Community, Diversity, Sustainability and other Overused Words

Did North Korea "Nuke" Sony?

FBI Investigates Cyber Attack on Computer Network

The FBI along with Sony Pictures Entertainment is investigating the source of a cyber attack that took down Sony’s computer network in Culver City last week.

Sources close to the investigation believe that hackers working on behalf of North Korea launched the attack because Sony Pictures plans to release “The Interview,” a comedy about two journalists who are recruited by the CIA to assassinate North Korean leader Kim Jong Un.

The North Korean dictatorship has denounced the film as “undisguised sponsoring of terrorism, as well as an act of war” in a letter to United Nations Secretary-General Ban Ki-moon earlier this year.

On June 25, North Korea’s official Korean Central News Agency condemned the film promising “stern” and “merciless” retaliation if the film is released. “Making and releasing a film that portrays an attack on our top-level leadership is the most blatant act of terrorism and war and will absolutely not be tolerated”, KCNA said, citing a government spokesman. The administration warned of a “decisive and merciless countermeasure” if the release of the film went ahead.

Sony’s computer system went down on Monday just before the Thanksgiving holiday. The screens at Sony displayed a red skull and the phrase “Hacked By #GOP,” then the screens went dark.

GOP reportedly stands for Guardians of Peace, according to reports in the Los Angeles Times.

With the system down Sony employees resorted to pens and paper to communicate.

The following statement was issued by the studio, “Sony Pictures continues to work through issues related to what was clearly a cyberattack last week. The company has restored a number of important services to ensure ongoing business continuity and is working closely with law enforcement officials to investigate the matter.”

The hackers threatened to release “secrets” stolen from the Sony servers, according to the Times.

Technology news website Re/code said in a report late Friday that Sony and security consultants were investigating the possibility that someone acting on behalf of North Korea, possibly from China, was responsible. Re/code said a link to North Korea could not be confirmed at this point but was still a possibility.

In a related move Sony Pictures Entertainment has hired FireEye Inc’s Mandiant forensics unit to clean up the damage done to its computer network.

Hired by Target last year to investigate the beach of their computer system that exposed millions of customer credit card number to hackers, Mandiant is an incident response firm that helps victims of breaches identify the extent of attacks, clean up networks and restore systems.

Sony was last hacked in 2011 by the group known as LulzSec. The attack compromised the computer systems of Sony Pictures Entertainment and resulted in personal information of more than 138,000 people being posted on the Internet.

Raynaldo Rivera, known by the online moniker “neuron,” and Cody Andrew Kretsinger were prosecuted for the crime.

Unlike the current attack, Lulzsec’s goal in the attacks on Sony Pictures and other corporate and government entities, according to a court document, was to see the “raw, uninterrupted, chaotic thrill of entertainment and anarchy” and to provide stolen personal information “so that equally evil people can entertain us with what they do with it.”

Rivera and Kretsinger studied together at the University of Advancing Technology in Tempe, Arizona. Kretsinger first joined LulzSec, and then he recruited Rivera to join the group, prosecutors said.

Rivera, Kretsinger and others involved in the intrusion obtained confidential information from Sony Pictures’ computer systems by using an “SQL injection” attack against Sony Pictures’ website.

The attackers distributed the stolen data on the Internet, information that included names, addresses, phone numbers and e-mail addresses for tens of thousands of Sony customers.

LulzSec is known for its affiliation with “Anonymous,” which is a loose collective of computer hackers and others around the world who conduct cyber attacks and disseminate confidential information stolen from victims’ computers. In 2011,

LulzSec engaged in “a two-month rampage of cyber attacks against various corporate and government entities in the United States and the United Kingdom,” according to a sentence memorandum filed by prosecutors.

 

Reader Comments(0)