Did you know that this week marks the fifth anniversary of the Sony Hack? I’m debating whether it really feels like five years. Time really doesn’t make much sense these days. The Sony Hack happened in late November 2014. It was, at the time, a novel concept, that a government would hack a private company as some kind of “payback.” At least that was the story at the time, that North Korea was mad about Seth Rogen’s movie The Interview, and NK hacked into Sony and began publishing all of the leaked documents through some kind of middleman site (sort of like Russia used Wikileaks in 2016). There were so many massive stories which came out of the hack, and the hack itself became a story, naturally. No Sony executives at that time are still in those positions – they either left or got fired.
Well, the Hollywood Reporter has a cover story about the five-year anniversary and I found it fascinating. Seth Rogen has said before that he questioned the “North Korea did it” story which was the official FBI story (the FBI investigated the hack). As it turns out, a lot of people still question it too. You can read the story here. Some highlights:
A Russian hack? In February 2015 – nine weeks after the Sony Hack – a Ukrainian hacker passed along a Sony email from Jan. 23, 2015. The Ukrainian passed it to an American cyber researcher as proof that “his Russian associate had breached Sony and could still do so at will. Despite FBI director James Comey’s “very high confidence” that Kim Jong Un was to blame, the Ukrainian source was maintaining that hackers were still accessing Sony’s system — and they weren’t North Korean.”
Many who worked for Sony in 2014 still don’t believe the FBI’s attribution: Although the FBI’s North Korea attribution was swift (it took just 25 days) and has never wavered, many of those impacted still harbor questions about what exactly happened when a previously unknown hacker group named Guardians of Peace decimated Sony’s computer infrastructure and brought one of the six major studios to its knees. THR spoke to more than two dozen insiders and executives who worked at Sony at the time, including some who still do, and more than half say they harbor doubts about the FBI’s official narrative, which maintains that the hack was a response from North Korea because leader Kim Jong Un objected to his depiction in Seth Rogen’s comedy The Interview.
Steve Mosko didn’t believe it: “I never believed it had anything to do with The Interview,” says former Sony Pictures Television head Steve Mosko, who along with former CEO Michael Lynton and Pascal, witnessed his entire email account dumped into public view by GoP.
Seth Rogen really went deep: Rogen himself remains uncertain. For him, there was one glaring red flag in the North Korea narrative. In the wake of the breach, he hired a cyber risk team at the private investigative firm Kroll, Inc. to comb through all his devices and accounts as well as those of the film’s co-director Evan Goldberg. Not only did they find no breaches, but they discovered that no hack attempts had been made. That offers a peculiar twist given that Rogen was by far the highest-profile person associated with the movie, which he starred in, directed, produced and co-wrote. “I’ve got to say, the fact that we were never really specifically targeted always raised suspicions in my head,” Rogen tells THR.
Other theories: Still, alternate theories and conspiracies circulate widely among former and current executives. Some believe it was the work of Russian hackers hired by a Sony investor looking to profit from a post-hack stock collapse. Others speculate it was a disgruntled former employee who specifically targeted top executive brass. Perhaps the wildest rumor that still enjoys traction involves the wife of a former head of a rival studio, who is said to have helped her friend land a job at Sony sometime before the hack — and that friend turned out to be a Russian honeypot who gave hackers entry into the system.
The rest of the story is about how Russian hackers were likely the ones to do it, and I’m starting to believe that too, especially given everything we’ve seen unfold since then. At the time, I didn’t really believe the North Korea story either, or I just questioned if it was North Korea ALONE. It had the feel of one group of organized hackers working alongside a political group with an objective of merely sowing chaos. Sound familiar? But yeah, I always thought that there was some kind of inside man too, and that some disgruntled employee “helped” the hackers at some point. Why on earth did the FBI insist it was North Korea and then just close the case?
Something else I’ve always wondered about in retrospect is IF the Sony Hack was done by Russia, was it a dry run for Russian hackers’ multi-pronged activities in 2016? People might forget that the Russian hackers not only targeted the DNC and Hillary Clinton, but they also attacked the ICC/Olympics and released data on Olympic athletes because Russian athletes were banned from competing in Rio under the Russian flag.
Photos courtesy of WENN, THR.
It was probably the Ukrainians!!!!
Lol!
Someone else? Mickey Mouse, you should be ashamed of yourself!
All joking aside though, little will surprise me these days. I don’t think a disgruntled employee though; they certainly would have gone after the private emails of the heads, but this was sooooo in depth. A lot of celebrities but also a lot of below the line people got private addresses and phone numbers leaked through exposed reimbursement claims and such. It really did target everything and everyone. I doubt we will ever know the full story.
Fun fact-Kroll Inc. is owned by comedian Nick Kroll’s father.
I was just going to say, I wonder if Kroll Inc is any relation to Nick Kroll!
Was. He sold it in 2004 and left in 2008. No affiliation anymore.
It has ALWAYS been my suspicion that Russia were the actual hackers. So none of this is all that surprising to me. What IS surprising is that the FBI would lie about it. What do they gain by not simply stating it was Russia? At that point our relation with Russia were already strained and pretty much non-existent.
I never believed this was the work of North Korea. You don’t get hackers of a decent caliber when most of your country does not have electricity, let alone access to the necessary tech or internet.
v interesting, this was around the time of the US sanctions against Russia because of the Ukraine too…
I really don’t think North Korea has the highly skilled, super-organized hackers to pull off such a massive breach. And if they did, I honestly don’t think they’d waste it on Sony over a Seth Rogen movie.
NK might have whined to Russia about the movie, like “you know what, it would be nice if someone could humiliate them too, wink nudge.” More likely, Russia attacked Sony as a show of power, and did so at a time when *conveniently* another country hostile to the US was making a big stink.
The brilliance, dedication, and long-term planning of Russian intelligence really cannot be overstated. Strategic, long-term thinking is where the US fails — the US doesn’t give much thought to second- and third-order effects, and can’t grasp that “winning hearts and minds” (not military might) is the key to long-term success.
Which is probably why the FBI was all, “this is easy, looks like North Korea did it, let’s mark this case closed and go have some beer.”
Nah, the North Koreans have huge cyber armies (like the PRC, Russia, the US, and any other major military-heavy country) and they had every reason to do this. Russians wouldn’t really waste their money/resources on this. Govt agencies have a strong motivation to demonise the Russians at every turn (garner more support for the military/intelligence forces by making the threat more serious than it already is) and they admit it’s the NKs. My money’s on NK, where you DO NOT insult the head of state.