Breach, Data Security, Network Security

North Korea: Sony Pictures hack may be work of gov’t supporters

Some suspect that a major hack on Sony Pictures Entertainment may have been carried out by individuals working on behalf of North Korea, where officials expressed disdain over an upcoming Sony film – but government officials are denying the country's involvement, though the attempt to shirk the blame sounds dubious.

On Sunday, a spokesman for the Policy Department of the National Defence Commission, a chief government body in North Korea, said that the hacking incident, which “paralyzed” Sony's systems supposedly causing "a huge ensuing loss,” may have been carried out by supporters and sympathizers of the Democratic People's Republic of Korea (DPRK).

While refuting rumors of the government's involvement, the statement, published over the weekend by the KCNA news agency, did, however, call the attack a “righteous deed.”

“But what we clearly know is that... Sony Pictures is the very one which was going to produce a film abetting a terrorist act while hurting the dignity of the supreme leadership of the DPRK by taking advantage of the hostile policy of the U.S. administration towards the DPRK,” the statement said.

It was theorized that North Korea may have been responsible for the attack on Sony Pictures, given the timing of Sony's upcoming film, “The Interview,” a comedy about a planned assassination on North Korean leader Kim Jong Un. In the Sony attack, one security firm estimates that more than 47,000 Social Security numbers were exposed, in addition to several Sony films that were leaked, including “Annie,” and other sensitive employee data, like login credentials, medical information and human resources data.

Meanwhile, new information about the investigation leaked to the media this weekend, as the public tries to make heads or tails of the extent and source of the incident.

On Sunday, Re/code published an internal email between Sony Pictures CEO Michael Lynton and an executive at FireEye's Mandiant forensics unit, which was tapped to investigate the breach. Lynton reportedly forwarded the memo to other employees at Sony, as means of informing staff of the nature of the cyber attack it suffered.

Kevin Mandia, the founder of Mandiant (who now presides as FireEye's SVP and COO), wrote in the email that the attack was “unprecedented in nature,” re-emphasizing that the malware used against Sony had been “undetectable by industry standard antivirus software and damaging and unique enough to cause the FBI to release a flash alert to warn other organizations of this critical threat.”

“In fact, the scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public,” Mandia reportedly wrote. “The bottom line is that this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE [Sony Pictures Entertainment] nor other companies could have been fully prepared.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.