14 DAY TRIAL // In the wake of the system breach at Sony Pictures Entertainment (SPE) last week, the company called in the FBI to look into the incident and determine who the intruders were.
Sony also hired FireEye’s incident response firm Mandiant, Reuters says, to carry out the forensic investigation on their systems and find out more details about the attack, which has been claimed by a group calling themselves Guardians of Peace (GoP).
GoP leaks sensitive data from Sony computers
After breaking into the network, the group posted on the screen of the employees’ computers an image announcing that they had been “Hacked by #GOP,” and that internal confidential information had been taken from the systems, providing the hosting addresses.
It appears that some users managed to get the data exfiltrated by GoP from Sony and examined it, according to a thread on Reddit last week.
Users found documents with passwords for different internal services, email addresses, information about actors in Sony movies (passport copies), and financial information.
Unreleased motion pictures shared on torrent sites
Movies that have not been released yet by Sony have been seen on torrent trackers over the weekend, and they appear to be linked to this intrusion, mainly because they have the company watermark on them.
Titles like “Annie” (release date: December 19, 2014), “Still Alice” (US release: January 16, 2015), “To Write Love on Her Arms” (to be released in 2015), and “Mr. Turner” (US release date: December 19, 2014) have already been downloaded through peer-to-peer networks.
These are studio DVD screeners, and according to information from Variety, “Annie” has been downloaded from more than 206,000 unique IP addresses, “Still Alice” has been downloaded from at least 103,000 addresses, while statistics for “To Write Love on Her Arms” show that it had reached almost 20,000 downloads on the last day of November.
Mandiant and the FBI are involved in the investigation
At the moment, there are no official details available about the incident, since the investigation is still at the beginning and efforts are made to determine how the breach occurred and how the hackers gained access to the sensitive materials.
Mandiant is a security incident response company that focuses on identifying the damage caused by a breach, as well as the path followed by the attackers to reach sensitive information on the network.
The forensics unit is also tasked with cleaning the systems of malware in order to prevent further leakage of data and restore the computer in order to resume normal activity.
