That Huge Sony Hack May Have Been North Korea Retaliating Against James Franco And Seth Rogen
from the wait...really? dept
You may have heard recently that Sony Pictures experienced what the company called a “system disruption” and what everyone else referred to as “Oh, look, Sony employees are completely locked out of their own computers.” In place of a normal, working computer, Sony employees found poetic words and subtle imagery. Just kidding, it looked like an amateurish metal band CD insert artist vomited a splash page all over the screen.
It’s fairly likely that the GOP claiming responsibility for the hack wasn’t Karl Rove in his mother’s basement and there was little early speculation on who they in fact were, beyond the “Guardians of Peace” name the hackers claimed. While it’s not yet confirmed, reports are that the internal investigation Sony is conducting is eyeing none other than North Korea.
Sony Pictures Entertainment is exploring the possibility that hackers working on behalf of North Korea, perhaps operating out of China, may be behind a devastating attack that brought the studio’s network to a screeching halt earlier this week, sources familiar with the matter tell Re/code. The timing of the attack coincides with the imminent release of “The Interview,” a Sony film that depicts a CIA plot to assassinate North Korean leader Kim Jong-Un. The nation’s ever-belligerent state propaganda outlets have threatened “merciless retaliation” against the U.S. and other nations if the film is released.
Oh, North Korea. Look, if this was you, I’ll certainly agree that forcing anyone to look at that garish screenshot above likely qualifies as “merciless retaliation,” but I dare say it’s probably not going to be all that effective. And should you be found out to be behind this, having the entire planet laugh at your complete lack of sense of humor probably doesn’t take the sting out of the fact that you can’t feed your own people, despite having a self-proclaimed necro-deity still technically heading up the government.
And to have this reaction over a Hollywood film and then add your own cliffhanger is downright ironic.
“Hostile forces” are casting blame on North Korea, said a spokesman for the country’s mission at the United Nations, according to the Reuters news agency. “I kindly advise you to just wait and see.”
In the meantime, this is generating so much free publicity for The Interview, one wonders if Pyongyang is serving as a Sony marketing consultant.
Admittedly, whoever did do the hack seems to have really shaken up Sony Pictures (which appears to have had almost no real security at all), as it is rumored to have resulted in the leak of a few upcoming movies and a treasure trove of HR info, including some embarrassing info. Whether or not it’s North Koreans angry about a Rogen/Franco flick, or something else, it’s not making anyone look very good right now.
Filed Under: guardians of peace, hack, james franco, north korea, seth rogen
Companies: sony, sony pictures
Comments on “That Huge Sony Hack May Have Been North Korea Retaliating Against James Franco And Seth Rogen”
'Pretty please don't' security?
You know, given how easy it seems to be to hack Sony, I have to wonder if their entire security measures are nothing more than text telling would-be hackers ‘Please don’t break into our servers’.
Seriously, hacked by North Korea? That’s just sad.
You could sadly add American Politicians in place of North Korea and the shoe would fit pretty much the same.
This is Sony; what did you expect?
North Korea? Really?
Since Internet access is so limited in North Korea, where is North Korea going to find any script kiddies to do this?
My guess is that this is Sony trying to pretend that their security wasn’t so bad that it was penetrated by some immature teenage basement dwellers.
Re: North Korea? Really?
I think it really is the Grand Old Party- GOP just pretending to be north Koreans.
Re: North Korea? Really?
Well the article did say that they where probably hired from China.
Re: North Korea? Really?
North Korea has a specialized group of govt trained cyberwarriors that are one of the largest threats in the world to technical infrastructure in the civilized world today. Don’t discount their abilities, this wouldn’t have been done by NK civilian script kiddies, it would have been done by a well funded, well trained, group of experts that also attack South Korean and US data systems pretty much around the clock in attempts to disrupt our way of life and steal our trade secrets.
Re: Re: North Korea? Really?
“one of the largest threats in the world to technical infrastructure in the civilized world today”
NK’s hacking groups are extremely good, but why do you characterize them as a serious threat to the technical infrastructure? Are they remotely setting bombs at routers or severing trunk lines?
