Sony Pictures Entertainment will not capitulate to cybercriminals despite the company’s systems being completely overrun by attackers, according to Sony group CEO Kazuo Hirai.
In his first public appearance since the 24 November data breach, Hirai told attendees at CES 2015 in Las Vegas that the company worked tirelessly to launch the controversial movie "The Interview". Hirai said Sony did not capitulate to the Guardians of Peace, the hacking group that claimed responsibility for the attack.
In his appearance at CES, Hirai said the company was “unfortunately the victim of one of the most vicious and malicious cyberattacks we've known certainly in recent history.”
"I'm very proud of all the employees and certainly the partners that we've worked with as well who stood up against some of the extortionist efforts of the criminals that actually attacked Sony Pictures and its employees,” Hirai said. “Freedom of speech, freedom of expression, freedom of association - those are very important lifelines of Sony and our entertainment business.”
The FBI said its investigation of the breach revealed infrastructure, malware and techniques that link to North Korea’s role in the attack. The group struck Sony using destructive malware designed to wipe hard drives and internal system startup commands clean. The attackers then leaked email messages, confidential employee data and unreleased movies. Initially the group attempted to extort Sony but later demanded it cancel the Christmas release of the Seth Rogen and James Franco comedy.
Hirai’s remarks come just a week after a security firm reportedly found evidence that points to a potential insider role in the attack. Kurt Stammberger, a senior vice president at Norse Corp., told reporters that the company has uncovered evidence pointing to six current or former employees that may have played a role in the attack. The Norse research analysed leaked documents and posts in criminal hacking forums, which it said reveals a possible insider threat.
Norse did not disclose how the correlated information pointed to an insider involvement. Meanwhile, the FBI is standing by its official announcement linking North Korea to the Sony attack. A technical analysis of the destructive malware used in the attack has been linked in other campaigns waged by North Korea, the FBI said. The attackers also used infrastructure previously linked to North Korea.
Solution providers told CRN US that the Sony breach could have happened at just about any organisation. Despite some basic security lapses, the attackers were relentless in their effort to gain access to their target. The extent of the attack and the unfettered access that the criminals achieved is not surprising given the increasing sophistication of threats and fairly easy access to stolen account credentials, said Jim Matteo, a channel industry veteran and CEO of Bird Rock Systems.
“The [attackers] have taken it to another level by taking intellectual property and it raises concerns in the minds of customers as to what a breach can lead to,” Matteo said.
PUBLISHED JAN. 6, 2015
This article originally appeared at crn.com