Hacking crimes

On November 25, a new chapter was added to the chronicles of data theft activity. A group calling itself GOP or The Guardians Of Peace, hacked their way into Sony Pictures, leaving the Sony network crippled for days, valuable insider information including previously unreleased films posted to the Internet, and vague allegations it all may have been done by North Korea in retribution for the imminent release of an upcoming movie titled “The Interview”.

While politically motivated attacks and theft of intellectual property is nothing new, this incident certainly stands out for several reasons. First, via a Pastebin link, the group released a package and links to torrent files hosted on four sites consisting of 26 parts, broken out into 25 1GB files, and one 894 MB rar file. The files were also uploaded to the file sharing giants MEGA and Rapidgator, but removed by site managers shortly after. The researchers at RBS were able to access the files and analyze the content prior to the information going off-line, as well as reach out to GOP.

The results of the analysis provide unprecedented insight into the inner workings of Sony Pictures and leaked the personal information of approximately 4,000 past and present employees. As if the sensitive employee information wasn’t troubling enough, the leak also revealed curious practices at Sony, such as money orders used to purchase movie tickets that were apparently re-sold back to Sony staff.

The Guardians Of Peace made their contact information available for a brief time. RBS researchers used that opportunity to contact to the group seeking comment and received the following response:

I am the head of GOP.
I appreciate you for calling us.
The data will soon get there.
You can find what we do on the following link.

The link provided only led to a Facebook page that was not in use. The following time line gives more perspective and analysis of the details of the intrusion based on information made available via public sources.