Re: Re: Re: North Korea? Really?
I don’t know how good NK’s hackers are, but that may be irrelevant. Richard Clarke classifies the current state of computing security into two groups: those who’ve been hacked, and those who don’t yet know they’ve been hacked (NY Times).
Add the scare stories about all the non-airgapped and net accessible micro-controllers on critical infrastructure, and you’ve got the bar to potential disaster set dangerously low.
A few days ago, I clicked onto a site that’s displaying realtime CCTV output from thousands of security cameras whose owners hadn’t bothered to secure them. There are plenty of professionals who tell stories about egregiously vulnerably implemented micro-controllers hooked up to potential Bhopal scary disaster situations.
Any number of “bad guys” out there could be biding their time, accumulating access to controller after controller, just waiting for their perfect moment to spring the trap.
Re: Re: Re:2 North Korea? Really?
“Richard Clarke classifies the current state of computing security into two groups: those who’ve been hacked, and those who don’t yet know they’ve been hacked (NY Times).”
That’s a very broad brush, but it’s also not as far from wrong as it should be.
Nonetheless, it doesn’t address my question at all: how is this a threat to the technical infrastructure? It’s certainly a threat to data, but that’s a totally different thing.
“Hostile forces” are casting blame on North Korea, said a spokesman for the country’s mission at the United Nations, according to the Reuters news agency. “I kindly advise you to just wait and see.”
Sony should have some fun with this actually, and release a public statement along the lines of “After careful consideration, we have determined that the North Korean government is not in fact responsible for the recent attack on our servers, as we have determined that they lack the technological capability to do so.”
Then everyone gets to sit back and have a good laugh as NK blusters on about how big and bad and scary they are, and how they could totally hack Sony if they wanted to.
“[…] as it is rumored to have resulted in the leak of a few upcoming movies and a treasure trove of HR info […]
“
One must ask what the hell creative content and personnel info are doing on the same network. Apparently Sony’s IT personnel still think it’s 1997.
Clickbait!!! I want my $0.04!
I had to, just had to check out the “embarrassing info” link.
Just think how pissed Michael Pavlic must be to be paid less than Michael Barker, all because of the alphabetical payroll scheme there @ Sony.
I wonder if it was actually a spoof to raise publicity by faking a hack for the movie. However when it was learned about actual hackers attacked and that is when the content was stolen along with the actual disruption of their network.
Thank you for that mental image… at once terrifying and deeply enlightening.
I read the hackers completely formatted all of Sony’s hard drives, including the master boot record and partitions. This hack definitely seemed like a giant FU.
Didn’t kim-something say something about going to see it?
More info.
See http://krebsonsecurity.com/2014/12/sony-breach-may-have-exposed-employee-healthcare-salary-data/
and
http://torrentfreak.com/sony-movies-leak-online-after-hack-attack-141129/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Torrentfreak+%28Torrentfreak%29
Eleven TB of data! “Their network admins never noticed this shit being siphoned off?” — SunnyZ@TF.
The last time somebody hacked Sony, it was learned they were running servers which hadn’t been updated in years, and their tiny tech support staff had no chance to keep up with what would be expected of them.
Sony cheaps out on tech support, screws over users and customers, loses shareholders’ IP, and exposes their employees (including Angelina Jolie’s) personal information to crackers.
Fairly stunning faceplant for a corp the size of Sony.
Money for Security? Ha!
Sony cheeped out on security by running their root-kit on every machine in their organization. The IT security department then sat back and gleaned the fruits of the keyloggers, voice recognition, and supervisor rights on all computers and laughed at the NSA (bet those guys wish they had this). Meanwhile, our intrepid hackers reverse engineered the root-kit that Sony distributed with their PlayStations and rightly guessed that the ‘kit’ had not been updated. They then proceeded to create their own root-kit that rooted the Sony root-kit. And as Stan said to Laurel, “What a fine mess we are in”!
Re: Money for Security? Ha!
Dang-it, that should be as Stan said to Oliver, otherwise he would be talking to himself…well not so out of character.
