Re: Re: Re: Re:

            "There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA)"

            In terms of the old adage about the cost of security, things like what the TSA is doing doesn't count -- because what they're doing isn't really security. The adage is talking about actual security.

            reply to this | link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 2 Dec 2014 @ 9:12pm

    "Hostile forces" are casting blame on North Korea


    Well, Sony is rather a hostile force, on average, as laughable as this NK comment is. But with very low defenses, apparently.

    reply to this | link to this | view in chronology ]

  • identicon
    Roman Prokopchuk, 2 Dec 2014 @ 10:25pm

    North Korea the Most Petty Communist Country

    It's funny that a country is so brain washed that it threatened war over an assassination attempt of their leader in a movie. Technology, social media, and media are all state run brainwashing which is sad to see.

    reply to this | link to this | view in chronology ]

  • identicon
    Kronomex, 3 Dec 2014 @ 1:20am

    What a crock of crap! Sony got caught with their security down so let's blame...oh, I don't know...how about North Korea? Good idea...snort...snigger...chortle.

    reply to this | link to this | view in chronology ]

  • icon
    Violynne (profile), 3 Dec 2014 @ 3:27am

    Well, this may be a childish stance on Sony's situation, but...


    AHAHAHAHAHAHAHAHAHAHA!

    This has been wonderful news. The only way it gets topped off: "Sony declares bankruptcy."

    reply to this | link to this | view in chronology ]

  • icon
    sigalrm (profile), 3 Dec 2014 @ 7:34am

    This is a unique opportunity....

    To allow the movie industry to validate some of their theories.

    As part of this hack, it looks like DVD images of the following movies have been released: “Fury”, “Annie”, “Mr. Turner”, “Still Alice” and “To Write Love on Her Arms”

    This seems like an excellent opportunity to determine if Piracy really will destroy the earnings for those films. By the film industries own logic, it should at this point be impossible for any of these movies to bring in any money, now that they're available for free...

    reply to this | link to this | view in chronology ]

    • icon
      John85851 (profile), 3 Dec 2014 @ 9:52am

      Re: This is a unique opportunity....

      I assume you're being sarcastic.
      Of course Sony will blame the low performace of these movies on this hack... whether the movies make money or not.

      For example, "Annie" could go on to make a billion dollars, but Sony will still complain that it could have made more if not for the North Korean hackers.
      Of course, this doesn't address the question of why they decided the world needed an "Annie" remake, but whatever.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 3 Dec 2014 @ 7:47am

    "self-proclaimed necro-deity"

    I don't believe he ever proclaimed himself to be a necro-deity, and nothing in the linked article says that... but I'd love to be proven wrong.

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 3 Dec 2014 @ 10:19am

      Re: "self-proclaimed necro-deity"

      This is a reasonable overview: http://en.wikipedia.org/wiki/North_Korea%27s_cult_of_personality

      The summary is this:

      North Korean authorities have co-opted portions of Christianity and Buddhism, and adopted them to their own uses, while greatly restricting all religions in general as they are seen as a threat to the regime. An example of this can be seen in the description of Kim Il-sung as a god, and Kim Jong-il as the son of a god or "Sun of the Nation", evoking the father-son imagery of Christianity. According to author Victor Cha, during the first part of Kim Il-sung's rule, the state destroyed over 2,000 Buddhist temples and Christian churches which might detract from fidelity to Kim. There is even widespread belief that Kim-il Sung "created the world" and that Kim Jong-il controlled the weather.

      reply to this | link to this | view in chronology ]

    • identicon
      alan turing, 3 Dec 2014 @ 1:57pm

      Re: "self-proclaimed necro-deity"

      Kim Il-sung is still technically the incumbent in North Korea, so there's that...

      reply to this | link to this | view in chronology ]

  • identicon
    Rekrul, 3 Dec 2014 @ 8:36pm

    You know what would be really funny? If Sony found out that the reason their network got hacked was because some of their employees played older Sony music CDs on their work computers, and it installed Sony's rootkit.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.