N. Korea hacks Sony in revenge for Seth Rogen's film "The Interview"

[jimmy olsen]

These clowns never fail to live up to their self inflicted stereotype.

http://www.washingtonpost.com/world/national-security/hack-at-sony-pictures-appears-linked-to-north-korea/2014/12/03/6c3c7e3e-7b25-11e4-b821-503cc7efed9e_story.html

Sony Pictures hack appears to be linked to North Korea, investigators say

By Ellen Nakashima, Craig Timberg and Andrea Peterson December 3 at 4:06 PM

Investigators say a crippling cyberattack against Sony Pictures Entertainment was probably the work of North Korea, in what would be the first known case of the reclusive nation using its growing hacking capability to cause major disruptions to a company in the United States.

The attack brought Sony, one of Hollywood's biggest studios, to a near-standstill last week, forcing employees to use paper and pens instead of their computers. Hackers also deleted files from hard drives, uploaded several unreleased films to the Internet and leaked sensitive personal information regarding thousands of Sony employees.

The cyberattack may have come in retaliation for Sony's upcoming movie "The Interview," a comedy built around a fictional CIA plot to kill North Korea's 31-year-old supreme leader, Kim Jong Un, say people familiar with the probe who spoke on the condition of anonymity because the investigation is not complete.

North Korean officials have repeatedly complained about the movie — which is due to open in theaters on Christmas Day — warning of "stern" and "merciless" retaliation. On Tuesday, a North Korean government spokesman declined to comment on whether it was behind the Sony incident, according to a report by BBC News that quoted the spokesman as saying, "Wait and see."

If investigators' beliefs turn out to be true, the hack on Sony would mark a troubling new development at the intersection of international relations, commerce and cyberspace.

"This is a step beyond what they've done in the past, but it's a logical trajectory for them," said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies. He said he did not have definitive knowledge that North Korea was responsible for the Sony hack but noted that it shared characteristics of cyberattacks by North Korea against South Korean companies.

Banks in South Korea were hit last year by a virus that deleted data from hard drives in a cyberattack campaign that investigators dubbed "Dark Seoul." Jaime Blasco, labs director for the security firm AlienVault, said analyses of the malicious software used in that attack and the one against Sony show similarities. "The techniques and code are similar in both," Blasco said. Dark Seoul was attributed to North Korea by the cybersecurity firm CrowdStrike, which dubbed the hacker group Silent Chollima.

Foreign-government hackers for years have stolen information from U.S. companies and in some cases disrupted online operations, but the cyberattack against Sony Pictures has been unusually intrusive and seemingly vengeful.

Disruptions to computer systems began in the days before Thanksgiving, and this week private company records were made available online, according to various media reports. The records have included employee salaries, evaluations by their managers and Social Security numbers, the Web site Fusion has reported.

Sony Pictures, a U.S.-based subsidiary of a Japanese conglomerate, is the studio behind movies such as "The Amazing Spider-Man" and "Fury."

The company did not comment directly on reports of possible North Korean responsibility for the attack but issued a statement saying: "Sony Pictures continues to work through issues related to what was clearly a cyber attack last week. The company has restored a number of important services to ensure ongoing business continuity and is working closely with law enforcement officials to investigate the matter."

The FBI, which is investigating the Sony hack, declined to comment on who was behind it. On Monday, the bureau issued a flash warning to businesses about "destructive malware," though it did not specifically link the alert to the Sony hack. The alert noted that the malware was written in the Korean language and was capable of overriding data on hard drives and erasing data files stored on machines.

In "The Interview," Seth Rogen and James Franco play a producer and talk-show host who are headed to North Korea for an exclusive interview with Kim and are then tasked by the CIA with killing him. North Korean officials also complained to the United Nations and the United States about the film.

A State Department official, speaking on the condition of anonymity, declined to comment on allegations about North Korea but said: "We are of course aware of reports about North Korean concerns about this movie. While it may be difficult for [North Korea] to understand the concept, in the United States, entertainers are free to make movies of their choosing."

