North Korea denies role in Sony hack

An unidentified North Korean official has denied that his country was behind the hack of Sony Pictures

An unidentified North Korean official has denied that his country was behind the hack of Sony Pictures, an online report claimed.

According to Voice of America (VOA) -- the U.S. government's official foreign broadcaster -- a New York City-based North Korean diplomat refuted charges that its hackers, or those it may have sponsored, were responsible for the attack that crippled the studio's computers and, many believe, resulted in the distribution of unreleased movies to file-sharing sites.

The official would have been someone in the isolationist country's United Nations delegation, based in New York, as the U.S. and North Korea have no formal diplomatic relations.

"Linking the DPRK to the Sony hacking is another fabrication targeting the country," the anonymous diplomat told VOA, referring to his country's official name, the Democratic People's Republic of Korea. "My country publicly declared that it would follow international norms banning hacking and piracy."

Although some have speculated that the Sony cyber-attack was triggered by the impending debut of The Interview, a comedy in which a pair of reporters are enlisted by the Central Intelligence Agency to assassinate North Korean leader Kim Jong Un, many security experts have dismissed such speculation.

Others hedged their interpretive bets, however.

"The attack was clearly aimed to create chaos and disruption," said Trey Ford, a global security strategist at Rapid7, in an email. Ford was referring to the malware's practice of wiping a PC's hard drive master boot record, crippling the computer. "This act of destroying machines aligns more with an activist or military operation."

Meanwhile, Ofer Gayer of Incapsula characterized the hack as an "extortion attempt" rather than a traditional criminal hack because the group that claimed responsibility, Guardians of Peace (GOP), demanded Sony change its labor practices and corporate restructuring plans.

Cyber-extortion is typically conducted by activists seeking attention or hoping to embarrass their targets, or for-profit felons, not nation states.

Join the CSO newsletter!

Error: Please check your email address.

Tags Malware & VulnerabilitiesantispamsecuritySony Picturessonyintel

More about Rapid7SonyUnited Nations

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gregg Keizer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts