Sony Entertainment is unable to confirm that hackers have been eradicated from its computer systems more than a month after the film studio was hit by a debilitating cyberattack, a report says.
The chief executive, Michael Lynton, has described how the company came up with an old-style communications system based on a “phone tree” to relay updates on the hack from person to person. An old cache of BlackBerrys was also brought into action because the phones receive e-mail via their own servers.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at firstname.lastname@example.org.
“It took me 24 or 36 hours to fully understand that this was not something we were going to be able to recover from in the next week or two, ” Lynton told the Wall Street Journal.
Citing two people familiar with the investigation, the WSJ said investigators were unable to confirm that the hackers had been eradicated from Sony’s systems. If the systems remain secure, Sony’s network is expected to be fully operational within the next two months but hackers have so far released only a tiny fraction of the 100 terabytes of data they claim to have stolen.
A group calling itself Guardians of Peace claimed responsibility for the hack in November, which resulted in the leak of current blockbusters, embarrassing private e-mails and the personal information of more than 47, 000 people, including staff and a handful of film stars, the report said.
In the devastating cyberattack, mountains of documents were stolen, internal data centers were wiped clean and 75 percent of Sony’s servers were destroyed. Everything and anything was taken – contracts, salary lists, film budgets, medical records, social security numbers and five entire movies, according to the New York Times.
North Korea is suspected of being involved in the assault, which preceded the release of the Sony Pictures film “The Interview”, a James Franco and Seth Rogen comedy that depicts an attempt to assassinate leader Kim Jong-un, The Guardian said.
The North Korean ambassador Ja Song-nam described the film’s release as an “act of war” in a letter to the UN secretary general, Ban Ki-moon, in July, while the North Korean foreign ministry threatened “merciless countermeasures” if the US allowed it to be released. But Pyongyang has denied involvement in the cyberattack, according to the report.
Lynton said Sony’s IT department had scrambled to get basic systems such as e-mail back online over the Thanksgiving holiday weekend while the FBI and investigators from the cybersecurity firm FireEye searched for clues as to who had accessed the systems.
Lynton said his priority was to make the key decisions quickly in the wake of the attack. “You can’t be caught in the headlights doing nothing, ” he said.
The film has taken more than $18 million in digital and box-office revenues, making it Sony Pictures’ biggest ever online film release, helped by the publicity around the hack and offsetting its $44m budget, The Guardian said.