A collective group of hackers calling themselves the Guardians of Peace (GOP) were able to carry out a cyber breach on Sony Pictures on November 24, 2014. It would appear the hackers were able to obtain a cache of internal emails between Sony senior executives, personnel and private information on the company’s employees and their family members, sensitive undisclosed information on future projects and five unreleased full length feature films. The cyber breach was first detected when many Sony employees’ computers were rendered inoperable; the breached computers contained a warning of sorts from the Guardians of Peace and portions of sensitive confidential data stolen in the breach as a sort of proof of the cyber attack. Additionally, numerous Sony related Twitter accounts were also commandeered in the attack.
When the cyber breach first occurred it seems that Sony did not really grasp the severity of the hacker’s intent, it is reported that Sony CFO Michael Lynton had received an email on November 21, 2014 from “God’s Apstls” demanding money that had to be paid by November 24 or else “Sony Pictures will be bombarded as a whole”. At the time the email either went unread or was dismissed by Mr. Lynton. In the days that followed the group calling itself the Guardians of Peace would claim responsibility for the breach and begin leaking large troves of personal information on Sony employees and their family members as well as embarrassing inter office communications and emails between Sony executives.
On December 16, 2014 – The hacking group GOP makes its first comments regarding the demand from Sony Pictures that the film The Interview not be released, and subsequently begins to make terrorist type threats referencing 911 style attacks at the theaters the film is scheduled to premiere in.
In response to these terror related threats made by the GOP the major U.S. chains of cinemas hold a meeting and decide they will not screen the film. As a result Sony then decides to cancel the films scheduled national premiere, adding they had no plans in the future of releasing the film. As if just to make the situation more complicated the GOP then released two confusing messages in which the hacking group claimed in a private message to executives at Sony that the hackers would not release any more of Sony’s hacked information provided that Sony never releases the film The Interview in theaters or on the internet.
But, in another statement posted on a public hacking forum called Pastebin, the hackers were not so polite saying that Sony had “suffered enough” and could release The Interview, but only if Kim Jong-un’s death scene was not “too happy”. The post was also somewhat of another threat as well as it stated that the company cannot “test [them] again”, and that “if [Sony Pictures] makes anything else, [they] will be here ready to fight”.
Now in steps President Obama, who at a press conference stated his disappointment with Sony producers for their decision to essentially allow hackers to censor them, this coming only hours after the FBI announced North Korea is the sponsor of the Sony hack. The president went on to say, studio executives should “not get into a pattern where you are intimidated by these acts.” The comments by the president were widely covered by media and social outlets, prompting further criticism of Sony’s decision in the court of public opinion.
In what is believed by many to be the mounting public outcry over the potential of Sony caving in to censorship, Sony executive Michael Lynton essentially did an about face and told CNN’s Anderson Cooper that the company never backed down to the hackers threats, but instead were looking at other options for releasing it due to the majority of major theaters pulling out of screening it.
In his statement to the press the president said, “We will respond proportionally and we will respond in a place and time and manner that we choose.” “We cannot have a society in which some dictators someplace can start imposing censorship here in the United States because if somebody is able to intimidate us out of releasing a satirical movie, imagine what they start doing once they see a documentary that they don’t like or news reports that they don’t like,” stated Obama. “That’s not who we are. That’s not what America is about.” A few days later Sony announced that it would be releasing The Interview in more than three hundred theaters on Christmas and on December 24 it would be released on You Tube, Google Play and Xbox Video. Fortunately there were no acts of violence or terrorism when the film was released as threatened earlier by the hacker group GOP.
However, the president’s comments did not go unnoticed by North Korea either and in a statement released by the North Korean National Defense Commission described Obama’s actions on the matter in a highly racist manner, the statement read that, “Obama always goes reckless in words and deeds like a monkey in a tropical forest. The statement also claimed that the U.S. was utilizing “gangster-like arbitrary practices” and warned “the U.S. should bear in mind that its failed political affairs will face inescapable deadly blows.”
The FBI’s investigation did not provide conclusive proof in the opinion of many cyber security experts, but thought you should have access to the investigations findings. Below is a portion of the FBI’s findings:
As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
- Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
- The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
- Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
CONCLUSIONS:
The outcome of all of these allegations is this; North Korea and the United States continue to accuse each other of cyber hacking with no fully tangible evidence. Sony’s film The Interview ended up a much bigger success than it likely would have had it opened in theaters as scheduled without all the controversy. So who were the real losers here … the Sony employees who had theirs and their families private information stolen and distributed for sale on the dark web resulting in the possibility of identity theft for years to come for these innocent victims.
Additional Resources About This Breach:
https://en.wikipedia.org/wiki/Sony_Pictures_Entertainment_hack
http://www.cnn.com/2014/12/19/politics/fbi-north-korea-responsible-sony/
https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack/
https://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation