New Sony films leak online as hunt for hackers turns to North Korea

Sony’s latest security breach is shaping up to be a disaster of epic proportions

Sony Pictures is reportedly exploring if its breach has links to North Korean threats over its movie The Interview. But whoever was behind the attack may have also leaked pre-release versions of new movies from the film studio.

Sony’s latest security breach is shaping up to be a disaster of epic proportions. That is, if details that are emerging online about the extent of the breach are correct.

So far, the only word from Sony is that it is investigating an “IT matter” following reports the film studio was hit by a group of hackers calling themselves Guardians of Peace (GOP).

Shortly after Monday’s breach, purported internal Sony Picture files appeared online by way of a Reddit thread that’s claimed to have uncovered passports of stars who’ve worked with Sony, email accounts, a security insurance policy and a document detailing the company’s strategy to respond to a security breach. While initial reports suggested the file was below 1GB in size, others on the thread claim 11 terabytes of data leaked from Sony.

Other files that may have been stolen in the breach are its new movies, including Fury, Annie, Mr. Turner, Still Alice and To Write Love On Her Arms, which surfaced on torrent sites immediately after the attack in the form of Sony-watermarked pre-release versions — typically reserved for industry insiders and critics. Worrying for Sony is that the only film that’s been officially released in the US is Fury, with the remainder staged for release in early 2015.

According to TorrentFreak, Fury is the most popular among the leaked films and the second most downloaded movie among Pirate Bay users.

As the torrents blog notes, there’s currently no evidence that these films were source from the leak. On the other hand, the timing of their release and the fact they’re watermarked could easily suggest a link between the two.

Sony is open to all possibilities in its investigation of possible culprits. The obvious answer might be gamers or other groups associated with past attacks on Sony properties, but people familiar with Sony’s investigation told Recode on Friday that it is looking into a North Korean link.

That’s because the hack coincides with the release of the The Interview, a movie starring Seth Rogen and James Franco, whose characters conspire to assassinate Kim Jong Un -- a storyline that drew angry responses from the nation's state media.

Read more: Malware-tracking portal helps Australian ISPs trace bots to device level

Sony is exploring whether hackers based in China were under orders from North Korea to breach the company — though Recode’s sources stressed that a link had not been confirmed.

Sony Pictures staff across the US on Monday arrived to work to find their work stations immobilised by hackers who’d posted a message on their screens that threatened to release sensitive information about the company unless their demands, which remain vague, were met.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join #CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt @simplenomad Register today

Join the CSO newsletter!

Error: Please check your email address.

Tags hackersJames FrancobreachredditTorrentFreakSony filmsRecodeSony security breachCSO AustraliaEnex TestLabSeth Rogenreddit.comnorth koreagamerssecurity breach

More about CSOEnex TestLabSony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts