Investigating the Sony Hack Part 1


By now, everyone should be familiar with the high-profile information hack of one of the largest corporations in the world – Sony. We recently declared this year the “Year of the Data Breach,” and for good reason. Millions of people have been affected by the recent, headline-grabbing hacks of some substantial targets, including Target, Apple, and Staples. However, as important as those hacks have been for underlining every corporation’s weakness to cyberhackers, the Sony hack stands above all. In this three-part series, we’ll investigate how the hack happened, how hackers steal your information, and what this recent hack means for your business.

How Did the Hack Happen?

Although all signs point toward North Korea, the origin of the hack is still unknown. The U.S. government has blamed the isolationist country for what appears to be the largest hack in history, but some cyber security experts have cautioned the government not to place blame so quickly. Peter W. Singer, former director of the Center for 21st Century Security and Intelligence spoke with The Wrap about the attack, and how he believes it occurred.

“The attack has the hallmarks of an advanced persistent threat, or A.P.T.,” he explained. “The [hackers] had a specific target in mind. It’s not like they were after any old bank or studio, it looks like they specifically went after Sony. That’s persistence.” In the interview, he also compared the hack to other breaches using a Hollywood metaphor: “This is the difference between a street mugging and an ‘Ocean’s Eleven heist.”

According to Singer, organizations who attempt A.P.T. hacks are well-founded and large. Forget the cliche of a single person alone somewhere in a basement, the Sony hack was orchestrated by a team of hackers working constantly to undermine Sony’s cyber security. One they were in, they plundered everything, from personal emails to move scripts to advanced screenings, resulting in some bad press and the decision not to release their film “The Interview” in theaters.

Singer outlines three ways in which the hack likely happened. These are “The Candy Drop,” “Spear-Phishing,” and a Hacked electronic cigarette.

What is a Candy Drop?

A Candy Drop is exactly what it sounds like. A cyber criminal drops a physical object somewhere that someone with access to the network they want to hack will find it. Singer uses the example of a foreign government getting hacked by North Korea in the past: a North Korean spy dropped an infected memory disk outside of a military base. Coming into the base in the morning, a soldier picked it up, and “like a kid finding a piece of candy,” put it in his pocket. Later, when he put the disk into the computer, the virus took its toll, giving North Korean hackers access to the network.

What is Spear-Phishing?

According to The Wrap: “Spear-phishing is a pointed twist on a tried and true email scam. Hackers target a specific business, sending emails out to employees trying to trick them into clicking on a link that would compromise their system. In this day and age, one might assume most online users are on the lookout for email hacking scams, but that’s not necessarily the case. One of the most high-profiled spear-phishing success stories involved diplomats at a recent G20 summit who infected their own network by trying to download pornography.”

Singer elaborates that the email claimed that, if the user clicked the link, they would be treated to a photo of the former French First Lady sans clothing, and what government official could resist that? Once they clicked the link, the deed was done, and they installed spyware on the government computers.

A Hacked Electronic Cigarette?

Singer’s last example involved a malignant entity going compromising someone’s network in a completely unexpected way.

“Someone wanted to go after a specific company so they figured out the way in was through one of the company’s senior executive who had recently quit smoking real cigarettes,” Singer explained, though he wouldn’t reveal which company was compromised. “They noticed he was now using electronic cigarettes, so they [hacked his system] through the e-cigarette’s USB charging port.”

While there’s currently no solid proof which method North Korea or whichever perpetrated hacked the Sony network used to gain access, it’s slowly become clear that the hackers must have used a combination of keystrokes and planning, like something out of a Hollywood movie, to gain access to the systems.

Check back for Part 2, where we’ll explore other methods hackers use to gain access to your information.

To discover how E-Complish keeps your information and your customers save, visit our Solutions page, where you’ll find a diverse set of fully PCI-Compliant payment solutions.