Hacker attack on Sony Pictures an ‘unparalleled crime’, says investigator

8 Dec 2014

The cyberattack against Sony Pictures is “unprecedented,” the CEO of FireEye’s Mandiant forensics unit Kevin Mandia has told the head of Sony Pictures Michael Lynton.

The cyber-attack knocked much of Sony Pictures’ network offline, resulted in the theft and distribution online of five movies about to be released to cinemas worldwide as well as the exposure of vital records including celebrity data and over 47,000 social security numbers.

In the aftermath of the attack that began a fortnight ago Sony Corp hired Mandiant to investigate the breach and find out what happened and how it happened.

North Korea has been suspected of being the orchestrator behind the attack, chiefly because Sony Pictures was releasing a movie called The Interview which parodied the dysfunctional state and its so-called leadership.

In an email that was obtained by Reuters and sent by Lynton to Sony employees, Mandia said: “The scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public.

“The bottom line is that this was an unparalleled and well planned crime, carried out by an organised group, for which neither SPE nor other companies could have been fully prepared.”

It is understood that the restoration of Sony’s network is taking some time as each drive needs to be manually replaced or re-image.

Prime suspect calls it ‘a righteous crime’

North Korea has denied allegations that it has been behind the attack on Sony Pictures.

However, in a statement the communist dictatorship described the act as “a righteous deed of the supporters and sympathisers.”

One of the main reasons North Korea is considered a suspect is the code used to attack Sony Pictures is identical to code North Korean hackers used to attack South Korea last year.

It is understood that the attack went undetected by standard anti-virus software. But the question remains: did Sony have all the safeguards in place to defend itself fully?

The attack occurred a fortnight ago and the first Sony realised what had happened was when its entire computer network was down.

The attacker posted images alleging he or she was a former employee and had sensitive financial data.

A post has appeared in the /r/ hacking thread on Reddit by a person claiming to be a former Sony Pictures employee claiming credit for the attack.

A screenshot emblazoned with the words “Hacked By #GOP” was also posted in the Reddit thread.

FireEye is a Silicon Republic Featured Employer, comprised of top tech companies that are hiring now.

Hacker image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com