1 00:00:04,400 --> 00:00:07,800 Speaker 1: Welcome to Tech Stuff, a production from I Heart Radio. 2 00:00:12,119 --> 00:00:15,000 Speaker 1: Hey there, and welcome to tech Stuff. I'm your host, 3 00:00:15,160 --> 00:00:18,439 Speaker 1: Jonathan Strickland. I'm an executive producer with iHeart Radio and 4 00:00:18,480 --> 00:00:22,639 Speaker 1: I love all things tech. And for today's show, I 5 00:00:22,800 --> 00:00:27,720 Speaker 1: thought I would cover kind of an infamous thing that 6 00:00:27,880 --> 00:00:32,520 Speaker 1: happened in tech a few years ago. So in hackers 7 00:00:32,640 --> 00:00:37,360 Speaker 1: infiltrated the computer systems of Sony Pictures and they stole 8 00:00:37,440 --> 00:00:41,239 Speaker 1: an enormous amount of data. This was one of the 9 00:00:41,320 --> 00:00:47,840 Speaker 1: highest profile incidents of hacking in that decade, and it 10 00:00:47,880 --> 00:00:53,360 Speaker 1: involves everything from political posturing to the studio of Sony 11 00:00:53,479 --> 00:00:55,360 Speaker 1: waffling over whether or not it was actually going to 12 00:00:55,440 --> 00:00:58,680 Speaker 1: release a movie. So I thought we could revisit that 13 00:00:58,760 --> 00:01:01,639 Speaker 1: story kind of walk through you to see what we 14 00:01:01,680 --> 00:01:05,040 Speaker 1: know about it and what we suspect, or maybe it 15 00:01:05,240 --> 00:01:08,560 Speaker 1: might be more accurate to say, you know, what is 16 00:01:08,600 --> 00:01:11,319 Speaker 1: the official stance of the FBI, and what do other 17 00:01:11,360 --> 00:01:14,600 Speaker 1: people think, and also what has happened since, including how 18 00:01:14,640 --> 00:01:18,040 Speaker 1: the people accused of being behind the attack also stand 19 00:01:18,120 --> 00:01:21,760 Speaker 1: accused of other cyber crimes. And I should point out 20 00:01:21,840 --> 00:01:26,399 Speaker 1: that early on a lot of these details um around 21 00:01:26,400 --> 00:01:28,960 Speaker 1: the hack. I mean even now, they still remain unknown, 22 00:01:29,760 --> 00:01:33,160 Speaker 1: or at least if they are known, the folks who 23 00:01:33,280 --> 00:01:36,640 Speaker 1: know it are kind of keeping it to themselves. And 24 00:01:37,040 --> 00:01:39,240 Speaker 1: you know, there's a lot of speculation out there, with 25 00:01:39,360 --> 00:01:43,760 Speaker 1: conflicting accounts as to when things got started, why the 26 00:01:43,800 --> 00:01:46,440 Speaker 1: hack happened, and who is behind the whole ding dang 27 00:01:46,560 --> 00:01:50,400 Speaker 1: darn thing. There's even a suspect whom an entire country 28 00:01:50,400 --> 00:01:55,360 Speaker 1: insists does not actually exist. So it's a legit mystery, 29 00:01:55,400 --> 00:02:01,440 Speaker 1: including conspiracy theories and enormous consequences. But let's begin with 30 00:02:01,560 --> 00:02:05,800 Speaker 1: the morning of Monday, November twenty four, two thousand fourteen. 31 00:02:06,760 --> 00:02:10,320 Speaker 1: Sony Pictures employees come in to go to work. Yeah, 32 00:02:10,360 --> 00:02:13,240 Speaker 1: they boot up their machines and they see something that 33 00:02:13,280 --> 00:02:17,160 Speaker 1: could have come straight out of a Sony Pictures film. 34 00:02:17,240 --> 00:02:19,120 Speaker 1: In fact, it feels like something straight out of the 35 00:02:19,240 --> 00:02:25,040 Speaker 1: nineties movie A red Skeleton Cartoons skeleton appears on their 36 00:02:25,080 --> 00:02:28,720 Speaker 1: computer screen, and then their computer speaker system plays the 37 00:02:28,800 --> 00:02:32,360 Speaker 1: sounds of gun shots, and there's a message that pops 38 00:02:32,480 --> 00:02:37,240 Speaker 1: up that says hacked by hashtag g O P. Now 39 00:02:37,320 --> 00:02:40,120 Speaker 1: for Americans, that might have caused a little bit of 40 00:02:40,160 --> 00:02:44,520 Speaker 1: confusion because here in America, GOP typically stands for Grand 41 00:02:44,560 --> 00:02:48,520 Speaker 1: Old Party. It's another name for the Republican Party, the 42 00:02:48,560 --> 00:02:52,480 Speaker 1: one commonly associated with conservative political views here in the 43 00:02:52,560 --> 00:02:57,680 Speaker 1: United States. But that was not the GOP behind this attack. 44 00:02:58,880 --> 00:03:04,040 Speaker 1: This GOP stood for Guardians of Peace. As to who 45 00:03:04,120 --> 00:03:07,320 Speaker 1: was behind that, well, it's obviously a big part of 46 00:03:07,360 --> 00:03:11,480 Speaker 1: the mystery. There was a further bit to this message. 47 00:03:11,520 --> 00:03:15,280 Speaker 1: It wasn't just hacked by hashtag g OP. It read quote, 48 00:03:15,760 --> 00:03:19,160 Speaker 1: We've already warned you, and this is just a beginning. 49 00:03:19,600 --> 00:03:23,679 Speaker 1: We continue till our request be met. We've obtained all 50 00:03:23,720 --> 00:03:28,000 Speaker 1: your internal data, including your secrets and top secrets. If 51 00:03:28,080 --> 00:03:31,560 Speaker 1: you don't obey, us will release data below to the world. 52 00:03:32,000 --> 00:03:36,320 Speaker 1: Determine what will you do? Till November two p m 53 00:03:36,440 --> 00:03:40,040 Speaker 1: g MT End quote. Then there were data links to 54 00:03:40,160 --> 00:03:43,200 Speaker 1: a list of the assets the hackers had stolen from 55 00:03:43,240 --> 00:03:49,720 Speaker 1: Sony's systems. Employees found that pretty much every aspect of 56 00:03:49,760 --> 00:03:55,280 Speaker 1: their network was inaccessible. Voicemail was offline, the telephone directory 57 00:03:55,280 --> 00:03:58,440 Speaker 1: in general was gone. There was no way to access 58 00:03:58,480 --> 00:04:02,440 Speaker 1: the Internet, and even the cafeteria couldn't connect to credit 59 00:04:02,440 --> 00:04:06,080 Speaker 1: card verification services, which meant all transactions had to be 60 00:04:06,200 --> 00:04:09,240 Speaker 1: cash only that day, not just that day either. This 61 00:04:09,320 --> 00:04:12,680 Speaker 1: lasted a while so never mind trying to access something 62 00:04:12,680 --> 00:04:16,680 Speaker 1: off of Sony's servers. Before lunchtime, news of the hack 63 00:04:16,720 --> 00:04:21,000 Speaker 1: had already broken online, with outlets like geek dot com 64 00:04:21,040 --> 00:04:25,520 Speaker 1: and Deadline reporting on it straight away. Sony employees found 65 00:04:25,560 --> 00:04:29,919 Speaker 1: themselves unable to do any work or they had to 66 00:04:29,960 --> 00:04:33,920 Speaker 1: switch to you know, like pen and paper or white 67 00:04:33,960 --> 00:04:36,520 Speaker 1: boards in an old school approach to trying to to 68 00:04:36,640 --> 00:04:39,280 Speaker 1: do anything productive in the face of a massive attack. 