On November 25, 2014, a group calling themselves the Guardians of Peace (GOP) put some unreleased Sony movies online. Almost immediately, there was speculation that North Korea was responsible. Mind you- not North Korean hackers, but North Korea itself. So why did people think a government would hack a US movie studio? At the time, Sony was about to release a movie called "The Interview". This comedy was about two news reporters who get a chance to interview Kim Jong Un, and the CIA asks them to carry out an assassination. North Korea said that if the movie was released, they would consider it an act of war. In fact, North Korea complained to the United Nations about the film, without specifically naming it. Given the name of the group- Guardians of Peace- this almost made sense.
The problem is, just five days after Sony was ready to pin everything on North Korea, the FBI said they cannot attribute it to North Korea. But, three days later, Mike Rogers, the chairman of the House Intelligence Committee said that North Korea was responsible. So, the question becomes whether he was relying upon incorrect initial reports, or whether the government intelligence community thought North Korea was responsible, changed their minds, and then changed them back (in the span of eight days).
Meanwhile, many movie chains refused to release The Interview, possibly out of fear of being hacked themselves. The movie suddenly became a pop phenomenon, and many people went to see it specifically because of all the attention surrounding the film. I will hazard a guess that this movie would have easily flopped if the hack hadn't occurred; and if I was a more cynical person, I would write a Hollywood blockbuster where a movie studio hacks themselves to build hype for a movie that's certain to flop.
That being said, it's unlikely here. Not only did the movie get released online, but so did a lot of employee personal data and emails. Several executives had a series of uncomfortable emails released where they trashed various celebrities. It's hard to get your talent to work with you if you've said some nasty things behind their back.
So who was really responsible for the hack? That depends on who you ask. Some are still pointing to North Korea. Others are saying this is an inside job. I tend to hold with RiskBasedSecurity in their "Attribution Bingo". I wonder if we can expand on the idea and make it Attribution Clue: North Korea via an insider threat trojan.
References:
A Breakdown and Analysis of the December, 2014 Sony Hack. (2014, December 5). Retrieved September 14, 2015, from https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack/
No comments:
Post a Comment