Pinterest Stumbleupon Whatsapp
Ads by Google

Christmas 2014 is sure to be remembered as a terrible one for cyber security. A distributed denial-of-service (DDoS) attack What Is a DDoS Attack? [MakeUseOf Explains] What Is a DDoS Attack? [MakeUseOf Explains] The term DDoS whistles past whenever cyber-activism rears up its head en-masse. These kind of attacks make international headlines because of multiple reasons. The issues that jumpstart those DDoS attacks are often controversial or highly... Read More took down the Playstation Network and Xbox Live for days. #anonymouspocalypse saw the release of some 13,000 passwords and credit card numbers Store You Shop At Get Hacked? Here's What To Do Store You Shop At Get Hacked? Here's What To Do Read More . But the hack suffered by Sony Pictures, seemingly motivated by their comedy The Interview, is one that we’ll be talking about for weeks to come.

What Happened?

It started on November 24. Sony Pictures shut down their entire network after discovering that their systems had been compromised by a group calling themselves Guardians of Peace (#GOP)—employees were told not to access the company network or their email inboxes. Twitter accounts belonging to Sony Pictures were also taken over, but were subsequently recaptured by Sony.

Sony Pictures was greeted with this message:

gop-hack

While the message states that Sony Pictures must “obey,” there were no demands given at this point—just a warning that all of the data at Sony Pictures had been compromised. In emails to media sources, #GOP stated that they had acquired an absolutely monumental amount of data—almost 100 terabytes Memory Sizes Explained - Gigabytes, Terabytes & Petabytes in Layman's Terms Memory Sizes Explained - Gigabytes, Terabytes & Petabytes in Layman's Terms It’s easy to see that 500 gigabytes is more than 100 gigabytes. It’s also easy to see that 1 terabyte is larger than 1 gigabyte and that is larger than 1 megabyte. But these are... Read More .

Shortly after the attack was discovered, #GOP started releasing files. Copies of the unreleased films AnnieMr. TurnerFury, and Still Alice started hitting torrents The History Of The Pirate Bay: Will It Return? The History Of The Pirate Bay: Will It Return? The world's most resilient BitTorrent site has been shut down shut down. Again. Will it return – and does it even matter? Read More . Emails between executives were released, many of which contained insensitive or downright hostile comments about movie stars and other public celebrities, including Leonardo DiCaprio, Angelina Jolie, Adam Sandler, and Barack Obama.

Ads by Google

How come I know you don’t write anything you don’t want broadcast in an email? How come I know that? Who’s advising [these] people?

—Lisa Kudrow, interview with Huffington Post

Potentially even more damaging to Sony Pictures’ reputation are emails making it clear that some female stars are paid less than their male counterparts for the same movies (both Jennifer Lawrence and Amy Adams were mentioned for their roles in American Hustle). David O. Russell, the director of American Hustle, was also called out for being abusive toward Amy Adams and the cast.

And the list goes on. Emails were released over the course of several days, and a number of mean-spirited, racist, misogynist, and other sorts of awful emails sent and received by execs at Sony Pictures were revealed. Personal identifying information, including social security numbers, addresses, phone numbers, salary information, and more details, was also stolen.

The Demands

So what did #GOP want? Why did they go through the trouble of stealing almost 100 terabytes of data and releasing dozens of nasty emails? They made it clear in an email:

We will clearly show it to you at the very time and places The Interview be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. Soon all the world will see what an awful movie Sony Pictures Entertainment has made. The world will be full of fear. Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you’d better leave.)

Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment. All the world will denounce the SONY.

The Interview, Sony’s James Franco and Seth Rogen-fronted comedy about a two-man team sent to assassinate Kim Jong-Un, was always likely to ruffle a few feathers. But no one expected a response like this.

Two days after the “11th of September” email showed up, two more were seen: one to Sony execs saying that the studio would face no further torment from the group if they didn’t release the film. Another public email stated that Sony Pictures had “suffered enough” and that The Interview could be released if Kim Jong-un’s death scene wasn’t “too happy.”

