Sony strikes back at data thieves, tackles torrent downloaders

Sony's security failure has been devastating, but the company is turning to technology in an attempt to halt downloads of its confidential data.

credit-cnet.jpg
CNET
The cyberattack which struck Sony last week has caused chaos, but the firm is fighting back.

Sony was the victim of a catastrophic cyberattack this month, which resulted in the theft and loss of both pre-release films and treasure troves of confidential data. However, Sony is not taking the insult lying down, and has employed counter-measures to try and at least stem the flow of stolen data.

Amazon denies Sony used AWS for denial-of-service counter-attack

Launching a counter-attack against hackers using another company's systems won't just break their agreement, but it's also illegal.

Read More

As reported by Re/Code, according to two people with knowledge of the matter, the company is using hundreds of computers in Asia to initiate denial of service attacks on websites where Sony's stolen information is available for download.

Amazon Web Services data centers in Tokyo and Singapore are being used to support the counter-attack, according to one of the sources.

In addition to denial of service attacks, a variation of the tactic is being employed across BitTorrent software.

When you download a file through torrent software, you download parts of the file from 'seeders' and 'leechers.' The former is facilitating the download of the whole file, whereas the latter are both hosting and downloading a percentage -- which eventually reaches 100 percent, turning the leecher into a seeder. However, Sony is using fake seeds -- each one of which is a computer apparently hosting the file -- to sap a downloader's software resources, bringing download speed to a crawl.

A group called Guardians of Peace are believed to be responsible for the cyberattack, although little is known about the group -- or individual.

In an email to employees this week, Sony Pictures CEO Michael Lynton and co-chairman Amy Pascal described the theft as "malicious criminal acts."

The massive batches of data have been scrutinized by media globally, and contain a vast amount of sensitive and confidential information. Passwords, mailboxes, Social Security numbers of both actors and crews, passport copies and freelancer data has all been leaked online. In addition, personal emails sent between Pascal and Lynton are not only embarrassing, but are likely to cause severe rifts between the firm and a number of actors and content providers.

Read this

FBI chief compares Chinese hackers to 'drunk burglars'

The FBI's director believes that Chinese hackers are not all that subtle, but are still prolific enough to break into networks and walk out with the goods — costing US businesses billions every year.

Read More

As noted by the WSJ, Jonah Hill, George Clooney and Angelina Jolie were all subjects of personal emails fired across the boardroom. In one particular instance, an email sent between Scott Rudin and Pascal allegedly labeled Jolie a "minimally talented spoiled brat" with a "rampaging" ego.

In addition to a treasure trove of corporate and sensitive data, five Sony-produced films have found their way onto file-sharing sites before an official release. These films include "Fury" and "Annie."

It is believed that a film Sony is due to release next year, dubbed 'The Interview,' may be linked to the security breach. North Korea has complained to the United Nations over the movie -- as the comedy documents the story of two reporters hired by the CIA to assassinate North Korean leader Kim Jong-un.

While eyes are turned towards North Korea as a potential culprit for the cyberattack due to the movie, a spokesman for the Policy Department of the National Defence Commission (NDC) of the DPRK said "South Korean puppet authorities" spread the rumor of the country's involvement.

While denying North Korea was in any way involved, the country's officials praised the cyberattack. In a statement, North Korea's officials said:

"We do not know where in America the Sony Pictures is situated and for what wrongdoings it became the target of the attack nor we feel the need to know about it. But what we clearly know is that the SONY Pictures is the very one which was going to produce a film abetting a terrorist act while hurting the dignity of the supreme leadership of the DPRK [..] the US should also know that there are a great number of supporters and sympathizers with the DPRK all over the world as well as the "champions of peace" who attacked the Sony Pictures.

The righteous reaction will get stronger to smash the evil doings."

Read on: In the world of security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All