The film "Interview" was removed from hire due to threats of hackers

US authorities are confident that North Korea is behind the attack on Sony Pictures

Sony Pictures has decided not to start the movie The Interview ("Interview") because of the threats of hackers to arrange something like the September 11 terrorist attack. This is not limited to this: there are no plans for the release of paintings on digital media either.

Threats came from the GOP grouping, which pumped overhead data from the film company’s corporate network, cleaned up the contents of the hard drives and announced a hack.

The main requirement is to stop work on the Interview, which has not yet come out as a comedy fighter, in which two Americans must kill the DPRK leader on the instructions of American intelligence. The US authorities seriously believe that North Korea is behind the attack. However, this confidence raises several questions.

In North Korea, this story was very, very negative. It is not only the state that American intelligence agencies want to decapitate in the film, but also the name of the national leader. The actor playing Kim Jong Un is very much like his character. This is not just another unfriendly fictional country and some local king, the film is in fact a joking threat to the life of the head of a real state.
')
Sony Pictures itself does not help much in improving the attitude to the picture. If you look at the movie poster, you can see the inscriptions in Korean. This is not just some nonsense, the text is important and intended for people on the other side of the DPRK's iron curtain. For example, the inscriptions on the bombs claim that war will be unleashed. The film also had a colorful scene of toasting the leader , but it was still cut out.

Start rolling was planned for December 25th. But a couple of days ago, hackers promised to arrange terrorist acts of scale attacks on the twin towers of September 11, 2001 in those cinemas, on the screens of which the problem film will be shown. After that, the largest cinema chains postponed the start of the Interview.

In response, Sony Pictures decided to completely cancel the film. Including, the exit on optical disks is canceled . Most partners refused to hire “Interviews”, which forced Sony to take this step. On Wednesday, all the mentions of the film disappeared from the Sony Pictures website , as if it had never existed. There was information from insiders that options were being considered for selling the film through paid streaming to discourage at least some of the $ 42 million budget of the film and tens of millions of advertisements, but this had to be abandoned.

By the way, the cancellation of rentals means that posters acquire high collection value. Now their price has gone beyond 500 dollars .

On December 17, US government officials stated that Sony Pictures was hacked by North Korea. The White House considered the option of formally accusing the DPRK of cyber-terrorism. However, this promises conflict and disputes, which is beneficial for the North Korean side, say other officials. It can also interfere with the Japanese side in negotiations on the return of abducted citizens , since Sony is a cult Japanese company. The US government is weighing decisions and a potential response.

Team attack servers are located all over the world: in Singapore, Thailand and other countries. Among them is a server in Bolivia, from which they attacked targets in South Korea two years ago. This prompted the North Korean involvement in cracking.



But these charges have already caused a number of doubts about their correctness. Mark Rogers points out some basic details that raise questions:

• English is bad, but the level of proficiency does not demonstrate any of the typical mistakes of a person for whom Korean is native . Rogers writes that he had the impression that he was writing a carrier, specially arranging errors.
• The fact that the code was written and compiled on a computer with Korean language settings is not so straightforward. It's not just the difference between the dialects of South and North Korea . Differences are particularly pronounced when it comes to technical terms. In South Korea, many of these words are borrowed from other languages: in Korean “helicopter” will be 헬리콥터, and the pronunciation is very similar to the English helicopter. In North Korea, the literal translation is "transport that takes off vertically." Borrowing is not prohibited, but not approved . Do not forget how easy it is to change the settings before compiling.
• From the hard-coded passwords in the code of the attacking programs and the paths to network resources, it becomes obvious that someone wrote them with knowledge of the internal structure of the corporate network of Sony Pictures. Motivation insider - revenge. Of course, the attackers could get this data themselves, gradually collecting information. But Occam's razor principle states that the simplest explanation is the most correct one.
• The attack was made out of revenge: the information and access that hackers had promised a good profit. Passwords from financial accounts and business documents could be easily sold, or at least try to demand a ransom for them. Instead, Sony Pictures were forced to incur huge losses and stand idle because of the need to restore the performance of the service network after the complete removal of data. Would you miss this level of access to the heart of Hollywood in the DPRK? However, if we exclude the Interview, it is unlikely that Sony Pictures had any strategic interest for North Korea.
• The GOP fixed its attention to the “Interview” after mentioning an attack in the media about the Kim Jong-un film. In an early GOP post, there is no mention of “Interview” .
• Attackers are good at using the Internet and social media. Grugq writes that any sample of the DPRK propaganda causes surprise and laughter with high pomp and semi-official ideological statements. But hackers from the GOP communicate via Pastebin, they distribute huge archives of personal data over bittorrent and write to reporters by e-mail in English. According to Grugq, the hackers handwriting is much more elegant than what North Korea is capable of. To communicate with the media would require a person with relevant knowledge, because in the DPRK, access to the external Internet can be obtained by rare individuals.
• This hacking may be well suited to incite hysteria against the DPRK.

The attack became known on November 24th . Workers Sony Pictures found on the screens of their computers a strange picture, where it was reported about hacking and links to archives with lists of stolen data were given. Later, some of these files were published, among the laid out were promotional copies of films and personal information of employees, including their social security numbers and addresses. The GOP claims that a total of 100 TB of data were stolen.

Some of the technical parameters of the attack suggest that North Korea stands behind it. This is the Korean language of the machines on which the programs for the attack were created, and the similarity of the methods (in particular, the RawDisk driver) to what they used to crack the media companies and banks of South Korea in 2013. Responsibility for the last attack is often attributed to the DPRK.