{"id":7040,"date":"2014-12-04T12:49:48","date_gmt":"2014-12-04T17:49:48","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=7040"},"modified":"2014-12-04T12:49:48","modified_gmt":"2014-12-04T17:49:48","slug":"sony-pictures-hack-gets-uglier-north-korea-wont-deny-responsibility-updated","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/04\/sony-pictures-hack-gets-uglier-north-korea-wont-deny-responsibility-updated\/","title":{"rendered":"Sony Pictures hack gets uglier; North Korea won\u2019t deny responsibility [Updated]"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/arstechnica.com\/security\/2014\/12\/sony-pictures-hack-gets-uglier-north-korea-wont-deny-responsibility\/\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/12\/sony_korea.jpg\" alt=\"\" \/><\/a><\/p>\n<p>More evidence has emerged that makes the Sony Pictures hack look similar to a suspected attack on South Korean companies over a year ago. And a spokesperson for the North Korean government, rather than denying his country\u2019s involvement, is playing coy as the damage to Sony appears to be growing daily.<\/p>\n<p>When contacted by the BBC, a spokesperson for North Korea\u2019s mission to the United Nations said, &#8220;The hostile forces are relating everything to [North Korea]. I kindly advise you to just wait and see.&#8221;<\/p>\n<p>Sony Pictures\u2019 computers were reportedly the victim of wiper malware which erased all the data on infected PCs and the servers they were connected to. As Ars reported yesterday, this is similar to the attack on two South Korean broadcasters and a bank that was launched in 2013. As security reporter Brian Krebs reports, the FBI sent out a \u201cFlash Alert\u201d to law enforcement warning of a cyber attacker using \u201cwiper\u201d malware this week\u2014malicious software that erases the entire contents of the infected machine\u2019s hard drives as well as the contents of the master boot record of the computer. The FBI shared a Snort intrusion detection signature for the malware file, and as Krebs noted, &#8220;the language pack referenced by the malicious files is Korean.&#8221;<\/p>\n<p>The attackers also posted archive files online containing at least 25 gigabytes of data from Sony\u2019s network. [Update: in an e-mail to Ars that included a link to an archive of some of the stolen Sony Pictures data, an individual claiming to be &#8220;the boss&#8221; of the attackers known as GOP claimed that &#8220;tens of TB&#8221; of files had been exfiltrated and would be shared as soon as possible.] Some of those files included Excel spreadsheets and screen grabs from mainframe terminal sessions including employee payroll and medical data.<\/p>\n<p>A link to the Pastebin page has been removed by Google after a Digital Millenium Copyright Act complaint by Sony, and other Pastebin pages related to the data have been removed. Sites hosting the data that were listed in the original Pastebin page were apparently subjected to a denial of service attack by someone attempting to stop the spread of the data. However, the files have now been shared through torrents.<\/p>\n<p>Among the files released through links posted to Pastebin and now circulating on filesharing networks, according to a report by Kevin Roose of Fusion, are:<\/p>\n<p>A spreadsheet including the names, birthdates, and social security numbers of 3,803 employees of Sony Pictures.<\/p>\n<p>Payroll breakdowns for the entire company in a spreadsheet.<\/p>\n<p>A spreadsheet detailing all the Sony Pictures employees terminated in 2014, including cause for termination; many were laid off as part of a corporate reorganization. The spreadsheet also included the termination costs for each employee, including severance and COBRA benefits.<\/p>\n<p>Employee performance reviews.<\/p>\n<p>Salaries for top executives\u2014including a spreadsheet that shows that Sony Pictures\u2019 Columbia Pictures subsidiary co-president Michael De Luca gets paid almost $1 million more than Columbia\u2019s other co-president, Hannah Minghella.<\/p>\n<p>Read more: <a href=\"http:\/\/arstechnica.com\/security\/2014\/12\/sony-pictures-hack-gets-uglier-north-korea-wont-deny-responsibility\/\" target=\"_blank\">Sony Pictures hack gets uglier; North Korea won\u2019t deny responsibility [Updated] | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>More evidence has emerged that makes the Sony Pictures hack look similar to a suspected attack on South Korean companies [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7],"tags":[455,599,1002],"class_list":["post-7040","post","type-post","status-publish","format-standard","hentry","category-security","tag-hacking","tag-korea","tag-sony"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1Py","jetpack-related-posts":[{"id":7480,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/20\/nsa-secretly-hijacked-existing-malware-to-spy-on-n-korea-others\/","url_meta":{"origin":7040,"position":0},"title":"NSA secretly hijacked existing malware to spy on N. Korea, others","author":"NCCT","date":"January 20, 2015","format":false,"excerpt":"A new wave of documents from Edward Snowden's cache of National Security Agency data published by Der Spiegel demonstrates how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations' hacks for intelligence collection and other purposes. In one case,\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":8210,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/05\/this-terrifying-malware-destroys-your-pc-if-detected\/","url_meta":{"origin":7040,"position":1},"title":"This terrifying malware destroys your PC if detected","author":"NCCT","date":"May 5, 2015","format":false,"excerpt":"A new type of malware resorts to crippling a computer if it is detected during security checks, a particularly catastrophic blow to its victims. The malware, nicknamed Rombertik by Cisco Systems, is designed to intercept any plain text entered into a browser window. It is being spread through spam and\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7164,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/18\/personal-information-of-current-and-former-sony-employees-leaked-by-hackers\/","url_meta":{"origin":7040,"position":2},"title":"Personal information of current and former Sony employees leaked by hackers","author":"NCCT","date":"December 18, 2014","format":false,"excerpt":"After promising a \"Christmas gift,\" hackers have leaked the social security numbers, credit card details, bank account information, healthcare information and compensation, and other employment-related information of current and former employees. Sony has warned that those affected should be on the lookout for fraudsters who might use their personal information.\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7294,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/29\/beware-fake-the-interview-movie-download-app-is-in-the-wild\/","url_meta":{"origin":7040,"position":3},"title":"Beware: Fake &#8220;The Interview&#8221; movie download app is in the wild","author":"NCCT","date":"December 29, 2014","format":false,"excerpt":"\"The Interview\" is undeniably the hottest movie of the year, which is a comedy about a plan to kill North Korea's leader, Kim Jong-un. It has also been the most controversial, backed by disputes with hackers threatening theaters who will play the said movie with physical action, and also by\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7276,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/29\/sony-playstation-network-is-back-online-now-really\/","url_meta":{"origin":7040,"position":4},"title":"Sony: PlayStation Network is back online now, really","author":"NCCT","date":"December 29, 2014","format":false,"excerpt":"After giving gamers false hope on Saturday, Sony now says its PlayStation Network has been fully restored after a Christmas Day attack that knocked it offline for about three days. At around 1 a.m. U.S. Eastern Time on Sunday, Sony declared its online gaming platform fixed and, as it had\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9890,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/12\/08\/49-years-of-video-game-consoles-in-10-minutes\/","url_meta":{"origin":7040,"position":5},"title":"49 Years Of Video Game Consoles in 10 Minutes","author":"NCCT","date":"December 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/27_xEN5srVI Believe it or not, the home video game console has been around for nearly 49 years. Yes, that\u2019s almost half a century. Since 1972, we\u2019ve seen over 30 consoles created and sold in North America, which is a ridiculous amount of consoles. That\u2019s an average of more than one\u2026","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/27_xEN5srVI\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7040","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=7040"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7040\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=7040"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=7040"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=7040"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}