Chamber Of Commerce pushing Cybersecurity bill because of SONY today:
Please read: From the Hill
http://thehill.com/policy/cybersecurity/225758-industry-still-pushing-for-lame-duck-cyber-bill as many of you know CISA legalizes NSA Spying http://www.theguardian.com/commentisfree/2014/jul/12/senate-nsa-secret-cybersecurity-information-sharing-act and gets rid of Net Neutrality online without FCC approval http://www.usnews.com/news/articles/2014/07/07/nsa-net-neutrality-fears-overshadow-senate-cybersecurity-vote I know I am conspiratorial, but I find it very strange all these hacker attacks are happening and I remember last October when Congressman Mike Rodgers promised he would do everything in his power to get CISA on the Senate floor http://thehill.com/policy/technology/219429-house-chairman-fears-political-tantrums-could-sink-cyber-bill With a case being decided about controlling and arresting people for there Free Speech when making comments on the web http://www.latimes.com/nation/la-na-supreme-court-facebook-threats-free-speech-20141201-story.html (I wonder after this decision would it be legal to want death for Usama Bin Laden especially if people were so angry about the towers falling and this case was ruled before 9/11 happened would then the BIG BAD FBI come over your house and put you in jail?) Insane. Techdirt please let your readers know the Chamber Of Commerce has not given up in putting CISA to a vote this month before the Senate Christmas recess. Do not let the Senate take over the internet. Help stop CISA S.2588 and for all you readers call the Senate http://www.senate.gov 2022243121 and after you give the operator your Zip Code, tell your 2 Senators NO TO CISA S.2588
So what’s in the SPEData.zip?
Re: So what's in the SPEData.zip?
There’s no actual data in that zip file. It’s just got a couple of enormous text files with listings of the filenames of all the data they’re claiming to have stolen, and a readme.txt that says:
These two files are the lists of secret data we have acquired from SPE.
Anyone who needs the data, send an email titled ¡¶To the Guardians of Peace¡· to the following email addresses.
marc.parker-8t52ebo@yopmail.com
emma.murphy-0ohbp3m1@yopmail.com
lisa.harris-cxkjch3@yopmail.com
john.murphy-7o2h3uh3@yopmail.com
axel.turner-ffqbv9c@yopmail.com
lisa.harris-ezd6e1j@yopmail.com
mike.morris-f2iyqki@yopmail.com
abc@spambog.com
lena@spambog.com
john@spambog.com
Here’s the head and tail of the two listing files, just to give you an idea what they claim to have:
C:UsersMYNAMEDownloadsSPEData>head list1.txt list2.txt
==> list1.txt <==
Credit Templets Aug 2011.xlsx
DataRestorationSheet.docx
DataRestorationSheet.pdf
J Belknip Inventory box pickup.doc
Blank Inventory Sheet.xlsx
Mixing Log.xlsx
ADR & Foley Crew Costs.xlsx
PRORECAP.DOC
PRORECA2.DOC
PROPPROP.DOC
==> list2.txt <==
voldata.tdf
Shortcut to apps on ‘usccipwv05’ (I).lnk
dev_rfc.trc
wiped00
Thumbs.db
DATA_Inventory.html
CIFS_testfile
.DS_Store
QA.CFG
THESTUDI.LNK
C:UsersMYNAMEDownloadsSPEData>tail list1.txt list2.txt
==> list1.txt <==
10s DSR 10.25.10, 10-11-SP.xls
10s DSR 10.25.10, 09-10 and 10-11-KO.xls
Sloane’s DSR w-o 10-25.pdf
Sloane’s DSR w-o 11-8.pdf
10s DSR 10.18.10, 10-11-SP.xls
Kirk’s DSR w-o 10-25.pdf
Kirk’s DSR w-o 10-18.pdf
Kirk’s DSR w-o 11-8.pdf
Dr. Oz Fall11 Terre Haute.docx
Fargo.Dr. Oz Renewal Pitch.pdf
==> list2.txt <==
n38500311_31917115_5966.jpg
boards.weddingbee.com.htm
Thumbs.db
n12128422_32339518_8425.jpg
n38500311_31917100_1902.jpg
n12128422_32339516_6355.jpg
n38500311_31917280_6102.jpg
Desktop.ini
SPE_DT.log
SPE_DT.sdb
C:UsersDKAdminDownloadstabletSPEData>
Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.