The investigation into the attack could take months, and some media outlets have pointed to the possibility that current or former employees could be responsible for the leaked information. A person familiar with the investigation said that is not likely.

The hack "sounds like one of Sony's own movie plots," said Jason Healey, director of the Atlantic Council's Cyber Statecraft Initiative. "As crazy as the North Koreans are, most of us would have completely dismissed this as a ridiculous plot for a Hollywood movie."

Though disruptive, he said, the attack shows how cyberattack techniques are not "a strategic weapon that terrorizes societies and brings down infrastructure." But it also shows "that nations are increasingly comfortable with using cyber in this gray area between peace and war."

The State Department has attempted to establish norms of responsible state behavior in cyberspace, aimed at promoting the use of cybertechnology for peaceful purposes, but rogue countries such as North Korea are among the most resistant.

Healey said the U.S. government should speak up if North Korea is proved to be behind the incident and establish the norm that civilian targets should not be subject to cyberattacks. "If we're saying it's okay to hack companies that are saying things you don't like, is Twitter going to be next? Is Facebook going to be next?"

The wave of cyberattacks against large U.S. retailers, including Target and Home Depot, over the past year has made hacks feel like a fact of life for many consumers. But the cyberattack against Sony was more strikingly disruptive.

"It is now apparent that a large amount of confidential Sony Pictures Entertainment data has been stolen by the cyber attackers, including personnel information and business documents," said a memo from Sony Pictures Entertainment chiefs Michael Lynton and Amy Pascal, according to a copy obtained by the Hollywood Reporter. "While we are not yet sure of the full scope of information that the attackers have or might release, we unfortunately have to ask you to assume that information about you in the possession of the company might be in their possession."

The posting of employee information online came a week after Sony employees reportedly were met with computers displaying images of a neon red skull and a message proclaiming the company had been hacked by "#GOP," said to stand for "Guardians of Peace."

"If it's true that North Korea was behind it, it almost seems to be taking a tool from the methods of terrorists who try to hurt innocent civilians to attack a country or a company," said Jules Polonetsky, executive director of the Future of Privacy Forum. "They've apparently gone to great lengths to personally hurt individuals who are working at the company to assert displeasure at the company."

[Valmy]

It is so weird to hear Sony described as an American company.  Yes I know they threw out the fact it is part of a Japanese conglomerate.

[The Brain]

A shamefur dispray.

[Martinus]

A shamefur dispray.

[Ideologue]

A neon red skull? What is this, 1999?

[Ideologue]

Anyway, this is an act of war and Pyongyang should be liberated by W87.

[Josquius]

The main thing being reported about these hacks is the release of a bunch of dvd screeners of movies.
Which...well thanks for letting me see Fury early but it isn't really too significant a point.
Far more potentially damaging to Sony is the huge amount of personal data of former and current employees that has been released. In the US that is major law suit territory....

[CountDeMoney]

Far more potentially damaging to Sony is the huge amount of personal data of former and current employees that has been released. In the US that is major law suit territory....

Yeah, dropped a shitload of salary information and personnel reviews, as well as the attendant "unofficial" emails regarding them.  Very embarrassing stuff.

One of these days, companies will figure out that they are going to have to spend real money to take care of their information, regardless of the impact on shareholder value.

The Sony Hack Gets Even Worse as Thousands of Passwords Leak
http://gizmodo.com/sony-pictures-hack-keeps-getting-worse-thousands-of-pa-1666761704

A new trove of documents leaked from the Sony Pictures hack is now out in the wild. And, somewhat astoundingly, it takes the whole debacle to a new level of absurdity since the data includes a file directory named "Password". Can you guess what's inside?

