Was It an Inside Hack at Sony Pictures?

Several tech experts believe the hack on Sony Pictures that happened in 2014 was not conducted by North Korea, but was in reality an inside job. Whether it was or not, one thing we do know is that it was one of the most serious hacks in the history of corporate America.

To bring you up to speed, Sony Pictures was about to release a movie called The Interview, which depicts a fictionalized assassination of Kim Jung Un, leader of North Korea. Kim was certainly not happy about the film, so when Sony was hacked at about the same time the movie was released, the first thought was that the hack originated from North Korea.

The night of the attack, however, a North Korean diplomat interviewed on Voice of America said his country had nothing to do with the attack. While his comments were ignored at the time, some tech experts now believe he might have been telling the truth.

Everyone was sure North Korea was behind the Sony Pictures hack. So, why the second thoughts today, and even more, why do they persist?

According to Martyn Williams, a senior consultant for Computerworld Magazine, among the reasons are the following:

  • At the time of the attack, computers at Sony in the U.S. displayed a message threatening the release of very confidential internal documents unless certain demands were met. North Korea has never made public demands in the past with any of their cyberattacks.
  • Right after the attack, a group known as the Guardians of Peace claimed responsibility for the attack. In the past, no North Korean hackers have claimed credit for a cyber incident.
  • Much of the information stolen by the hackers was later posted on the Twitter accounts of Sony employees—pointing directly to the theory that this was an inside job. Further, North Korea has not proven itself to be very Twitter-savvy.

Additionally, a hacker tracking company, Norse, told Sony and the FBI that based on the information they had collected, it appears one or more disgruntled Sony employees in Japan—not in the U.S.—were involved in the attack. Further, while some Sony-produced movies were stolen in the attack, quite interestingly, The Interview was not one of them.

“The only reason people are talking about North Korea is that North Korea spoke out against Sony,” says Tommy Stiansen with Norse. “But North Korea is better than that. They would not steal all the other movies and not grab The Interview. I am convinced that this is an inside job.”

How this happened at Sony Pictures and who was behind it is not our debate at TAL Global. Our concern is how to protect our clients from anything like this ever happening to them.

The first thing company administrators should know is that while such events are rare, they do happen. Often a data breach is minor, getting little notice.

Whether the breach is large or small, it should be reported to all staff. At the very least, this tells everyone in the company that administrators are aware of it and are looking into the situation—and who might be behind it.

Company administrators must limit how many people have access to sensitive electronic information. Plus—people,  passwords, and credentials allowing access to this information should be changed regularly.

Administrators should investigate cybersecurity software. Many breaches are accidental, the result of a human error. An up-to-date security software program may be able to catch the weak link before any secured information is leaked.

Finally, have a risk assessment conducted. An effective, thorough risk assessment will investigate vulnerabilities and suggest steps administrators can take to address them and protect private company information.

To contact TAL Global, click here.

As always, we value your feedback, which helps us shape our perspective on recent events, security, and the services we offer.

Stay safe,

Johnathan Tal
Chief Executive Officer
TAL Global
O: 1-408-993-1300

© TAL Global, 2019