Sony Pictures for Sale: Russian Hackers May Be Selling Access According to U.S. Firm
Sony can’t seem to catch a break lately. Between the giant hacking scandal that took place throughout December and the aftermath of their secrets spilled all over the web, the movie production portion of their business has gone through serious struggle.
Now, just one month after Sony Pictures may have thought their initial struggles were over, Taia Global is claiming that they’ve found evidence of Russian hackers selling information about Sony for months. In a recent report, Taia Global explained how Sony fell victim to the hack and what the current situation is with the hackers.
A team of Russian hackers gained access to Sony Pictures Entertainment Culver City network in late 2014 by sending spear phishing emails to Sony employees in Russia, India and other parts of Asia. Those emails contained an attached .pdf document that was loaded with a Remote Access Trojan (RAT). Once Sony employees’ computers were infected, the hackers used advanced pivoting techniques to gain access to the Sony Pictures Entertainment network in Culver City CA where they continue to have access as of today
With the evidence they’ve gathered, they said two theories are supported – the newfound Russian hackers and blamed North Korean hackers attacked Sony separately, or the North Korean government was telling the truth when they denied involvement.
The Evidence that Russia Held the Sony Hackers
Taia Global’s evidence is thorough, and they believe it points the discussion away from North Korea’s involvement that U.S. officials claimed to be significant. In fact, Admiral Michael Rogers of the NSA was quoted in their report saying, “This was North Korea. Let there be no doubt in anyone’s mind.”
The Directors of the FBI and NSA have both made public statements affirming the DPRK as the responsible party. However, Taia Global has recently received evidence that proves that Russian hackers also breached Sony and as of this report’s publication date, those hackers still have access to Sony’s network. This does not rule out North Korea’s involvement however it does raise questions about how contradictory evidence presented by numerous researchers and companies including Taia Global was evaluated.
A famous black hat Russian hacker named Yama Tough agreed to help Taia Global uncover who was behind the Sony hack. Together, they ended up finding an unnamed Russian hacker – referred to as URH – that the two believe is clearly responsible for the breach.
According to Taia Global, URH told Tough that he sent phishing emails to Sony employees in Asia and Russia, describing a pivoting technique he used to move inside the Sony network. Taia Global also revealed that Sony Pictures is still in a state of breach.
Sony Pictures Entertainment, who has been relying upon one or more cyber security companies for its incident response, is still in a state of breach. Sony documents dated as late as January 23, 2015 were provided to Taia Global from Yama Tough’s Russian source who appears to have at-will access to the company.
The U.S. based firm also continues to question the first claims that North Korea was behind the attack, but are not closing the book on the possibility.
Images from Shutterstock.