Are North Koreans still targeting Sony?

• Sony confirmed that some personal information has been compromised. 
• The company experienced two hacks in four months in 2023. 
• Sony’s PlayStation hack and Sony Pictures hack were the previous significant cyber incidents for the company. 

In 2014, Sony Pictures Entertainment was hacked by a group allegedly linked to North Korea. The hackers leaked personal information and information on the film company’s upcoming films. The hack was also part of criticism of a film that centered around a comical assassination attempt on the North Korean leader.

While the North Korean regime had denied the hack, US government agencies, including the FBI and NSA, had evidence supporting their claim. The impact of the Sony hack, however, sent ripples not just in the film industry but the world as well, especially on how the hackers could have easily accessed email content.

Since the Sony hack in 2014, several lessons have been learned. First, companies worldwide are paying a lot more attention to email security and passwords. Since Sony was not using strong cybersecurity protection, it made it easier for the hackers to compromise emails and release content to the public.

Another lesson is the importance of having a backup. Sony did not have sufficient backup back then and could not recover most of the compromised files. The hackers accessed many sensitive and confidential data from Sony Pictures’ computer systems. This included unreleased films, scripts, and other intellectual property. The attackers also leaked several unreleased movies online, which financially impacted the company.

Most importantly, the hack prompted companies to use more encryption and breach detection tools. The fact that Sony overlooked terabytes of data leaving the network was a great concern back then. Today, encryption is the core of data protection for companies, while threat intelligence and detection tools are a prerogative that companies can’t afford to compromise.

A history of cybersecurity incidents at Sony 

While the Sony hack of 2014 is probably the biggest the company has ever experienced, it is not the first time Sony was hacked, nor was it the last time. In 2011, Sony’s PlayStation experienced a cyberattack that compromised 77 million accounts.

The 2011 PlayStation Network outage resulted from an external intrusion on the gaming network and Qriocity services. Not only were accounts compromised, but users could not access their PlayStation 3. Sony had to deactivate its PlayStation network servers for 23 days.

The hack also resulted in losses amounting to US$171 million and multiple lawsuits. This led to Sony amending its PlayStation Network terms and conditions.

Unfortunately, that was not the only time cybercriminals compromised Sony’s PlayStation. Fast forward to 2023, and the company has just confirmed another cybersecurity incident.

According to a report by Bleeping Computer, Sony has notified current and former employees and their family members about a cybersecurity breach that exposed personal information. About 6,800 individuals have been compromised after an unauthorized party exploited a zero-day vulnerability in the MOVEit Transfer platform.

The Clop ransomware leverages the zero-day vulnerability for large-scale attacks that have compromised organizations worldwide. Interestingly, the Clop ransomware gang added Sony Group to its list of victims in late June, but the firm did not provide a public statement until now.

That’s not all. Reports also show that Sony had also experienced another cybersecurity incident. Allegations on hacking forums show that 3.14GB of data had been stolen from Sony’s systems. While Sony has responded to the claims, stating an ongoing investigation, Bleeping Computer noted that the leaked data set contains details for the SonarQube platform, certificates, Creators Cloud, incident response policies, a device emulator for generating licenses, and more.

Is North Korea involved in the 2023 Sony hack? 

While it’s been almost a decade since the Sony Pictures hack, the reality is least likely that the current hack involves North Korean hackers. The Clop ransomware group is a Russian gang known for demanding high victim payments.

Secondly, North Korean hackers have been targeting other targets instead. Reports show that North Korean hackers targeted Russian diplomats and successfully breached a Russian aerospace research institute earlier this year.

In a report by Microsoft, North Korea is a capable cyber threat, focusing on intelligence gathering and the theft of cryptocurrency needed to generate revenue for the state. Several of North Korea’s threat actors have targeted the maritime and shipbuilding sectors, suggesting this is a high-priority area for the North Korean government. Interestingly, North Korea has also supported Russia in its war on Ukraine.

Meanwhile, Russian hackers like the Clop ransomware group and Ramsomed. vc – which claims to have infiltrated Sony’s systems, operates mainly from Russia. Interestingly, most of the members of Ransomed.vc operate out of Russia and Ukraine.

Is my Sony account compromised?

Given the recent cyber incidents, Sony PlayStation users have been concerned about their details. While most are worried that their details were compromised, a lot more were concerned about the status of their gaming accounts with Sony.

A check online showed an increasing number of users thinking of deleting their Sony accounts. At the same time, with the holiday season fast approaching, there are concerns that the recent hacks could impact the sale of the much-anticipated PlayStation 5 Slim, which is due to be released.

Gamers are already excited about the new features in this model. The slim design of the PS5 Slim significantly boosts storage capacity, including 1TB for both the standard PS5 and the digital edition, a notable leap from the 825GB found in the original models.

Will the recent hacks have an impact on sales? Only time will tell. For now, there has not been any downtime on the gaming service, but until the problem is resolved, the public may be skeptical about using and purchasing games with their Sony accounts.

Sony has also reminded users to check their PlayStation Store transactions. If the transaction history doesn’t explain the charges, users are advised to change or reset the passwords of their accounts as well as contact the company for more assistance.

---

---

---