69 00:04:39,839 --> 00:04:43,599 Speaker 1: In fact, when it was all said and done, Sony 70 00:04:43,839 --> 00:04:48,560 Speaker 1: had to wait until February of twift to get systems 71 00:04:48,600 --> 00:04:51,520 Speaker 1: back online, so you know, that's like more than a 72 00:04:51,600 --> 00:04:55,200 Speaker 1: month of the systems being down. They had to retire 73 00:04:55,320 --> 00:05:00,000 Speaker 1: three thousand, two hundred sixty two employee PCs that's how 74 00:05:00,080 --> 00:05:04,240 Speaker 1: of six thousand, seven nine seven total, so almost half 75 00:05:04,279 --> 00:05:07,320 Speaker 1: of all computers had to be replaced, and had to 76 00:05:07,360 --> 00:05:10,520 Speaker 1: do the same with eight hundred thirty seven out of 77 00:05:10,640 --> 00:05:14,120 Speaker 1: one thousand, five hundred fifty five servers, so more than 78 00:05:14,200 --> 00:05:17,080 Speaker 1: half of their servers had to be replaced. This is 79 00:05:17,120 --> 00:05:21,359 Speaker 1: all according to a Vanity Fair article titled The Untold 80 00:05:21,440 --> 00:05:25,400 Speaker 1: Story of the Sony Hack by Richard Stingle. At the 81 00:05:25,440 --> 00:05:28,680 Speaker 1: time of the hack, Stingle was actually working for US 82 00:05:28,800 --> 00:05:32,200 Speaker 1: Secretary of State and had a direct connection as he 83 00:05:32,320 --> 00:05:36,880 Speaker 1: was friends with the the then CEO of Sony Pictures. 84 00:05:37,560 --> 00:05:42,479 Speaker 1: According to Sony itself, as reported by computer World, the 85 00:05:42,520 --> 00:05:45,800 Speaker 1: hack represented a thirty five million dollar cost in I 86 00:05:45,960 --> 00:05:49,839 Speaker 1: T repairs. That was the figure quoted for quote restoring 87 00:05:49,880 --> 00:05:53,279 Speaker 1: our financial and I T systems end quote according to 88 00:05:53,279 --> 00:05:57,599 Speaker 1: a Sony spokesperson, And that actually sounds low to me. 89 00:05:58,120 --> 00:06:00,920 Speaker 1: And of course there were other monitor are damages as 90 00:06:00,920 --> 00:06:03,800 Speaker 1: well due to how the hackers would release much of 91 00:06:03,839 --> 00:06:08,200 Speaker 1: that stolen information online. And then there's the damage to 92 00:06:08,279 --> 00:06:12,000 Speaker 1: Sony's reputation, a rep that already had more than a 93 00:06:12,000 --> 00:06:16,640 Speaker 1: little tarnish on it before the hack even happened. Meanwhile, 94 00:06:17,040 --> 00:06:20,080 Speaker 1: the details of the attack included links that the hackers 95 00:06:20,160 --> 00:06:22,560 Speaker 1: left behind two sites that showed off some of the 96 00:06:22,640 --> 00:06:25,360 Speaker 1: data they had taken, So this was more of like 97 00:06:25,560 --> 00:06:30,480 Speaker 1: a directory of what was stolen, with the actual data 98 00:06:30,520 --> 00:06:34,240 Speaker 1: itself to follow in the weeks to come. As it 99 00:06:34,240 --> 00:06:37,400 Speaker 1: would turn out, the hackers who had infiltrated the system 100 00:06:37,720 --> 00:06:41,000 Speaker 1: had been hard at work inside Sony's cyber walls for 101 00:06:41,040 --> 00:06:43,520 Speaker 1: at least a few weeks at the point where they 102 00:06:43,600 --> 00:06:47,800 Speaker 1: left this message, and some accounts suggest that the initial 103 00:06:47,839 --> 00:06:51,000 Speaker 1: intrusion might have happened even more than a year in 104 00:06:51,080 --> 00:06:54,919 Speaker 1: advance because of just the enormous amount of information that 105 00:06:54,960 --> 00:06:58,200 Speaker 1: got siphoned away. But either way, this was not some 106 00:06:58,279 --> 00:07:01,039 Speaker 1: sort of hasty message that was sent immediately after the 107 00:07:01,040 --> 00:07:04,560 Speaker 1: hackers got access to the system. Now, the hackers had 108 00:07:04,600 --> 00:07:08,599 Speaker 1: clearly already copied a vast amount of information, which again 109 00:07:08,640 --> 00:07:12,040 Speaker 1: depending on the account, ranged anywhere from forty gigabytes to 110 00:07:12,160 --> 00:07:16,920 Speaker 1: around a hundred terra bytes or more, a truly astonishing 111 00:07:17,080 --> 00:07:22,760 Speaker 1: amount of information. They also deleted files on Sony's systems 112 00:07:22,880 --> 00:07:25,680 Speaker 1: and then they sent the message. So it's only after 113 00:07:25,720 --> 00:07:28,560 Speaker 1: they had siphoned off the data and burned everything behind 114 00:07:28,640 --> 00:07:31,640 Speaker 1: them that they tipped their hand that they were involved. 115 00:07:32,200 --> 00:07:34,240 Speaker 1: So yeah, this was the moment where the world at 116 00:07:34,320 --> 00:07:38,480 Speaker 1: large learned about the attack, But again, it had clearly 117 00:07:38,560 --> 00:07:43,480 Speaker 1: happened or at least started before November. In fact, this 118 00:07:43,600 --> 00:07:47,120 Speaker 1: wasn't even the first attack on Sony's computer systems in 119 00:07:48,680 --> 00:07:51,840 Speaker 1: and the company had a history of cybersecurity issues which 120 00:07:51,880 --> 00:07:55,200 Speaker 1: did not make it look particularly strong. Let's go back 121 00:07:55,240 --> 00:07:58,760 Speaker 1: to April of two thousand eleven, and don't worry, this 122 00:07:58,800 --> 00:08:01,240 Speaker 1: bit is just a quick overview to set the stage, 123 00:08:01,280 --> 00:08:04,080 Speaker 1: and this is going to focus not on Sony Pictures, 124 00:08:04,080 --> 00:08:07,560 Speaker 1: but another branch of Sony. So in two ten, there 125 00:08:07,640 --> 00:08:10,720 Speaker 1: was a security hacker named George Hots, a k a. 126 00:08:10,920 --> 00:08:14,440 Speaker 1: Geo Hot, and he became the target of Sony's ire 127 00:08:15,120 --> 00:08:18,480 Speaker 1: after Geo Hot started working on a method to breach 128 00:08:18,560 --> 00:08:22,400 Speaker 1: the PlayStation three consoles security in order to unlock the 129 00:08:22,440 --> 00:08:24,520 Speaker 1: console so that you could do all sorts of different 130 00:08:24,520 --> 00:08:26,440 Speaker 1: stuff with it. You could hack it, in other words, 131 00:08:27,000 --> 00:08:30,160 Speaker 1: and and really use that special hardware of the PS 132 00:08:30,240 --> 00:08:34,600 Speaker 1: three to tackle specific types of computational problems, because the 133 00:08:34,720 --> 00:08:37,400 Speaker 1: architecture of the PS three was very different from other 134 00:08:37,440 --> 00:08:42,680 Speaker 1: consoles at the time. Sony brought some legal action against Hots, 135 00:08:42,760 --> 00:08:46,400 Speaker 1: who had pointed out a pretty massive flaw in Sony's 136 00:08:46,440 --> 00:08:52,040 Speaker 1: own security, and then Anonymous got involved. And you don't 137 00:08:52,080 --> 00:08:55,720 Speaker 1: hear about Anonymous as much these days as used to. 138 00:08:55,960 --> 00:09:00,560 Speaker 1: But it's it's a loosely organized activist group and there's 139 00:09:00,640 --> 00:09:05,440 Speaker 1: usually no identifiable leadership within the group itself, and members 140 00:09:05,480 --> 00:09:09,440 Speaker 1: can have drastically different philosophies and approaches, So you can 141 00:09:09,480 --> 00:09:15,120 Speaker 1: have like concerned activists to nihilistic anarchists in that same group. 