A security firm claims it was Russia that hacked Sony — and that it still has access
By Rob Price From Business Insider
Sony Will Delay Official Submission Of Its Third Quarter Results After Hacking
There’s a new twist in the story of the devastating hack on Sony Pictures late last year: A security firm says Russian hackers also secretly played a part in the attack. And, the firm says, the hackers still have access to the movie studio’s computer systems.
Taia Global released a report Wednesday alleging that Russian hackers managed to gain access to Sony Pictures Entertainment’s computer systems at the same time the hacking group known as Guardians Of Peace launched a massive attack on the studio, as reported by PC World.
Vast quantities of confidential company information were published online in the hack in December, including movie screeners and executive emails. The prevailing consensus is that North Korea was responsible, as retribution for the James Franco comedy “The Interview.” The American government has publicly blamed the reclusive authoritarian state for the hack. Some security researchers had previously disputed this, and Taia is now challenging the narrative.
Taia CEO Jeffrey Carr says he has received multiple files from a source, Russian hacker “Yama Tough,” that appear to be internal Sony Pictures documents that were not included in any Guardians Of Peace data dumps. At least one document has been verified as legitimate by its author, Taia says.
Tough allegedly received the documents from a member of the “assault team” behind the hack, referred to as “Unnamed Russian Hacker,” or URH. URH is a Russian “long-time black hat hacker who does occasional contract work for Russia’s Federal Security Service.”
Perhaps most significantly, Taia says Sony Pictures is “still in a state of breach.” Taia’s report says it has received documents from Sony from late January 2015, long after the hack supposedly ended. URH “appears to have at-will access to the company,” the security firm says. (Sony Pictures would not comment on Taia’s findings.)
Why would the Russians hack Sony? One theory is that before people began linking the hackers to North Korea, the hackers had originally demanded money from Sony. (Sony execs didn’t read that email … until it was too late.)
From this, the Taia Global suggests two possibilities:
Russian hackers attacked Sony Pictures Entertainment, either at the same time or shortly after the attack from (the presumably North Korea-linked) Guardians Of Peace.
North Korea was not involved with the Sony attack after all, and it was Russian hackers after all.
There is a third option, however, that Taia does not consider. It’s that North Korea (or North Korean-affiliated hackers) was solely responsible for the attack but at some later date the previously unseen documents left their possession, eventually reaching Taia. An unknown intermediary may have fooled Yama Tough by falsely claiming to be URH. Or Tough could be lying to Taia about where he got the documents from (he could have even stolen them himself). Either possibility would mean there is not necessarily any Russian involvement — but if the documents are legitimate, it would nonetheless provide a new avenue of investigation.
Carr told Forbes he had “full trust in his source,” though he conceded the material could come from “Yama Tough himself, but he’s denying that.”
Taia has pushed alternative theories on the origins of the Sony hack before. A “linguistic analysis” it carried out on the known statements of Guardians Of Peace shows, the company says, that the hackers are likely to be Russian speakers.
Seth Rogan The Interview REUTERS/Kevork DjansezianCast members James Franco, left, and Seth Rogen at the premiere of the film “The Interview” in Los Angeles.
For more on this story go to:: http://uk.businessinsider.com/a-security-firm-claims-it-was-russia-that-hacked-sony-and-that-they-still-have-access-2015-2?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+businessinsider+%28Business+Insider%29#ixzz3RGaGQLhi