North Korea denies Sony hack that exposed 47,000 personal records
North Korea has denied responsibility for hacking Sony Pictures Entertainment
North Korea has officially denied responsibility for hacking Sony Pictures Entertainment, an act that crippled the company’s network and exposed the personal details of 47,000 people.
Hollywood stars including Sylvester Stallone were among those connected to the company whose personal details have been posted online by hackers, reported the Wall Street Journal.
Reports of Korean in the malware code used by the hackers sparked speculation the attack was in retaliation for the film The Interview, which is about a plot to assassinate the North Korean leader.
Fuelling the speculation, an unofficial spokesperson for North Korea criticised the film in an interview with The Telegraph saying it showed the "desperation of the US government and American society."
Some security commentators have also pointed to similarities between the Sony attack and a cyber attack allegedly by North Korea against South Korean banks and TV networks in 2013.
More on data breaches
- Rich Mogull's Data Breach Triangle: Rethinking data breach prevention
- US State Department bolsters email security after suspected breach
- Spotify warns of data breach
- JP Morgan breach affects seven million small businesses
- Home Depot under fire for data breach notification
- US military logistics arm breached by China-linked hackers
- Breach response plan is a must for enterprise security
- Best practices for security data breach reporting
- Finance and retail applications most vulnerable to breaches
- Courier firm UPS warns of potential data breach
- Staples breach update: Cyber insurance may cover retailer's costs
- US supermarket retail chain Supervalu reports cyber breach
- Most businesses do not understand risks of data breaches, study finds
- Home Depot security breach: Losses include 53 million email addresses
- UK micro businesses unprepared for data breaches, study shows
But a North Korean diplomat in New York has told US broadcaster Voice of America that the speculative reports linking North Korean hackers to the attack are incorrect.
Speaking on condition of anonymity, the official described the reports linking North Korea to the Sony hacking as “another fabrication targeting the country”.
"My country publicly declared that it would follow international norms banning hacking and piracy,” he said.
So far the only claim of responsibility for the attack has come from a group calling itself Guardians of Peace or #GOP, but nothing is known about the group or its reasons for attacking Sony.
Shortly after the attack, the group threatened to release sensitive data if Sony did not meet its demands, but no details have been made public.
Since then, four still-to-be-released Sony films have been leaked online, along with personal details such as social security numbers of 47,000 employees and freelancers.
The leaked data has also included details of salaries and bonuses; performance reviews; criminal background checks and termination records; correspondence about employee medical conditions; and passport and visa information.
Computer-killing malware
The FBI, which is investigating the attack with FireEye’s Mandiant division, issued a warning about computer-killing malware that is believed to be linked to the Sony attack.
According to the FBI, the malware overrides all data on the hard drives of computers, including the master boot record, preventing them from booting up.
"The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," said an FBI report.
While this type of attack has been seen before, such as the attack on Saudi Aramco in August 2012 that downed around 30,000 computers, this malware marks a shift in attacks on US-based firms.