142 00:09:15,559 --> 00:09:19,560 Speaker 1: Anonymous named Sony a prime target for hacking in response 143 00:09:19,600 --> 00:09:24,040 Speaker 1: to how Sony was pursuing hots and what followed was 144 00:09:24,080 --> 00:09:27,079 Speaker 1: a distributed denial of service or d d o S 145 00:09:27,120 --> 00:09:31,480 Speaker 1: attack on Sony's PlayStation network servers, which interrupted service for 146 00:09:31,600 --> 00:09:35,520 Speaker 1: millions of Sony PlayStation owners. Sony would actually end up 147 00:09:35,559 --> 00:09:39,880 Speaker 1: taking the network offline entirely on April twenty while looking 148 00:09:39,960 --> 00:09:43,440 Speaker 1: for a way to counter the attacks. Later the world 149 00:09:43,520 --> 00:09:46,120 Speaker 1: learned that a you know, leading up to Sony taking 150 00:09:46,160 --> 00:09:50,760 Speaker 1: down the PlayStation network, hackers had actually infiltrated Sony systems 151 00:09:50,960 --> 00:09:54,400 Speaker 1: and accessed a database containing user data for seventy seven 152 00:09:54,600 --> 00:09:59,880 Speaker 1: million accounts, including people's names, their email addresses, their past 153 00:10:00,040 --> 00:10:03,120 Speaker 1: words they're log in. There was a question about maybe 154 00:10:03,160 --> 00:10:06,480 Speaker 1: their credit card information got leaked as well, something that 155 00:10:06,600 --> 00:10:09,200 Speaker 1: Sony said did not happen. But this was just the 156 00:10:09,240 --> 00:10:13,160 Speaker 1: beginning of Sony's woes. Different groups of hackers, most of 157 00:10:13,200 --> 00:10:18,640 Speaker 1: which were using fairly unsophisticated tools, attacked Sony Online Entertainment, 158 00:10:19,360 --> 00:10:23,559 Speaker 1: Sony websites, and numerous other Sony sites and services, so 159 00:10:23,720 --> 00:10:27,360 Speaker 1: they weren't necessarily coordinating with one another, but rather kind 160 00:10:27,400 --> 00:10:31,480 Speaker 1: of all acting on an opportunity that presented itself. And 161 00:10:31,720 --> 00:10:34,240 Speaker 1: this isn't to suggest that the people behind these attacks 162 00:10:34,280 --> 00:10:38,000 Speaker 1: in eleven were linked to the ones we saw in fourteen, 163 00:10:38,440 --> 00:10:41,680 Speaker 1: but rather to point out that Sony as a company 164 00:10:41,920 --> 00:10:48,120 Speaker 1: had truly atrocious cybersecurity systems and practices in place. This 165 00:10:48,160 --> 00:10:52,160 Speaker 1: was in so you would think that after that experience 166 00:10:52,320 --> 00:10:56,840 Speaker 1: of being hit by these attacks, that Sony would really 167 00:10:56,880 --> 00:11:00,760 Speaker 1: beef up security considerably and make future attack its less likely. 168 00:11:01,120 --> 00:11:05,000 Speaker 1: I mean, you would think that, but you'd be wrong. 169 00:11:05,559 --> 00:11:10,199 Speaker 1: According to multiple sources, Sony systems had poor password protection, 170 00:11:10,640 --> 00:11:15,199 Speaker 1: like super poor like according to the Hollywood Reporter, some 171 00:11:15,320 --> 00:11:19,520 Speaker 1: servers had passwords like Sony pictures, which you know, is 172 00:11:19,520 --> 00:11:23,200 Speaker 1: not great, not super secure, And the fact that security 173 00:11:23,240 --> 00:11:26,520 Speaker 1: was so poor meant that the list of possible perpetrators 174 00:11:26,520 --> 00:11:30,720 Speaker 1: would be really, really big, big enough so that even 175 00:11:30,720 --> 00:11:35,120 Speaker 1: when the FBI would announce a suspect that being hackers 176 00:11:35,120 --> 00:11:38,160 Speaker 1: connected to North Korea, there was enough doubt among the 177 00:11:38,200 --> 00:11:41,520 Speaker 1: security community to raise questions about it. All right, so 178 00:11:41,559 --> 00:11:45,160 Speaker 1: let's get back to our timeline. The Hollywood Reporter article 179 00:11:45,240 --> 00:11:49,560 Speaker 1: titled five years Later, Who Really Hacked Sony includes the 180 00:11:49,600 --> 00:11:53,640 Speaker 1: fact that, according to leaked internal emails at Sony, the 181 00:11:53,679 --> 00:11:58,040 Speaker 1: company discovered an earlier breach inteen. That's the February one, 182 00:11:58,679 --> 00:12:01,360 Speaker 1: and the keep in mind that the big hack, the 183 00:12:01,400 --> 00:12:04,079 Speaker 1: one that we're really focused on in this episode, would 184 00:12:04,080 --> 00:12:07,560 Speaker 1: take place later that year in November. But in that 185 00:12:07,640 --> 00:12:10,840 Speaker 1: February hack, there was a fear that the hackers managed 186 00:12:10,880 --> 00:12:14,320 Speaker 1: to secure the credentials to get administrative control of a 187 00:12:14,400 --> 00:12:19,840 Speaker 1: Sony Pictures system, potentially uploading malware into the system in 188 00:12:19,880 --> 00:12:24,640 Speaker 1: the process, and as we just covered, Sony's security wasn't 189 00:12:24,920 --> 00:12:28,160 Speaker 1: really up to code. Now, I tried to track down 190 00:12:28,160 --> 00:12:32,520 Speaker 1: more information about this February two, fourteen hack and came 191 00:12:32,600 --> 00:12:35,600 Speaker 1: up empty. Now it's possible that this was something that 192 00:12:35,679 --> 00:12:39,080 Speaker 1: Sony just tried to contain completely internally and it just 193 00:12:39,160 --> 00:12:43,280 Speaker 1: never went beyond those internal emails. At any rate, it 194 00:12:43,440 --> 00:12:46,400 Speaker 1: is very challenging to search for anything related to Sony 195 00:12:46,440 --> 00:12:50,280 Speaker 1: and hacking that happened in that doesn't relate to the 196 00:12:50,360 --> 00:12:54,559 Speaker 1: more notorious event that happened in November. However, there's one 197 00:12:54,559 --> 00:12:56,840 Speaker 1: thing I do have to talk about that happened between 198 00:12:57,080 --> 00:13:02,040 Speaker 1: February and November that does play into the story, and 199 00:13:02,120 --> 00:13:08,120 Speaker 1: that's the Interview. The Interview is a film. It's a 200 00:13:08,120 --> 00:13:11,600 Speaker 1: comedy that was developed by Seth Rogan and Evan Goldberg 201 00:13:11,920 --> 00:13:15,720 Speaker 1: about a TV journalist and his producer getting a gig 202 00:13:15,760 --> 00:13:19,559 Speaker 1: to come to North Korea and interview the country's leader, 203 00:13:19,720 --> 00:13:24,040 Speaker 1: Kim Jong Un. Only they are intercepted by members of 204 00:13:24,080 --> 00:13:26,240 Speaker 1: the c i A who want to use this rare 205 00:13:26,280 --> 00:13:31,600 Speaker 1: opportunity to assassinate Kim Jong Un, turning the vacuous Hollywood 206 00:13:31,640 --> 00:13:36,840 Speaker 1: types into state backed assassins. Seth Rogan and James Franco 207 00:13:36,960 --> 00:13:41,080 Speaker 1: played the producer and the TV host, respectively. Randall Park 208 00:13:41,440 --> 00:13:44,400 Speaker 1: a k agent, Jimmy Wou and the m c U 209 00:13:44,520 --> 00:13:48,080 Speaker 1: played Kim Jong Un. The film went into production in 210 00:13:48,120 --> 00:13:51,720 Speaker 1: two thousand thirteen with Sony Pictures behind it, and the 211 00:13:51,800 --> 00:13:55,520 Speaker 1: release date was set for October of two thousand fourteen. 