Who’s Behind The Attack?

As soon as the news broke that the hack had taken place, people started speculating as to who could be behind the attack. It’s one of the most significant hacks in history, and it obviously took a great deal of planning and prowess in execution—so who could pull that off?

The first—and most obvious—guess that most people made was that North Korea was behind the attack. The Interview would be very offensive to the country with its depiction of the assassination of a member of the Kim dynasty, and Pyongyang has never responded well to criticism. Experts, including those at the Federal Bureau of Investigation, also stated that the code used to perpetrate the attack, called Destover, was similar to code that had been used by North Korea in the past, though it’s been in circulation around the world for quite a while.

kim-dynasty-north-korea

The FBI and many others pointed the finger at Pyongyang quickly, and a lot of people believed them. President Obama obviously did, as he criticized Sony for backing down and promised retribution for the cyber attack. But not everyone was convinced.

Pyongyang denied responsibility for the attack, which was uncharacteristic of their brash international behavior. And many experts believe that North Korea just isn’t capable of an attack that size—that they lack both the infrastructure and the skill. Marc Rogers came up with 10 good reasons why it probably wasn’t North Korea, and Bruce Schneier agrees—he even presents some linguistic evidence that the hackers could be Russian. Public opinion now seems to be that the attack came from elsewhere. But where?

A recent CNN article detailed a number of possible culprits: Lizard Squad, the cyber-vandals who took down the Playstation Network and Xbox Live Twitter Taken Down By New Year, Bitcoin Performed Poorly In 2014 [Tech News Digest] Twitter Taken Down By New Year, Bitcoin Performed Poorly In 2014 [Tech News Digest] Also, PSN and Xbox Live are back online, Pinterest rolls out Promoted Pins, how to stream The Interview, and preferring a chocolate iPhone to the real thing. Read More over Christmas; a former high-access employee code-named “Lena”; other former members of staff unhappy about layoffs; and other hacking groups. Unfortunately, the latest answer to “Who hacked Sony?” is “We don’t know.”

The Fallout

Understandably, a number of major movie theatre chains cancelled their showings of The Interview in an effort to keep their patrons (and their reputations) safe. Shortly after the public announcements that they wouldn’t be showing the movie, Sony cancelled the release Sony Pulls The Interview After Terror Threat From Hackers, & More... [Tech News Digest] Sony Pulls The Interview After Terror Threat From Hackers, & More... [Tech News Digest] Also, the BlackBerry Classic brings sexy back, Netflix is never going offline, Yo gets festive, Wikipedia edits 2014, and the best Star Wars Christmas lights ever. Read More altogether, causing a storm on Twitter Hackers Vs. Haters: How Twitter Reacted To Sony Pulling The Interview [Weird & Wonderful Web] Hackers Vs. Haters: How Twitter Reacted To Sony Pulling The Interview [Weird & Wonderful Web] To say the Internet didn't take kindly to Sony Pictures pulling The Interview is putting it mildly. Twitter was equal parts annoyed and amused about the whole thing. Read More . The cancellation would cost Sony Pictures about $90 million in lost returns on the movie, according to the The Wrap.

Many in Hollywood weren’t so happy about this reaction. George Clooney circulated a petition to tell Sony that the industry stood behind them and would support them in fighting back against #GOP—but couldn’t get a single person to sign it. Judd Apatow, Michael Moore, Rob Lowe, and Mia Farrow also voiced their displeasure with the studio. Even John McCain weighed in.

We don’t negotiate with terrorists unless they make vague, unsubstantiated threats about comedy movies.

— Christmas Brandon (@UNTRESOR) December 17, 2014

Amy Pascal, involved in several embarrassing email conversations leaked by the hackers, issued a public apology, saying that those emails don’t define who she is. Amy Adams cancelled an interview because the interviewers insisted on talking about the hack. Sony executives have told the press that they’re afraid to send emails.