Yep, it's thousands of usernames and passwords. BuzzFeed rather easily found the "Password" folder in the newly released data and reports that it "includes 139 Word documents, Excel spreadsheets, zip files, and PDF's containing thousands of of passwords to Sony Pictures internal computers, social media accounts, and web services accounts." The kicker: "Most of the files are plainly labeled with titles like 'password list.xls' or 'YouTube login passwords.xlsx.'" Because when hackers go looking for sensitive information like login credentials, they would never think to search for the word "password".

Seriously, though, whichever cyber security whiz was keeping track of Sony Pictures' credentials didn't even try to hide it.



BuzzFeed points out that the passwords aren't even good passwords. They're not just social media accounts either. At least one department's document included passwords for everything from its AmEx account to its Amazon account. That makes it pretty easy for a hacker to go on a shopping spree!

There probably weren't any shopping sprees happening in Pyongyang, though. North Korea denies any involvement in the attack, despite all the rumors that it was in retaliation for Sony Pictures making a movie about assassinating Kim Jong-Un. It's starting to look like a band of hackers just did this for the lulz. Sadly, this isn't even the first time that Sony Pictures has had passwords stolen for lulz. Some companies never learn.

[Capetan Mihali]

Bit of a provocation though, wasn't it?  Not that I'm saying "with a dress that short so late at night"... but the whole premise of the show is whacking this guy?

[CountDeMoney]

You're assuming NK has the capabilities for this.  Maybe they do, maybe they don't.

Or was the remake of Red Dawn even too shitty for them to give a fuck?

[jimmy olsen]

They shut down the biggest bank in South Korea last year, and the code for this attack is similar to what was used for that.

[Tonitrus]

You're assuming NK has the capabilities for this.  Maybe they do, maybe they don't.

Or was the remake of Red Dawn even too shitty for them to give a fuck?

Killing the Dear Leader = bad.

Being able to take on the US and invade/occupy parts of the Homeland? = good.

[CountDeMoney]

They shut down the biggest bank in South Korea last year, and the code for this attack is similar to what was used for that.

The code was a mishmash of source code from a variety of shit out in the hackosphere.  Not saying they didn't do it, but thumbprints of code are an unreliable indicator these days.  Some of it was in Korean, some of it wasn't.

[CountDeMoney]

Meanwhile, North Korean amateurism aside, in real hacker news...

Kenya arrests 77 Chinese over 'hacking'
Police say gang that lived near US embassy in Nairobi was "preparing to raid the country's communication systems".
Last updated: 04 Dec 2014 17:54
Al Jazeera

Kenyan police have arrested 77 Chinese nationals and are consulting experts to see if they used advanced communications equipment in several houses in an upscale Nairobi neighbourhood to commit espionage.

Kenya's foreign ministry has also summoned China's top diplomat in the capital Nairobi as it seeks to establish if Beijing was in anyway linked to the affair.

Police said they believed the gang was "preparing to raid the country's communication systems".

The Daily Nation newspaper said a series of police raids had turned up equipment capable of infiltrating bank accounts and government servers, Kenya's M-Pesa mobile banking system and ATM machines.

"The suspects are being interrogated to establish their mission in the country and what they wanted to do with the communication gadgets. They have been charged in court," said the director of Kenya's Criminal Investigation Department, Ndegwa Muhoro.

"We have roped in experts to tell us if they were committing crimes of espionage,'' he told the Associated Press news agency.

Police said many of those detained appeared to have been in the country illegally.

The arrests began on Sunday, when computer equipment in one of the upscale houses the Chinese nationals had rented near the US Embassy and UN headquarters caught fire, killing one person.

Kenyan foreign minister Amina Mohamed "made it clear that the Chinese government should fully cooperate on this matter," Kenya's communications minister Fred Matiang'i said, adding that China has promised to send investigators to Kenya to work on the case. 

Police said it appeared the group was also manufacturing ATM cards, and that the suspects may have been involved in money laundering and Internet fraud.

[Admiral Yi]

Bit of a provocation though, wasn't it?  Not that I'm saying "with a dress that short so late at night"... but the whole premise of the show is whacking this guy?

Then what are you saying?