212 00:13:55,800 --> 00:13:58,440 Speaker 1: So in the summer of two thousand fourteen, when the 213 00:13:58,440 --> 00:14:01,439 Speaker 1: movie's publicity was starting to get all the ground, that's 214 00:14:01,440 --> 00:14:05,880 Speaker 1: when there were rumblings from North Korea. The media. North 215 00:14:05,960 --> 00:14:10,280 Speaker 1: Korea condemned the film months before it was set to premiere, 216 00:14:10,800 --> 00:14:13,680 Speaker 1: calling for Sony to not release it and even to 217 00:14:13,840 --> 00:14:16,240 Speaker 1: just destroy the movie, and that the release of the 218 00:14:16,280 --> 00:14:20,320 Speaker 1: movie would be considered an act of terrorism and war. Now, 219 00:14:20,320 --> 00:14:24,760 Speaker 1: on the one hand, the Interview is a pretty dumb movie. 220 00:14:25,400 --> 00:14:28,760 Speaker 1: It's it's not a hard hitting thriller. It doesn't say 221 00:14:28,760 --> 00:14:32,960 Speaker 1: anything particularly insightful about North Korea or Kim Jong un. 222 00:14:33,560 --> 00:14:37,280 Speaker 1: But on the other hand, it's pretty darn taboo to 223 00:14:37,360 --> 00:14:40,440 Speaker 1: make a fictional film about a planned assassination of a 224 00:14:40,480 --> 00:14:44,760 Speaker 1: real world person who is very much still alive. I mean, 225 00:14:45,040 --> 00:14:49,280 Speaker 1: it has been done, but it's a tricky thing to do. Honestly, 226 00:14:49,320 --> 00:14:51,800 Speaker 1: I think if someone were to make a movie about 227 00:14:51,920 --> 00:14:55,160 Speaker 1: trying to assassinate me, I'd take it a little personally. 228 00:14:56,120 --> 00:14:59,200 Speaker 1: Sony pushed back the release of the film from October 229 00:14:59,360 --> 00:15:02,440 Speaker 1: to Decen two thousand fourteen, the idea of being of 230 00:15:02,440 --> 00:15:06,280 Speaker 1: releasing it on Christmas Day, and they also made some 231 00:15:06,400 --> 00:15:09,240 Speaker 1: changes to the movie. Now, whether these changes were meant 232 00:15:09,240 --> 00:15:12,960 Speaker 1: as concessions to North Korea or not, I don't know, 233 00:15:13,600 --> 00:15:16,680 Speaker 1: but there's a pretty solid story of the company easing 234 00:15:16,760 --> 00:15:21,720 Speaker 1: back on the death scene of Kim Jong un. Spoiler alert. 235 00:15:21,760 --> 00:15:24,560 Speaker 1: He does die in the movie. He gets blown to 236 00:15:24,680 --> 00:15:27,600 Speaker 1: smithereens when his helicopter is hit with a shot from 237 00:15:27,600 --> 00:15:32,720 Speaker 1: a Franco driven tank, and apparently in the version that 238 00:15:32,760 --> 00:15:36,920 Speaker 1: they filmmakers originally created, that death scene was far more 239 00:15:37,000 --> 00:15:41,320 Speaker 1: graphic than it is in the finished film. Well, North 240 00:15:41,400 --> 00:15:44,920 Speaker 1: Korean media was pushing rhetoric that suggested that release of 241 00:15:44,920 --> 00:15:49,400 Speaker 1: the film would lead to disastrous consequences, and Sony pushed 242 00:15:49,400 --> 00:15:51,600 Speaker 1: back the date but still planned to release the film. 243 00:15:51,920 --> 00:15:55,480 Speaker 1: And then in November, the other shoe dropped, or at 244 00:15:55,520 --> 00:15:59,320 Speaker 1: least it appeared too. I'll explain more after we take 245 00:15:59,360 --> 00:16:09,040 Speaker 1: this break. Before the break, I said that the other 246 00:16:09,080 --> 00:16:12,120 Speaker 1: shoe appeared to drop. And the reason I used that 247 00:16:12,240 --> 00:16:15,520 Speaker 1: wishy washy language is that when it comes to what happened, 248 00:16:15,840 --> 00:16:18,280 Speaker 1: there's some stuff we can say for sure and some 249 00:16:18,280 --> 00:16:21,560 Speaker 1: stuff we have to kind of guess at what. When 250 00:16:21,560 --> 00:16:23,240 Speaker 1: it comes to the stuff we can say for sure, 251 00:16:23,320 --> 00:16:27,000 Speaker 1: we can summari rise like this. You know, hackers definitely 252 00:16:27,080 --> 00:16:31,760 Speaker 1: got access to Sony systems. They definitely stole information, and 253 00:16:31,800 --> 00:16:35,000 Speaker 1: we know this because they later posted that information online, 254 00:16:35,480 --> 00:16:39,760 Speaker 1: frequently using Pastebin to do so. Pastebin is a plain 255 00:16:39,920 --> 00:16:44,480 Speaker 1: text content hosting service, So you can post the code 256 00:16:44,760 --> 00:16:48,320 Speaker 1: to something in plain text on a paste bind service, 257 00:16:48,640 --> 00:16:52,800 Speaker 1: but you can't host you know, streaming media or you know, 258 00:16:53,080 --> 00:16:55,880 Speaker 1: working files or anything like that. You could post the 259 00:16:55,920 --> 00:16:58,160 Speaker 1: code to a file, but you wouldn't be able to, 260 00:16:58,520 --> 00:17:00,520 Speaker 1: you know, have an execute he able file in pace 261 00:17:00,640 --> 00:17:03,560 Speaker 1: bin format. So the hackers released lots of stuff over 262 00:17:03,560 --> 00:17:06,520 Speaker 1: the weeks following the attack, much of which appeared to 263 00:17:06,560 --> 00:17:10,320 Speaker 1: be aimed specifically at harming Sony. More on that in 264 00:17:10,359 --> 00:17:15,600 Speaker 1: a little bit as well. On November, just three days 265 00:17:15,680 --> 00:17:19,480 Speaker 1: after the hack, someone in that hacker group made available 266 00:17:19,720 --> 00:17:24,240 Speaker 1: five Sony films on online file sharing hubs, and they 267 00:17:24,240 --> 00:17:27,359 Speaker 1: included four films that had not yet even been released 268 00:17:27,400 --> 00:17:30,760 Speaker 1: to theaters, proving that this was part of the information 269 00:17:30,880 --> 00:17:35,440 Speaker 1: stolen during the hack. The four unreleased films were Annie, 270 00:17:35,640 --> 00:17:40,600 Speaker 1: Mr Turner, to Write Love on Her Arms and Still Alice. 