Did the FBI get it wrong on North Korea? I work at Sony Pictures. This is what it was like after we got hacked. An employee* in the Los Angeles office of Sony Pictures Entertainment SNE 0.73% opened up to Fortune about the personal ordeal they went through following revelations of North Korea’s alleged cyber attack on the company.
What follows is their words, condensed and edited for clarity. The Monday before Thanksgiving, we all came to work. Some people had turned on their computers and were working. At around 8:15 a.m., that black screen of death came on. They shut down the entire network. Over Thanksgiving, I joked about it. I Have No Idea Who Hacked Sony. And Neither Do You. “On an operational level, attribution is a nuanced process, not asimple problem.”- Thomas Rid & Ben Buchanan, Attributing Cyber Attacks, Journal of Strategic Studies If you’ve been even vaguely following the news of the Sony Pictures hack, you’ll have noted that there are two camps that have formed: those who support the US Government’s position that responsibility for the hack on Sony Pictures rests with the government of North Korea, and those who think that who dunnit it is far from certain.
Add to this mix pundits stating one way or t’other and you have a cozy little chinwag/penis-measuring contest that’s been a lot of laughs. I’m not adding to this because I’ve got no skin (so to speak) in this game, but I have noticed that it’s a lot harder these days to just take someone’s word for something like this and then engage in keyboard rattling about how them dirty North Koreans attacked our American (subsidiary-of-a-Japanese-company) Movie Icon. Two of their quotes stand out: and, Duh. Did North Korea Really Attack Sony? I am deeply skeptical of the FBI's announcement on Friday that North Korea was behind last month's Sony hack.
The agency's evidence is tenuous, and I have a hard time believing it. But I also have trouble believing that the US government would make the accusation this formally if officials didn't believe it. Clues in the hackers' attack code seem to point in all directions at once. The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks. Korean language in the code also suggests a Korean origin, though not necessarily a North Korean one, since North Koreans use a unique dialect. In reality, there are several possibilities to consider: Ex-Employees Sue Sony over Data Security Breach. Sony Pictures Entertainment has been sued by two self-described former employees who accuse the movie studio of failing to protect Social Security numbers, healthcare records, salaries and other data from computer hackers who attacked it last month, Reuters reported.
The proposed class action lawsuit against Sony Corp.’s studio was filed last Monday in federal court in Los Angeles. It alleges that the company failed to secure its computer network and protect confidential information. “An epic nightmare, much better suited to a cinematic thriller than to real life, is unfolding in slow motion for Sony’s current and former employees,” the lawsuit said. Sony is already reeling from the disclosures in documents released by the hackers, which have exposed internal discussions key to the company’s future to public scrutiny. A Lot of Smart People Think North Korea Didn't Hack Sony. Expand So I don't know about any of the tech or tactical side of this, but I did teach Korean ESL learners for a couple of years, and I agree with the first guy: This doesn't look to me like the English of a Korean ESL speaker.
Specifically:The use of contractions (we've and we'll) is characteristic of someone near-fluent, too sophisticated to be dropping articlesOrdinal date — my students always hated ordinals because they're irregular (24th) The repeated pronouns ("we" and "you" and "us") doesn't seem like how a Korean person would phrase it, because Korean pronouns are freighted with t/v distinction and honorifics that English doesn't capture. For that reason, my students circumlocuted those words when they could because they felt imprecise. Sony hackers may be North Korean sympathisers. Sony hackers may be North Korean sympathisers. Sony malware linked to South Korean virus. Security by Jimmy Nicholls| 05 December 2014 Destover samples report to same command server as backdoor Volgmer.
Malware involved in the hack against Sony has been linked to earlier attacks in South Korea by the security firm Symantec. Some Destover samples are reporting to the same command and control (C&C) server used by the trojan Volgmer, which makes the company believe the same group is behind both attacks. Symantec said: "Volgmer is a targeted piece of malware, likely used by a single group, which has been used in limited attacks, possibly as a first stage reconnaissance tool. "Significantly, the version of Volgmer which shares a C&C with Destover was configured specifically to attack South Korean targets and will only run on Korean computers. " Volgmer is capable of opening backdoors in computers, facilitating communication between the machine and the C&C server to download more malware, remotely execute commands and steal data.