NK is well known to use such vocabulary as “merciless retaliation” so that part would not surprise me. I sort of felt like I got a merit badge or something on Reddit as NK has a bot hunting for anyone saying bad about it. Bans you before you even know it was there. Can’t say I missed a dang thing; rather proud of being banned from it without showing up or even knowing of it’s existence.
Little chubby from NK gets butt hurt over the slightest things so I wouldn’t be surprised.
Re: Re:
Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.
I was soaking in the karma schadenfreude when Sony Entertainment of America laid off their network and security staff six months before PSN got hacked because they were too expensive. A friend of mine laid off six months before was asked by Sony to come back and help them fix PSN after it got hacked, and he told them to take a long walk off a short pier.
This is just icing on the cake I am already choking on.
Re: Re: Re:
Ultimate lesson: if you think computer security is expensive you should look at the costs of not having it.
Re: Re: Re: Re:
if you think computer security is expensive you should look at the costs of not having it.
I’m not of that opinion, though it is certainly valid.
There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA) and those should be removed or replaced with better security that is also cheaper. There is a lot of security that is cheap and absolutely necessary, like installing security patches on a regular basis. If you think computer security is expensive, you should look at what you have, determine if it is necessary and worth the risk of not having it, and go from there.
You should never make any decision on anything, security or otherwise, solely based on the cost alone. After all, Sony did replace their security/networking staff with cheaper ones, that brought with them the lack of experience and understanding of basic security/administration principles. Many of the machines compromised did not have the latest security patches…pretty basic system administration 101 type stuff.
Re: Re: Re:2 Re:
“There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA)”
In terms of the old adage about the cost of security, things like what the TSA is doing doesn’t count — because what they’re doing isn’t really security. The adage is talking about actual security.
Well, Sony is rather a hostile force, on average, as laughable as this NK comment is. But with very low defenses, apparently.
North Korea the Most Petty Communist Country
It’s funny that a country is so brain washed that it threatened war over an assassination attempt of their leader in a movie. Technology, social media, and media are all state run brainwashing which is sad to see.
What a crock of crap! Sony got caught with their security down so let’s blame…oh, I don’t know…how about North Korea? Good idea…snort…snigger…chortle.
Well, this may be a childish stance on Sony’s situation, but…
AHAHAHAHAHAHAHAHAHAHA!
This has been wonderful news. The only way it gets topped off: “Sony declares bankruptcy.”
This is a unique opportunity....
To allow the movie industry to validate some of their theories.
As part of this hack, it looks like DVD images of the following movies have been released: “Fury”, “Annie”, “Mr. Turner”, “Still Alice” and “To Write Love on Her Arms”
This seems like an excellent opportunity to determine if Piracy really will destroy the earnings for those films. By the film industries own logic, it should at this point be impossible for any of these movies to bring in any money, now that they’re available for free…
Re: This is a unique opportunity....
I assume you’re being sarcastic.
Of course Sony will blame the low performace of these movies on this hack… whether the movies make money or not.
For example, “Annie” could go on to make a billion dollars, but Sony will still complain that it could have made more if not for the North Korean hackers.
Of course, this doesn’t address the question of why they decided the world needed an “Annie” remake, but whatever.
"self-proclaimed necro-deity"
I don’t believe he ever proclaimed himself to be a necro-deity, and nothing in the linked article says that… but I’d love to be proven wrong.
Re: "self-proclaimed necro-deity"
This is a reasonable overview: http://en.wikipedia.org/wiki/North_Korea%27s_cult_of_personality
The summary is this:
Re: "self-proclaimed necro-deity"
Kim Il-sung is still technically the incumbent in North Korea, so there’s that…
You know what would be really funny? If Sony found out that the reason their network got hacked was because some of their employees played older Sony music CDs on their work computers, and it installed Sony’s rootkit.