271 00:17:41,040 --> 00:17:44,959 Speaker 1: The fifth film, Fury starring Brad Pitt, was already in 272 00:17:45,119 --> 00:17:49,560 Speaker 1: its theatrical run at the time. The hackers also definitely 273 00:17:49,720 --> 00:17:54,840 Speaker 1: wiped Sony systems, using legit tools to erase and overwrite 274 00:17:54,920 --> 00:17:58,800 Speaker 1: data to make it extremely difficult to retrieve. Now, you 275 00:17:58,880 --> 00:18:01,640 Speaker 1: probably know that when you delete a file from your 276 00:18:01,640 --> 00:18:06,440 Speaker 1: hard drive, that information does not just magically disappear. It's 277 00:18:06,440 --> 00:18:08,280 Speaker 1: not like it's gone. It's not like using in a 278 00:18:08,400 --> 00:18:13,119 Speaker 1: racer to erase away stuff you've written. The information is 279 00:18:13,119 --> 00:18:15,960 Speaker 1: actually still there on your hard drive, at least until 280 00:18:15,960 --> 00:18:19,560 Speaker 1: your hard drive overwrites the old data with new data. 281 00:18:19,840 --> 00:18:24,080 Speaker 1: So essentially your hard drive flags the drive space where 282 00:18:24,119 --> 00:18:27,680 Speaker 1: you're deleted files are, and it says this is fair game. 283 00:18:28,119 --> 00:18:30,360 Speaker 1: So whenever we have to write new data, you can 284 00:18:30,400 --> 00:18:32,560 Speaker 1: do it here if you want to. But until the 285 00:18:32,600 --> 00:18:35,879 Speaker 1: computer actually does write new information to that section of 286 00:18:35,880 --> 00:18:39,840 Speaker 1: the hard drive, that data can sometimes be retrieved with 287 00:18:39,920 --> 00:18:43,120 Speaker 1: tools like the ones that the hackers used, this process 288 00:18:43,160 --> 00:18:46,840 Speaker 1: gets cut off, and that's because these tools they first 289 00:18:47,080 --> 00:18:51,320 Speaker 1: delete data on a drive, then they overwrite the drives 290 00:18:51,480 --> 00:18:54,159 Speaker 1: with gibberish. So this is what you might use. If 291 00:18:54,200 --> 00:18:57,480 Speaker 1: you wanted to wipe a personal computer before you sold 292 00:18:57,520 --> 00:19:00,320 Speaker 1: it or traded it in or or recycled it or whatever, 293 00:19:00,760 --> 00:19:03,320 Speaker 1: you would go through this process, and then you don't 294 00:19:03,359 --> 00:19:06,000 Speaker 1: have to worry about whether or not you overlooked a 295 00:19:06,040 --> 00:19:10,080 Speaker 1: folder that contained personal information in it, because this type 296 00:19:10,080 --> 00:19:14,000 Speaker 1: of tool essentially nukes it from orbit, because it's the 297 00:19:14,040 --> 00:19:17,560 Speaker 1: only way to be sure. So we know that someone 298 00:19:17,680 --> 00:19:21,399 Speaker 1: gained access to Sony's systems, they stole an enormous amount 299 00:19:21,400 --> 00:19:24,480 Speaker 1: of information. They proved that they stole it by posting 300 00:19:24,520 --> 00:19:28,520 Speaker 1: some of that online, and they wiped the infected computers 301 00:19:28,560 --> 00:19:31,760 Speaker 1: after extricating the data. So let's talk about some of 302 00:19:31,800 --> 00:19:36,080 Speaker 1: the actual data leaks now. The movies were probably the 303 00:19:36,119 --> 00:19:39,480 Speaker 1: highest profile example of a data leak to a lot 304 00:19:39,520 --> 00:19:42,119 Speaker 1: of people, right because people are really familiar with movies, 305 00:19:42,440 --> 00:19:45,600 Speaker 1: so something like that happening, it's easy to take notice. 306 00:19:46,359 --> 00:19:49,280 Speaker 1: There were also some screenplays of films that had not 307 00:19:49,400 --> 00:19:52,280 Speaker 1: yet gotten into production that got released. Those I would 308 00:19:52,359 --> 00:19:56,000 Speaker 1: argue were probably one step lower than the finished films were. 309 00:19:56,400 --> 00:19:59,280 Speaker 1: And then for folks in the film industry or for 310 00:19:59,320 --> 00:20:02,240 Speaker 1: people who are really interested in the business side of filmmaking, 311 00:20:02,880 --> 00:20:06,680 Speaker 1: what really stood out were the internal documents revealing things 312 00:20:06,720 --> 00:20:13,119 Speaker 1: like people's salaries and personal emails between Sony employees and 313 00:20:13,200 --> 00:20:20,120 Speaker 1: other folks, emails that frequently contained embarrassing or downright damaging information. 314 00:20:21,160 --> 00:20:25,520 Speaker 1: On December one, two thousand, fourteen files that detailed Sony 315 00:20:25,600 --> 00:20:30,120 Speaker 1: salaries hit the internet. The top seventeen Sony executives had 316 00:20:30,160 --> 00:20:35,960 Speaker 1: their salary information pre bonus that is leaked online. Other 317 00:20:36,040 --> 00:20:40,520 Speaker 1: files had more than six thousand Sony employees, current and former, 318 00:20:40,640 --> 00:20:44,760 Speaker 1: and their salary information, including other stuff like personal information 319 00:20:45,040 --> 00:20:52,240 Speaker 1: that was personally identifiable information. Several media outlets published this information. 320 00:20:52,280 --> 00:20:55,399 Speaker 1: At least the information about the executive salaries, and that 321 00:20:55,480 --> 00:20:58,879 Speaker 1: showed a pretty large disparity in the company. Like it 322 00:20:59,000 --> 00:21:02,240 Speaker 1: was no real surprise, because I mean, it's kind of 323 00:21:02,240 --> 00:21:05,239 Speaker 1: an open secret, but it was no real surprise that 324 00:21:05,359 --> 00:21:09,160 Speaker 1: the white men in the executive area of Sony, we're 325 00:21:09,240 --> 00:21:16,040 Speaker 1: making substantially more money than people of any other designation 326 00:21:16,040 --> 00:21:18,679 Speaker 1: than white male. Right, Like that was top tier was 327 00:21:18,720 --> 00:21:22,399 Speaker 1: white male. This, by the way, would lead some people 328 00:21:22,560 --> 00:21:26,280 Speaker 1: like Richard Stingle to criticize the media, and the criticism 329 00:21:26,440 --> 00:21:29,600 Speaker 1: mostly centers on the fact that there was a dangerous 330 00:21:29,760 --> 00:21:34,720 Speaker 1: story here about hacking and cybersecurity that was in need 331 00:21:34,800 --> 00:21:38,480 Speaker 1: of addressing. Like the focus in Stingles might need to 332 00:21:38,480 --> 00:21:42,000 Speaker 1: be on the hackers and what they had done and 333 00:21:42,440 --> 00:21:45,119 Speaker 1: the extent of their crime and the serious nature of 334 00:21:45,160 --> 00:21:49,160 Speaker 1: that crime, but the media was focusing on illegally obtained 335 00:21:49,160 --> 00:21:53,720 Speaker 1: information that made Sony look bad. Now to that, I say, 336 00:21:53,920 --> 00:21:57,320 Speaker 1: I understand where you're coming from, and absolutely it would 337 00:21:57,320 --> 00:21:59,480 Speaker 1: be good to spend more time to focus on the 338 00:21:59,560 --> 00:22:03,280 Speaker 1: ramafic cations of cybersecurity. That is a conversation that is 339 00:22:03,320 --> 00:22:08,879 Speaker 1: not held often enough and never with enough sincerity or gravity. 