That Sony Hack

On November 22, there were signs that Sony’s computer system had been compromised when skulls appeared on employees’ screens with a message threatening to expose “secrets” from data obtained in a sophisticated hack.

This initially caused crippling computer problems for workers at Sony, who were forced to work with old-fashioned pen and paper to complete their business. “We even fired up our fax machine,” one employee told the LA Times

Sony initially said they were dealing with an “IT matter”, but later acknowledged the hack to staff, calling it a “brazen attack” comprised of “malicious criminal acts”.

A unknown group calling itself #GOP – later identified as Guardians of Peace – claimed it was behind the cyber attack, while the FBI launched an investigation into the case. Their name has been attached to subsequent leaks of information.

Sony execs are now convinced someone who worked for the studio is behind the massive hacking … because no one from the outside could so precisely target the compromising information.

The strong, prevailing view is that the North Koreans are probably involved, but they used someone with intimate knowledge of the Sony email system to laser in on the most embarrassing information.

We’re told the people at Sony who are investigating believe the hackers had intimate knowledge of mail systems and their configurations. They also believe the hackers have knowledge of the internal media distribution systems and the internal IT systems, including human resources and payroll.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to That Sony Hack

  1. shulquist says:

    More in the article.
    http://krebsonsecurity.com/2014/12/the-case-for-n-koreas-role-in-sony-hack/
    The co-founder of CrowdStrike, a security firm that focuses heavily on identifying attribution and actors behind major cybercrime attacks, said his firm has a “very high degree of confidence that the FBI is correct in” attributing the attack against Sony Pictures to North Korean hackers, and that CrowdStrike came to this conclusion independently long before the FBI came out with its announcement last week.

    “We have a high-confidence that this is a North Korean operator based on the profiles seen dating back to 2006, including prior espionage against the South Korean and U.S. government and military institutions,” said Dmitri Alperovitch, chief technology officer and co-founder at CrowdStrike.

    “These events are all connected, through both the infrastructure overlap and the malware analysis, and they are connected to the Sony attack,” Alperovitch said. “We haven’t seen the skeptics produce any evidence that it wasn’t North Korea, because there is pretty good technical attribution here. I want to know how many other hacking groups are so interested in things like Key Resolve.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s