In a recent cyber attack on Nov. 24 at Sony Pictures Entertainment, hackers stole and posted over 100 terabytes of data from the studio, including movies, employees’ Social Security numbers, business documents and even a spreadsheet allegedly revealing the salaries of the top Sony Pictures executives. A number of Sony movies, such as “Annie,” “Mr. Turner” and “To Write Love on Her Arms” were also leaked, according to CNET.
Hackers, claiming to represent the “Guardians of Peace” (GOP) group, also directly threatened Sony employees. According to Variety, an email sent to employees warned: “your family will be in danger.”
The FBI launched a probe into the attack, warning companies in the entertainment sector about ‘destructive’ malware that overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up. A five-page document was issued, outlining advice on how to best respond to malware and urging businesses to contact the FBI if they identified similar malware.
“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report explained.
According to security experts, repairing the computers would require technicians to manually replace the hard drives on each computer, or re-image them, which is both time-consuming and costly.
Although the cyber criminals remain a mystery, some believe North Korean involvement may be at play. Experts claim this cyber attack and a separate attack against South Korea used very similar malware. Both were also written in Korean, according to the FBI.
This comes before Sony’s anticipated comedy “The Interview,” starring Seth Rogen and James Franco as journalists involved in an assassination attempt on North Korean leader Kim Jong-Un.
Back in June, the Pyongyang government called the film an “undisguised sponsoring of terrorism, as well as an act of war” in a letter to U.N. Secretary-General Ban Ki-moon.
North Korea’s state-run propaganda arm KCNA purportedly applauded the data breach, calling it “a righteous deed.”
The cyber attack plot thickened on Sunday night, Dec. 7 when Sony’s online PlayStation store was inaccessible to users for two hours. A message read, “Page Not Found! It’s not you. It’s the Internet’s fault!” Gamers also reported difficulties when playing online games.
To date, there is no sign of any data being stolen.
A hacker group under the name of Lizard Squad appeared to take responsibility for the attack, sharing on its Twitter account: “PSN Login #offline.”
Lizard Squad was the same account that warned the public earlier this year that explosives might be on an American Airlines flight that was carrying a Sony executive among its passengers. AA diverted the domestic U.S. flight. Lizard Squad also previously claimed responsibility for a PlayStation network disruption, as well as attacks on the Vatican’s website, Battle.net and League of Legends.
Hackers also targeted Sony’s network on several occasions in the past, including an attack in April of 2011 which compromised the personal data of 77 million user accounts. The breach exposed players’ names, addresses, email addresses, birthdates, usernames, passwords, logins and security questions. Even children who had accounts established by their parents may have had data exposed, according to Sony.