340 00:22:08,920 --> 00:22:11,800 Speaker 1: But we also know that you know what kind of 341 00:22:11,800 --> 00:22:16,359 Speaker 1: content drives clicks, Right, if you write about cybersecurity, you're 342 00:22:16,400 --> 00:22:18,800 Speaker 1: going to get a fraction of the number of clicks 343 00:22:18,840 --> 00:22:20,840 Speaker 1: that you're going to get if you wrote about how 344 00:22:20,880 --> 00:22:24,360 Speaker 1: certain male executives were making way more money than their 345 00:22:24,400 --> 00:22:29,480 Speaker 1: female counterparts, for example. And ultimately, media is a business, 346 00:22:29,520 --> 00:22:32,040 Speaker 1: so you kind of see where that's going to go. Right, 347 00:22:32,880 --> 00:22:36,359 Speaker 1: It's no surprise that media companies are going to really 348 00:22:36,400 --> 00:22:40,560 Speaker 1: focus on the stuff that drives traffic, because ultimately that's 349 00:22:40,560 --> 00:22:45,000 Speaker 1: what drives revenue. Sony leadership went into damage control, with 350 00:22:45,080 --> 00:22:48,959 Speaker 1: Sony chiefs Amy Pascal and Michael Linton sending out a 351 00:22:49,000 --> 00:22:54,960 Speaker 1: memo urging patients and understanding among Sony employees, saying, you know, 352 00:22:55,960 --> 00:22:59,399 Speaker 1: calm down, chill out, it will be okay, and the 353 00:22:59,440 --> 00:23:02,439 Speaker 1: two states that the hackers had taken a large amount 354 00:23:02,440 --> 00:23:05,320 Speaker 1: of information and that it was pretty safe to assume 355 00:23:05,680 --> 00:23:09,800 Speaker 1: that any information about the employees themselves could have been 356 00:23:09,840 --> 00:23:12,080 Speaker 1: a part of all that, and that if Sony had 357 00:23:12,119 --> 00:23:15,879 Speaker 1: information about you as an employee, there was a really 358 00:23:15,880 --> 00:23:18,480 Speaker 1: good chance that the hackers had that info at this point. 359 00:23:19,000 --> 00:23:20,720 Speaker 1: So I think this was a clear effort to get 360 00:23:20,760 --> 00:23:23,919 Speaker 1: ahead of problems like people finding out how much they 361 00:23:23,960 --> 00:23:27,640 Speaker 1: were paid compared to their peers, which could definitely promote 362 00:23:27,760 --> 00:23:31,040 Speaker 1: some uncomfortable discussions if they were to turn out that 363 00:23:31,080 --> 00:23:34,720 Speaker 1: salaries weren't equitable across the board. Also to kind of 364 00:23:34,760 --> 00:23:38,680 Speaker 1: alert employees like, hey, you might have to pay very 365 00:23:38,720 --> 00:23:42,320 Speaker 1: special attention to things like your credit report now because 366 00:23:42,480 --> 00:23:47,480 Speaker 1: your personal information, including stuff like social Security numbers, is 367 00:23:47,480 --> 00:23:49,800 Speaker 1: now in the hands of hackers who are making it 368 00:23:49,840 --> 00:23:53,240 Speaker 1: freely available. So even if the hackers don't do anything 369 00:23:53,280 --> 00:23:56,440 Speaker 1: with your data, they're making it freely available for other 370 00:23:56,560 --> 00:24:00,880 Speaker 1: cyber criminals to make use of that data. By December third, 371 00:24:01,200 --> 00:24:05,840 Speaker 1: another dump caught headlines, and this data dump included stuff 372 00:24:05,920 --> 00:24:09,360 Speaker 1: like scans of visas and passports of people who are 373 00:24:09,359 --> 00:24:13,639 Speaker 1: working on various Sony films, so even more personal information. 374 00:24:14,040 --> 00:24:18,160 Speaker 1: This also included some notable celebrities like Angelina Jolie. There 375 00:24:18,200 --> 00:24:21,640 Speaker 1: were also documents that include the user names and passwords 376 00:24:21,680 --> 00:24:25,120 Speaker 1: for the accounts of several Sony executives. But one thing 377 00:24:25,119 --> 00:24:29,719 Speaker 1: that got wide circulation was a collection of Sony employees 378 00:24:29,800 --> 00:24:34,280 Speaker 1: takes on the works of a Mr. Adam Sandler. Turns 379 00:24:34,280 --> 00:24:37,320 Speaker 1: out a lot of Sony employees have a low opinion 380 00:24:37,680 --> 00:24:41,120 Speaker 1: of Adam Sandler's art and it was stories like these 381 00:24:41,160 --> 00:24:44,560 Speaker 1: that received far more media coverage than the actual attacks, 382 00:24:44,600 --> 00:24:49,399 Speaker 1: because again, juicy, right, watching Hollywood eat its own is 383 00:24:49,480 --> 00:24:53,920 Speaker 1: something that the media thought was very entertaining and would 384 00:24:54,000 --> 00:24:57,919 Speaker 1: drive a lot of engagement. Then again, you could argue 385 00:24:58,119 --> 00:25:01,080 Speaker 1: that there wasn't a whole lot you would say about 386 00:25:01,160 --> 00:25:04,920 Speaker 1: the attacks other than you know they had happened. While 387 00:25:05,040 --> 00:25:07,639 Speaker 1: some people had been circulating the theory that it was 388 00:25:07,720 --> 00:25:10,720 Speaker 1: North Korea behind it all, even in the early stages, 389 00:25:11,280 --> 00:25:14,120 Speaker 1: there were there were no smoking guns that you could 390 00:25:14,119 --> 00:25:17,919 Speaker 1: point to. Rather, there was a suspicion because of the timing, 391 00:25:18,480 --> 00:25:21,879 Speaker 1: along with the upcoming release of the film the Interview, 392 00:25:22,119 --> 00:25:26,280 Speaker 1: and the reaction of North Korea's media to the idea 393 00:25:26,400 --> 00:25:30,400 Speaker 1: of the film the interviews, So while people were mentioning 394 00:25:30,440 --> 00:25:34,480 Speaker 1: North Korea, there wasn't any definitive evidence yet to kind 395 00:25:34,480 --> 00:25:37,879 Speaker 1: of lean on. In fact, on December three, Sony issued 396 00:25:37,920 --> 00:25:40,240 Speaker 1: a statement that said a report that North Korea was 397 00:25:40,280 --> 00:25:44,960 Speaker 1: behind the attack was not accurate. On December five, someone 398 00:25:45,000 --> 00:25:47,760 Speaker 1: claiming to be the Guardians of Peace sent a threatening 399 00:25:47,800 --> 00:25:52,000 Speaker 1: message to Sony employees, and on the eighth, someone claiming 400 00:25:52,040 --> 00:25:54,800 Speaker 1: to be that same group posted a message on a 401 00:25:54,800 --> 00:25:57,919 Speaker 1: file sharing site that said sony was to quote stop 402 00:25:58,000 --> 00:26:01,760 Speaker 1: immediately showing the movie of terrorism, which can break regional 403 00:26:01,800 --> 00:26:05,440 Speaker 1: peace and cause the war end quote. But this message 404 00:26:05,440 --> 00:26:08,560 Speaker 1: says that the previous one on the fifth was written 405 00:26:08,560 --> 00:26:11,720 Speaker 1: by someone else, someone who was not affiliated with the group, 406 00:26:11,800 --> 00:26:16,200 Speaker 1: and the plot thickens. In the meantime, North Korea media 407 00:26:16,320 --> 00:26:19,439 Speaker 1: states that the North Korean government played no part in 408 00:26:19,480 --> 00:26:22,040 Speaker 1: the attack, but does call out the attack as a 409 00:26:22,200 --> 00:26:26,560 Speaker 1: quote righteous deed end quote. So, in other words, their 410 00:26:26,640 --> 00:26:29,440 Speaker 1: statement is, hey, we didn't do it, but whoever did 411 00:26:29,560 --> 00:26:33,720 Speaker 1: is aces in our book. On December nine, the hackers 412 00:26:33,800 --> 00:26:37,800 Speaker 1: dumped a huge number of Amy Pascal's email correspondence online. 