Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Sony cyber attack: North Korea fades from suspicion as PlayStation servers used to spread stolen material

State-sponsored attackers don’t create cool names for themselves, expert says

Andrew Griffin
Wednesday 03 December 2014 11:33 GMT
The photo, which Reddit users said had been posted across Sony Pictures computers (Links have been blurred out)
The photo, which Reddit users said had been posted across Sony Pictures computers (Links have been blurred out)

A hack that took down Sony Pictures’ computers for a week, leading to stolen films apparently being distributed over PlayStation servers, was unlikely to have been carried out by North Korea, experts have said.

Speculation has swirled that North Korea carried out the attack, in retaliation for a mocking film to be released by the company this Christmas, and the country’s refusal to deny its involvement helped add to the claims. But experts have said that it was more likely a group of private ‘hacktivists’.

“State-sponsored attackers don’t create cool names for themselves like ‘Guardians of Peace’ and promote their activity to the public,” cybersecurity expert Lucas Zaichkowsky told the Washington Post.

Similar hacktivist groups have targeted Sony in the past, he said.

The identity of Sony Pictures’ hackers has been unclear since last week, when it broke into computers and placed a message on them identifying themselves as ‘GOP’, which is thought to stand for Guardians Of Peace. The group has only communicated through mysterious online messages, and has given no apparent clues to its identity, location or motives.

The group appeared to have leaked films online, including Fury and Annie, last week. It is also thought to have data including sensitive documents from film starts including Angelina Jolie and Cameron Diaz.

While the data didn’t appear initially to have made its way online, apart from the documents’ names, though some of the data may have made its way online.

It appeared to have been shared through Sony PlayStation website servers, reported The Register. That could mean that the hackers have control of Sony servers and are using them to distribute the information, or it could be an indication that the company is pushing out data to catch would-be thieves, the website speculated.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in