The Sony empire strikes back – unleashes DDoS attacks against pirates

11 Dec 2014

Reeling from an unprecedented hacker attack that saw five blockbuster movies released to the wild, Sony has counter-attacked with a spate of DDoS attacks against pirates and sites hosting stolen information.

Sony Pictures Entertainment is understood to be using hundreds of computers in Asia to execute the denial of service (DDoS) attacks against sites that have hosted stolen material, from files to illegal copies of its movies.

The spearhead of the counter-attack is being driven through Amazon Web Services via its servers in Singapore and Tokyo.

The attacks against Sony occurred two weeks ago. The company first realised what had happened when its entire computer network was down.

A post has appeared in the /r/ hacking thread on Reddit by a person claiming to be a former Sony Pictures employee and claiming credit for the attack. A screenshot emblazoned with the words ‘Hacked By #GOP’ was also posted in the Reddit thread. The group claiming credit for the attacks calls itself Guardians of Peace.

At least five waves of leaks have occurred, including the leaking of new movies Annie and Fury, details of 47,000 social security numbers, not to mention embarrassing, private correspondence between senior Sony Pictures executives and producers over the suitability of Hollywood stars, such as Angelina Jolie, to direct movies.

An unparalleled attack

Piqued by the forthcoming movie The Interview, North Korea is suspected of being behind the attack because the code Guardians of Peace used to infiltrate Sony Pictures’ servers is identical to code North Korean hackers used to attack South Korea last year.

North Korea has denied it has any links with Guardians of Peace but described the act as “a righteous deed of the supporters and sympathisers”.

Sony hired FireEye’s Mandiant forensics group to investigate the attack. Mandiant’s chief executive Kevin Mandia in an email told the head of Sony Pictures Michael Lynton, “The bottom line is that this was an unparalleled and well-planned crime, carried out by an organised group, for which neither SPE (Sony Pictures Entertainment) nor other companies could have been fully prepared.”

According to Re/Code, the ploy by Sony to launch DDoS attacks is similar to an earlier tactic where people trying to download illegal copies of popular movies such as Spider-Man were directed to decoy networks where they spent hours trying to download what turned out to be an empty file.

Spider-Man image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com