When Sony Pictures Entertainment was hacked late last month, they — and many in the news media — were quick to blame North Korea, citing Pyongyang’s displeasure over the upcoming comedy The Interview and the Korean programing language used in the attack. The New American reported that a mysterious hacktivist group calling itself the Guardians of Peace (GOP) was probably behind the attack. As more information has come to light over the past few days, it now seems clear that this is the case and that the nightmare is far from over for Sony Pictures Entertainment.
When employees of Sony Pictures attempted to log onto their computers on November 24, they were greeted with an ominous message on their monitors: “Hacked by #GOP” — which included a graphic of a skeleton and several accusations against Sony Pictures and threats that they would begin leaking the nearly 100 terabytes of data they had stolen. The message alluded to demands they had made that had not been met, leading many to speculate about what those demands might have been. Several news sites reported that the demands may have had something to do with the upcoming release of The Interview, a comedy starring Seth Rogen and James Franco. In the film, Rogen and Franco play a pop journalist and his producer who are recruited by the CIA to assassinate North Korean dictator Kim Jong-un. North Korea denounced the film, but denied any involvement in the cyber-attack.
The hackers began making good on their threats right away by leaking a trove of data, including personnel files, salaries and salary negotiations, employee Social Security numbers, an unreleased script, and five movies (four of which are not even in theaters yet). In the past week and a half, they have continued to leak more and more stolen data to the Internet. Some of that data included embarrassing e-mails in which Sony Pictures Executives insult some very big names in Hollywood, possibly damaging relationships with actors, producers, and directors.
The new leaks also included e-mails from a hacker group calling themselves “God’sApstls.” One of those e-mails, dated November 21, was addressed to executives at Sony Pictures Entertainment, including CEO Michael Lynton and Chairwoman Amy Pascal. The e-mail hints at previous communications and demands that Sony pay extortion or suffer the consequences, “Monetary compensation we want. Pay the damage, or Sony Pictures will be bombarded as a whole.”
According to a report by Wired, the suite of attack files used in the Sony Pictures hack, called “Destover,” causes infected computer systems to show the following message on monitors:
We’ve already warned you, and this is just a beginning.
We continue till our request be met.
We’ve obtained all your internal data including your secrets and top secrets.
If you don’t obey us, we’ll release data shown below to the world.
Determine what will you do till November the 24th, 11:00 PM(GMT).
Post an email address and the following sentence on your twitter and facebook, and we’ll contact the email address.
Thanks a lot to God’sApstls [sic] contributing your great effort to peace of the world.
And even if you just try to seek out who we are, all of your data will be released at once.
Guardians of Peace claims not to know anything about the attempts at extortion, though they have claimed responsibility for the cyber-attack from the beginning and have been responsible for the leaked data. It appears that God’sApstls and Guardians of Peace are the same group and that once their demands weren’t met, they switched tactics and have tried to distance themselves from any monetary motives and instead cast themselves as digital crusaders. It may be that both motives are at work. Hacker groups are rarely monolithic. Most often, there are competing ideologies and motives within these groups, as has been the case with the hacktivist group known as Anonymous, which has at times acted out of a sense social awareness (however distorted) and other times acted in ways that seem like random acts of childishness. If that is the case here, there may be some in the Guardians of Peace/ God’sApstls group that are more interested in extortion and others who want to ruin Sony Pictures Entertainment by a prolonged campaign of leaking files, some that cause financial loss and others that cause embarrassment.
Guardians of Peace is now threatening even more leaks and posting on popular Internet bulletin boards that they want to know what people want them to release next. One post read, “We are preparing for you a Christmas gift. The gift will be larger quantities of data. And it will be more interesting. The gift will surely give you much more pleasure and put Sony Pictures into the worst state. Please send an email titled by ‘Merry Christmas’ at the addresses below to tell us what you want in our Christmas gift.”
Sony Pictures Entertainment is not taking it lying down. The entertainment giant has gone on the offensive, seeding popular download sites with files that appear to be leaked data, including movies, but are actually files that take hours or days to download and then contain no data. The tactic is designed to frustrate the users of these sites and discourage them from continuing to look for the actual leaked content. The tactic may succeed in keeping the leaked files from reaching as many users as might otherwise have happened, but it may also backfire from a public relations point of view, as many are now seeing the ugly side of the company due to the e-mails that have been leaked.
Sony has also issued requests under the Digital Millennium Copyright Act (DCMA) for sites to remove the content. In many cases this seems to have been successful. Several popular download sites are removing the leaked material as soon as it is posted.
Two other big moves attempted by Sony Pictures Entertainment to defend themselves have failed completely. Executives at Sony tried to get competing studios to sign a public letter showing support for the beleaguered company, but they all refused. Sony also tried to prevent news media from reporting on the specifics of the leaked information. Sony attorney David Boies sent a letter to several news outlets threatening them with action if they kept the information they have received. The letter said that Sony Pictures “does not consent to your possession, review, copying, dissemination, publication, uploading, downloading or making any use” of the leaked data. The letter went on to say, “If you don’t comply with this request, [Sony]will have no choice but to hold you responsible for any damage or loss arising from such use or dissemination by you.” The news media seem to have ignored the letter, except to report on it.
It looks like Sony Pictures is having a bad week. If the hackers who call themselves Guardians of Peace/ God’sApstls make good on their threats, it looks to be shaping up for a very bad Christmas, too.