News sources report of a large-scale cyber-attack against Sony Pictures by an entity calling themselves Guardians of Peace (#GOP). North Korea has refused to confirm or deny any involvement, claiming Sony needs to “wait and see”.
Sony Pictures experienced a devastating cyber-attack on November 25th 2014. The attack included the early release of several major productions including; “Fury”, “Annie”, “Still Alice” and “To Write Love on Her Arms”.
“Fury”, a war movie starring Brad Pitt, has since become the second most downloaded film on torrent sites. All of the above mentioned films are not scheduled for release until later this year or early 2015.
Comments from Sony Pictures indicate that they do not know who instigated the attack and are attempting to trace the major disturbance. Hackers signed the message accompanied with the strike with ‘#GOP’ or the ‘Guardians of Peace’.
As well as leaking the productions, the hackers also released 27 Gigabytes of files online. The sensitive material included meeting notes and documents, legal paperwork and employee information. So in other words, a complete Human Resources catastrophe.
To make matters worse, anonymous sources claim that the hackers could potentially have possession of an estimated 11,000 Gigabytes more of other sensitive information not yet seen by the public. A warning to Sony Pictures announced that such data would be released if their demands were not met (demands which were not stated publicly).
The cyber-attack has been a major obstacle for Sony Pictures as they attempt to get systems back online. Many Sony employees were still forced to communicate through text messages and cell phone calls a week after the attack.
Many have speculated that the cyber-attack may have stemmed from North Korean threats issued earlier in the year. Troubles between Sony Pictures and North Korea began over the production of the movie “The Interview”. The film features Seth Rogen and James Franco as celebrity TV journalists who gain access to interview North Korean dictator Kim Jong Un. Prior to the interview, CIA intercepts the duo and asks them to assassinate Kim Jong Un.
Apparently the North Korean government did not see the humor in the major film production. When initial previews for “The Interview” were released, reports stated that officials from North Korea demanded that the the movie be banned and that the failure to stop its release would be considered an “act of war”. North Korea warned that responses would be “resolute and merciless” if action to stop the movie was not taken.
When North Korean officials were questioned about their involvement in the cyber-attack their only response was that Sony must “wait and see.” The FBI, now involved with this ongoing investigation, stated that many major US corporations have also been targeted with large scale cyber-attacks and that North Korea may not be to blame.
Many were shocked by the allegations that somehow North Korea would have the skills and resources necessary to accomplish such a major assault, but experts say that Pyongyang should not be underestimated as a potential threat. In fact, this article posted in 2013 outlines that “North Korean cyberwarfare capabilities are far more potent than previously believed.”
One thing is certain: either North Korea has surprised us all with their superior hacking skills or North Korea was surprised by the excellent timing of another black hat organization’s attack and are more than willing to tag along for the ride. Either way, Sony Pictures has major work to do to return to business as usual.
UPDATE: As of 12/8/2014 North Korea has formally denied any involvement in the attack, claiming that Guardians of Peace (#GOP) are supporters of North Korea. Although North Korean officials have refused to take responsibility in the hack, their statement claimed the actions of the #GOP “might be a righteous deed.” Some say that this does not clear North Korea of suspicion as new threats have been issued over the weekend.
In an attempt to learn from unfortunate situations, here is a review on the best practices we can all take to protect ourselves from hackers (besides not upsetting an entire dictatorship):
- Stay away from spammy websites or any links that could be associated with sites that aren’t up to par. Especially beware of “get traffic quick” gimmicks.
- Don’t use generic usernames like admin or administrator – these are easy pickings for hackers.
- Create a strong password with a password generator and change it often.
- Update, update, update! Keep all applications and security software up to date.
- Protect your information at all costs. Never give personal information to anyone you don’t absolutely trust and never reveal your username and password to anyone.
- Keep your knowledge up to date. The more you can learn about web hosting and the potential problems, the easier your hosting experience will be.
There’s always going to be the threat of black hat intrusions, but by taking some easy steps you can at least make it a challenge to access your site.
For more information on protecting your site from hackers please visit our knowledge base at: Support.Midphase.com
This article was brought to you by Midphase, for shared hosting, cloud servers and 24/7 support visit our site here www.midphase.com