413 00:26:38,240 --> 00:26:41,720 Speaker 1: This dump included some stuff that was particularly embarrassing for 414 00:26:41,760 --> 00:26:45,679 Speaker 1: the studio, such as an exchange between Pascal and producer 415 00:26:45,800 --> 00:26:51,040 Speaker 1: Scott Rudin, who called Angelina Jolie quote a minimally talented, 416 00:26:51,240 --> 00:26:55,440 Speaker 1: spoiled brat end quote. The following day, more emails between 417 00:26:55,440 --> 00:26:58,679 Speaker 1: Pascal and Rudin emerged, showing the two joking about what 418 00:26:58,840 --> 00:27:02,600 Speaker 1: President Obama's films might be. And those were jokes that 419 00:27:02,640 --> 00:27:07,640 Speaker 1: were at best racially insensitive, which is a gentle way 420 00:27:07,640 --> 00:27:10,600 Speaker 1: of putting it. I have some other thoughts but I'll 421 00:27:11,080 --> 00:27:15,240 Speaker 1: reserve them. I should add that Ruden earned a reputation 422 00:27:15,280 --> 00:27:18,120 Speaker 1: as a real piece of work. In fact, just earlier 423 00:27:18,200 --> 00:27:22,240 Speaker 1: this year, in one he was essentially forced to resign 424 00:27:22,359 --> 00:27:25,760 Speaker 1: from Broadway League after numerous people were stepping forward to 425 00:27:26,200 --> 00:27:31,720 Speaker 1: you know, accuse him of engaging in abusive, violent behavior. 426 00:27:31,920 --> 00:27:34,960 Speaker 1: Hecked Wall Street Journal said he would brag about burning 427 00:27:34,960 --> 00:27:39,880 Speaker 1: through one nineteen personal assistants in five years. Anyway, this 428 00:27:39,960 --> 00:27:42,320 Speaker 1: is the kind of juicy stuff that media companies go 429 00:27:42,359 --> 00:27:45,360 Speaker 1: gaga for, and clearly I am no exception to that. 430 00:27:46,320 --> 00:27:49,720 Speaker 1: By December twelve, people discovered that the hackers had posted 431 00:27:49,720 --> 00:27:54,359 Speaker 1: documents that included Sony employee medical records. Some of the 432 00:27:54,400 --> 00:27:57,920 Speaker 1: details include not just the Sony employees, but their families. 433 00:27:58,440 --> 00:28:01,760 Speaker 1: The media, for once did not go bunkers and start 434 00:28:01,800 --> 00:28:06,119 Speaker 1: publishing those documents, which I guess is a small favor. 435 00:28:06,359 --> 00:28:11,800 Speaker 1: Right On December, screenwriter and director Aaron Sorkin had an 436 00:28:11,920 --> 00:28:15,200 Speaker 1: editorial piece published in The New York Times calling out 437 00:28:15,240 --> 00:28:17,880 Speaker 1: the media for playing a part in helping the hackers. 438 00:28:18,280 --> 00:28:21,800 Speaker 1: Sorkin's point was that the hackers committed the crime, but 439 00:28:21,920 --> 00:28:25,159 Speaker 1: the media was disseminating the information to the public. On 440 00:28:25,200 --> 00:28:27,720 Speaker 1: a scale that would not have been possible by the 441 00:28:27,760 --> 00:28:30,600 Speaker 1: hackers alone. That, in fact, the way the hackers were 442 00:28:30,640 --> 00:28:36,359 Speaker 1: posting information was really challenging to sieve through. Your average 443 00:28:36,359 --> 00:28:39,760 Speaker 1: person isn't just gonna troll through a paste bend site 444 00:28:40,080 --> 00:28:43,040 Speaker 1: to read through mountains of text files to look for 445 00:28:43,080 --> 00:28:48,240 Speaker 1: something juicy. The media companies had folks like on staff 446 00:28:48,400 --> 00:28:52,440 Speaker 1: or probably a lot of unpaid or barely paid interns, 447 00:28:52,600 --> 00:28:56,760 Speaker 1: who were doing precisely that thing all day, and so 448 00:28:56,960 --> 00:29:00,920 Speaker 1: Sorkin argued, the hackers saw their goals real lies, not 449 00:29:01,160 --> 00:29:04,040 Speaker 1: through their own efforts, but because the media was taking 450 00:29:04,080 --> 00:29:07,680 Speaker 1: care of all that, bringing more harm to Sony and 451 00:29:07,720 --> 00:29:11,800 Speaker 1: the people who worked there, which is at least partly true. 452 00:29:12,200 --> 00:29:15,280 Speaker 1: I think, honestly, I don't think we really have any 453 00:29:15,320 --> 00:29:18,800 Speaker 1: good guys in this story. Because we've got Sony, which 454 00:29:18,840 --> 00:29:21,440 Speaker 1: was clearly the victim of an attack, but it was 455 00:29:21,480 --> 00:29:24,000 Speaker 1: also a company that had a lot of skeletons in 456 00:29:24,040 --> 00:29:27,440 Speaker 1: a lot of closets. Then you have the general media 457 00:29:27,600 --> 00:29:32,120 Speaker 1: sensationalizing every revelation, and then you had the actual hackers 458 00:29:32,120 --> 00:29:35,560 Speaker 1: who were responsible for the attack itself. It was kind 459 00:29:35,600 --> 00:29:38,640 Speaker 1: of like a Tarantino movie. Everybody is at least to 460 00:29:38,720 --> 00:29:43,240 Speaker 1: some degree a bad guy. On December sixte we got 461 00:29:43,240 --> 00:29:47,200 Speaker 1: a major development in the saga. The hackers presumably the 462 00:29:47,280 --> 00:29:51,360 Speaker 1: hackers anyway, posted a threat stating that movie theaters that 463 00:29:51,480 --> 00:29:54,840 Speaker 1: chose to screen The Interview would be targeted for attacks, 464 00:29:55,240 --> 00:29:58,760 Speaker 1: likening the effort to the terrorist attacks. On September eleven, 465 00:29:58,880 --> 00:30:02,120 Speaker 1: two thousand one, the Department of Homeland Security issued a 466 00:30:02,160 --> 00:30:04,800 Speaker 1: statement saying that it had no credible evidence that any 467 00:30:04,840 --> 00:30:09,120 Speaker 1: such attack was actually being planned or prepared, and so 468 00:30:09,440 --> 00:30:12,560 Speaker 1: there wasn't any evidence to show that this was something 469 00:30:12,560 --> 00:30:15,720 Speaker 1: that was really going to happen. But Rogan and Franco 470 00:30:15,840 --> 00:30:19,640 Speaker 1: canceled their promotional tour for The Interview, and movie theaters, 471 00:30:19,640 --> 00:30:22,280 Speaker 1: including Big Chains, began to issue statements that they would 472 00:30:22,280 --> 00:30:26,680 Speaker 1: not carry the film. Sony Pictures, seeing this