Sony threatens to sue Twitter over hacking tweets. What the Sony breach means for security in 2015. The recent (and perhaps ongoing) Sony breach was certainly one of the worst corporate data breaches we have seen to date.
As 2014 draws to a close, no one knows the details with certainty of who the perpetrator was. Sony Made It Easy, but Any of Us Could Get Hacked. Earlier this month, a mysterious group that calls itself Guardians of Peace hacked into Sony Pictures Entertainment’s computer systems and began revealing many of the Hollywood studio’s best-kept secrets, from details about unreleased movies to embarrassing emails (notably some racist notes from Sony bigwigs about President Barack Obama’s presumed movie-watching preferences) to the personnel data of employees, including salaries and performance reviews.
The Federal Bureau of Investigation now says it has evidence that North Korea was behind the attack, and Sony Pictures pulled its planned release of “The Interview,” a satire targeting that country’s dictator, after the hackers made some ridiculous threats about terrorist violence. Your reaction to the massive hacking of such a prominent company will depend on whether you’re fluent in information-technology security. If you’re not, you’re probably wondering how in the world this could happen. This could be any of us. —Mr. Sony Hackers Leaked Movies to File-Sharing Sites. The devastating hacking attack against Sony Pictures Entertainment entered a new phase this weekend, after it was revealed that five unreleased Sony-made films have leaked onto file-sharing Internet sites; the studio confirmed that it is working with law enforcement to catch those responsible.
Variety reported Saturday that the videos were taken from so-called “screener” DVDs of five films, including at least four that haven’t yet been released. Among those leaked was “Fury,” a film focusing on a tank crew during World War II starring Brad Pitt released earlier this month. Another was “Annie,” a remake of the musical play starring Jamie Foxx, which is set to be released on December 19. “The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it,” read a terse statement issued by a Sony spokeswoman. North Korea denies role in Sony hack. An unidentified North Korean official has denied that his country was behind the hack of Sony Pictures, an online report claimed.
According to Voice of America (VOA) -- the U.S. government's official foreign broadcaster -- a New York City-based North Korean diplomat refuted charges that its hackers, or those it may have sponsored, were responsible for the attack that crippled the studio's computers and, many believe, resulted in the distribution of unreleased movies to file-sharing sites. The official would have been someone in the isolationist country's United Nations delegation, based in New York, as the U.S. and North Korea have no formal diplomatic relations. Vol de données confidentielles : Sony cherche à intimider les médias. Sony se tourne vers les médias pour éviter que les fuites d’informations confidentielles ne deviennent pas une série de révélations fracassantes préjudiciables au groupe high-tech japonais.
Mais c’est trop tard. Le piratage de Sony Pictures Entertainment, dévoilé à la fin du mois d’octobre, constitue un coup de massue : vols de données personnelles (47 000 employés de Sony concernés), accès à des fichiers confidentiels dont des films inédits, correspondance privée dévoilée… Selon The New York Times, Sony veut éviter la caisse de résonnance des médias. Readwrite. Just as Sony Pictures canned the premiere of The Interview, the film that triggered its now-infamous cyber attack, U.S. intelligence sources told The New York Times Wednesday that North Korea was indeed “centrally involved” in the hack. North Korean leader Kim Jong Un previously denied responsibility, but unnamed “senior administration officials” now tell The Times they have reason to believe the country was behind the exploit: Data forensics unearthed a computer that had been previously used in cyberattacks on South Korea. The Sony breach may be start of new nation-state cyberattack.
It has been an exceptional year for IT security breaches, which have become part of an escalating trend in destructive attacks. And they're going to get worse. The Sony Pictures cyber attackers are doing everything they can to inflict damage on the company. They have released films, emails, medical records, and all sorts of confidential data, and are making threats of physical attacks in conjunction with the release of The Interview, a comedy about the attempted assassination of the North Korean president. Why the Sony hack is unlikely to be the work of North Korea. Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think it’s unlikely. Here’s why:1. The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English. 2.
The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Here – and here – This change in language is also most pronounced when it comes to special words, such as technical terms. The Sony Data Breach: 3 Painful Lessons.