By Sue Smith / Top Tech News. Updated December 18, 2014.
In late breaking news on Thursday, an unnamed U.S. government official told the press that investigators have solved the vexing question of how the computer network at Sony Pictures Entertainment was hacked. Rather than a sophisticated system breach or an inside job, as hypothesized by many in the I.T. security establishment, the answer was actually quite simple.
The hackers apparently gained access to Sony’s systems by obtaining the login credentials of a high-level systems administrator in Sony’s I.T. department. Once the credentials were in the hands of the hackers, they were granted "keys to the entire building," as stated by the U.S. official, who was reportedly privy to government briefings on the topic of the Sony hack.
The identity of the hackers was further clarified by tracing "signal intelligence," in addition to other methods which the official did not detail. As a result, the Obama administration laid the blame squarely on North Korea.
Major Breach, Major Fallout
The hack into computer systems at Sony Pictures resulted in the release of numerous confidential corporate documents and email files, some of which portrayed Sony’s executives negatively, even pointing to racism, according to some interpretations. Other personal information was also released, including social security numbers, and records of executive salaries and bonuses. The exposure of such information led to the filing of lawsuits by Sony employees against the company for failing to secure their data properly.
However, perhaps most damaging was the theft and subsequent posting online of some upcoming movies which were scheduled to premier in theaters during the holiday season, including "Annie," and "The Interview."
Following terrorist threats made against American theaters by the presumably North Korean hackers or their associates, several major movie theater chains have delayed or dropped plans to show "The Interview." The Sony-produced comedy starring Seth Rogen and James Franco, is likely the cause of the cyber-attack. The movie depicts a fictional plot to assassinate North Korean dictator Kim Jong-un.
When asked about the Sony hack, White House press secretary Josh Earnest said that the ongoing investigation is "being treated as a serious national security matter." Another Obama administration official indicated that the U.S. is poised to take action against North Korea. "We do think it's appropriate to respond," he said. However, the nature of the U.S. action would be "proportionate."
Data and Deterrence
The explanation as to how the Korean hackers gained access to Sony’s systems must come as a relief to I.T. software and hardware vendors, who have seen a spike in their revenue from security products in recent years, as the number and severity of cyber-attacks has increased exponentially.
While many, if not most security breaches occur as a result of newly discovered software vulnerabilities or delayed application of security patches, the Sony hack is a stark reminder of the need to “compartmentalize” data access.
Even with the best I.T. policies and procedures in place, it can be nearly impossible to protect against certain sophisticated methods of obtaining an administrator’s credentials. For example, man-in-the-middle attacks, in which hackers gain access to data, including usernames and passwords, by placing various listening devices on data cables, like those found in any neighborhood, can be nearly impossible to detect. And, although login credentials are often encrypted, powerful computer systems have the ability to crack the encryption given enough time and resources.
Is this what happened to Sony? We may never find out, as companies are extremely reluctant to disclose the methods by which their systems were breached. So, for now, all eyes are on the Obama administration’s response to North Korea, to see whether the reaction will succeed in setting a deterrent for future would-be government hackers.