Sony Pictures is reportedly exploring if its breach has links to North Korean threats over its movie The Interview. But whoever was behind the attack may have also leaked pre-release versions of new movies from the film studio.
Sony’s latest security breach is shaping up to be a disaster of epic proportions. That is, if details that are emerging online about the extent of the breach are correct.
So far, the only word from Sony is that it is investigating an “IT matter” following reports the film studio was hit by a group of hackers calling themselves Guardians of Peace (GOP).
Shortly after Monday’s breach, purported internal Sony Picture files appeared online by way of a Reddit thread that’s claimed to have uncovered passports of stars who’ve worked with Sony, email accounts, a security insurance policy and a document detailing the company’s strategy to respond to a security breach. While initial reports suggested the file was below 1GB in size, others on the thread claim 11 terabytes of data leaked from Sony.
Other files that may have been stolen in the breach are its new movies, including Fury, Annie, Mr. Turner, Still Alice and To Write Love On Her Arms, which surfaced on torrent sites immediately after the attack in the form of Sony-watermarked pre-release versions — typically reserved for industry insiders and critics. Worrying for Sony is that the only film that’s been officially released in the US is Fury, with the remainder staged for release in early 2015.
According to TorrentFreak, Fury is the most popular among the leaked films and the second most downloaded movie among Pirate Bay users.
As the torrents blog notes, there’s currently no evidence that these films were source from the leak. On the other hand, the timing of their release and the fact they’re watermarked could easily suggest a link between the two.
Sony is open to all possibilities in its investigation of possible culprits. The obvious answer might be gamers or other groups associated with past attacks on Sony properties, but people familiar with Sony’s investigation told Recode on Friday that it is looking into a North Korean link.
That’s because the hack coincides with the release of the The Interview, a movie starring Seth Rogen and James Franco, whose characters conspire to assassinate Kim Jong Un -- a storyline that drew angry responses from the nation's state media.Read more: Malware-tracking portal helps Australian ISPs trace bots to device level
Sony is exploring whether hackers based in China were under orders from North Korea to breach the company — though Recode’s sources stressed that a link had not been confirmed.
Sony Pictures staff across the US on Monday arrived to work to find their work stations immobilised by hackers who’d posted a message on their screens that threatened to release sensitive information about the company unless their demands, which remain vague, were met.
This article is brought to you by Enex TestLab, content directors for CSO Australia.
- US court fines EU spyware maker $500k and nabs source code
- Google Cloud Platform gets PCI DSS certified
- Malware-laden USB devices pose security threat for unmanaged environments
- Identifying the visibility gaps in your security
- Sophisticated malware targets execs’ PCs and Android, BlackBerry and iOS devices
- The Rise of the Cyber Mafia
- The week in security: SSL mandate expands as White House, EU move on security