Many people have characterized the attack as an act of cyber-terrorism on American soil, which has led to some posturing by US politicians and advocates. Obama’s promise of retribution may have already been carried out—the Internet has been totally shut down in North Korea multiple times since the hack, and Pyongyang has blamed the US.

Sony has been heavily criticized in the wake of the attack, with many members of Hollywood wondering how the film got produced in the first place. North Korea is known for not responding kindly to jabs at its leaders, and a movie that includes a depiction of the assassination of Kim Jong-un was never going to go down well. The company hasn’t been especially great at protecting its employees’ privacy—or much of anything, for that matter.

The Interview and the Future

In the end, Sony decided to release The Interview in limited theaters and online on Christmas Day. They’ve made an estimated $12-15 million from the release, despite dismal reviews (one review says that the movie “utterly sucks”). Obviously, the movie has benefitted from being at the center of the biggest news story in a Christmas filled with a number of cynicism-inducing cyber attacks.

They say that all press is good press, and this has led more than a few people to speculate that the whole thing was perpetrated by Sony Pictures to get some attention for their movie. I certainly wouldn’t put it beyond a company to fake a cyber attack to get some press, but this particular attack seems like a bit much for that strategy. Releasing the huge amount of data that we’ve seen, including at least four full movies, seems to be just too much for a hoax.

the-interview-movie-poster

So where are we now? What happens next? As the search for the real perpetrator of the attack continues, we have little to go on. If the US has promised (and carried out) retribution on North Korea without proof, the entire affair could be quite embarrassing. Especially for the FBI, who stated with confidence that Pyongyang was behind the whole thing.

All in all, it’s been a fascinating and worrying holiday season for cyber security. We’re looking forward to finding out more about the attack, who’s behind it, and what the long-term fallout will be.

What do you think of the Sony hack? Do you believe that it was perpetrated by North Korea? That it was a hoax? Or that we have yet to find out the full truth? How does it make you feel about cyber security? Share your thoughts below!

Image credit: J.A. de Roo via Wikimedia Commons.

  1. dragonmouth
    January 3, 2015 at 10:12 pm

    "Especially for the FBI, who stated with confidence that Pyongyang was behind the whole thing."
    This is the same FBI that categorically denied the existence of La Cosa Nostra (Mafia) even after the raid on Joseph Barbara's farm in Apalachin, NY on November 14, 1957, and the arrest of close to 50 Mafia dons.

    • Dann Albright
      January 4, 2015 at 2:53 pm

      Yeah, they don't exactly have a great track record, do they?

  2. DonGateley
    January 3, 2015 at 8:19 pm

    Ditto. Awesome article at my favorite site.

    Something that seems to have been widely overlooked in the "demand" email is that the statement "(If your house is nearby, you’d better leave.)" shows a mastery of English and idiom far beyond what is shown in the rest of the statement and in subsequent ones. If the person writing the rest of it is not faking the poor command, he or she simply could not have constructed the parenthesized statement. The bad grammar is nothing but a diversion away from a domestic source.

    That the U.S. government, which almost certainly knows better, pins this on NK is the cheapest possible shot. Shameful at best and deeply cynical.

    • Dann Albright
      January 4, 2015 at 2:51 pm

      You know, I had the same thought about that particular sentence. While it's grammatical, it sounds a bit strange to me, but I'm not sure why. There's been quite a bit of discussion about the language used in the screenshot (including some in the Bruce Schneier article I linked). I've heard a few different conclusions, though, so I'm not sure if there's a consensus, and I haven't heard much about a domestic source, but who knows?

      I hope you're right about the government knowing better—if not, we could be in trouble. :-)

      Thanks for your comment!

  3. Raj
    January 3, 2015 at 3:50 pm

    awesome article and my favourite website . good coverage .

    • Dann Albright
      January 4, 2015 at 2:48 pm

      Thanks! I'm glad you liked it.

Leave a Reply

Your email address will not be published. Required fields are marked *