quick response 473 00:30:26,720 --> 00:30:30,719 Speaker 1: from theaters, makes the decision to postpone the release of 474 00:30:30,720 --> 00:30:35,280 Speaker 1: The Interview, essentially canceling its debut on Christmas Day. Now 475 00:30:35,360 --> 00:30:38,520 Speaker 1: I should add this was really after movie theaters had 476 00:30:38,560 --> 00:30:40,960 Speaker 1: already said they were not going to show the movie, 477 00:30:41,440 --> 00:30:44,120 Speaker 1: But once Sony made this announcement, there was a huge 478 00:30:44,200 --> 00:30:47,640 Speaker 1: backlash against the company, with people calling the studio to 479 00:30:47,800 --> 00:30:52,520 Speaker 1: reverse its decision. But we gotta take a quick detour here, right, Okay, 480 00:30:52,520 --> 00:30:55,360 Speaker 1: in the old days of the movie business, movie studios 481 00:30:55,360 --> 00:30:58,560 Speaker 1: pretty much owned a piece of every part of the 482 00:30:58,600 --> 00:31:02,440 Speaker 1: movie making process. Us. I'm talking about everything from you know, 483 00:31:02,480 --> 00:31:05,280 Speaker 1: the production studios that were shooting movies, to the companies 484 00:31:05,280 --> 00:31:08,840 Speaker 1: that were actually producing Cellu Lloyd film to shoot on 485 00:31:09,400 --> 00:31:12,960 Speaker 1: to chains of theaters to where you would show the film. 486 00:31:13,000 --> 00:31:15,600 Speaker 1: But the US government broke all that up because it 487 00:31:15,640 --> 00:31:18,840 Speaker 1: was considered to be anti competitive and a monopoly. And 488 00:31:18,880 --> 00:31:23,360 Speaker 1: so then movie theater companies were divorced from movie studios 489 00:31:23,720 --> 00:31:25,719 Speaker 1: and they had more of a say of what films 490 00:31:25,760 --> 00:31:28,240 Speaker 1: they would and would not show in their respective houses. 491 00:31:28,520 --> 00:31:32,680 Speaker 1: So Sony could reverse its decision, in fact, it ultimately did, 492 00:31:33,240 --> 00:31:36,520 Speaker 1: but it couldn't force theaters to play the interview because 493 00:31:36,520 --> 00:31:39,360 Speaker 1: Sony didn't own the theaters, and a lot of theaters 494 00:31:39,400 --> 00:31:41,600 Speaker 1: just didn't want to take then the risk without you know, 495 00:31:42,040 --> 00:31:44,960 Speaker 1: you know, and didn't become the company that potentially put 496 00:31:45,040 --> 00:31:49,680 Speaker 1: audiences in mortal peril or were associated with that desire. 497 00:31:50,200 --> 00:31:53,400 Speaker 1: A few theaters still had plans to show the interview, 498 00:31:54,040 --> 00:31:56,760 Speaker 1: but then, you know, Sony makes this decision, So then 499 00:31:56,760 --> 00:31:59,760 Speaker 1: those theaters announced that they would instead screen a print 500 00:31:59,840 --> 00:32:03,760 Speaker 1: of the film Team America World Police, which was made 501 00:32:03,760 --> 00:32:06,920 Speaker 1: in two thousand four and which features Kim jong Il, 502 00:32:07,320 --> 00:32:10,880 Speaker 1: Kim Jong UN's father as the antagonist of the movie. 503 00:32:11,120 --> 00:32:14,680 Speaker 1: And if you're not familiar with Team America World Police, 504 00:32:15,440 --> 00:32:17,760 Speaker 1: that was made by the creators of South Park, so 505 00:32:17,880 --> 00:32:22,240 Speaker 1: you probably get the gist of it. Anyway. Paramount Pictures 506 00:32:22,240 --> 00:32:25,040 Speaker 1: released a statement that said it was not going to 507 00:32:25,080 --> 00:32:28,480 Speaker 1: offer the film for redistribution, so it canceled those backup 508 00:32:28,520 --> 00:32:31,640 Speaker 1: plans as well. A couple of days later, President Obama 509 00:32:31,680 --> 00:32:34,320 Speaker 1: said that Sony really made a mistake canceling the release 510 00:32:34,360 --> 00:32:37,000 Speaker 1: of the film, And at this point, the general belief 511 00:32:37,040 --> 00:32:39,800 Speaker 1: was that the hack was directed by North Korea and 512 00:32:39,840 --> 00:32:44,000 Speaker 1: that capitulating to the demands was sending a bad international message, 513 00:32:44,320 --> 00:32:46,240 Speaker 1: and Sony was kind of in a tight spot on 514 00:32:46,280 --> 00:32:49,720 Speaker 1: this one. Following that, there was an escalation and rhetoric 515 00:32:49,920 --> 00:32:53,120 Speaker 1: between the United States government and North Korea, with the 516 00:32:53,200 --> 00:32:56,200 Speaker 1: US calling on North Korea to compensate Sony for the 517 00:32:56,280 --> 00:32:58,440 Speaker 1: losses that had suffered as a result of the attack. 518 00:32:59,080 --> 00:33:02,440 Speaker 1: North Korea continue you to deny involvement, but it did 519 00:33:02,480 --> 00:33:06,360 Speaker 1: extend an offer to help investigate the attack and both 520 00:33:06,400 --> 00:33:10,080 Speaker 1: countries leveled some veiled and not so veiled threats against 521 00:33:10,160 --> 00:33:14,400 Speaker 1: each other. On December, Sony announced it was in fact 522 00:33:14,440 --> 00:33:17,120 Speaker 1: going to release the interview on Christmas Day, both in 523 00:33:17,800 --> 00:33:20,400 Speaker 1: any theater that wanted to show it, as well as 524 00:33:20,600 --> 00:33:24,600 Speaker 1: video on demand. Sony got praise from the President for 525 00:33:24,640 --> 00:33:27,680 Speaker 1: this decision. And then the movie comes out and no 526 00:33:27,920 --> 00:33:31,320 Speaker 1: theaters are attacked, and for some media outlets, this was 527 00:33:31,400 --> 00:33:34,040 Speaker 1: the end of the story. But we actually have a 528 00:33:34,040 --> 00:33:36,640 Speaker 1: lot more to cover. But first we're gonna take another break. 529 00:33:44,080 --> 00:33:49,040 Speaker 1: So the Guardians of Peace, who the heck were slash? 530 00:33:49,320 --> 00:33:54,040 Speaker 1: Are they? There were six messages signed as though they 531 00:33:54,080 --> 00:33:57,000 Speaker 1: came from this group. One is generally thought to be 532 00:33:57,080 --> 00:34:00,000 Speaker 1: from someone else, a journalist who sent a hoax message, 533 00:34:00,800 --> 00:34:04,160 Speaker 1: and uh, you know, then, of course you have the 534 00:34:04,200 --> 00:34:07,640 Speaker 1: instance of the one message from the Gardens of Piece 535 00:34:07,680 --> 00:34:10,680 Speaker 1: that says a previous message was not written by them. 536 00:34:10,760 --> 00:34:15,319 Speaker 1: So maybe we just have four official messages. But who 537 00:34:15,400 --> 00:34:18,880 Speaker 1: sent them? Who was behind the attack? Different people have 538 00:34:18,920 --> 00:34:23,680 Speaker 1: different answers to that question, and they are contradictory answers. See, 539 00:34:23,680 --> 00:34:26,120 Speaker 1: there are a few different theories as to who was 540 00:34:26,200 --> 00:34:31,280 Speaker 1: behind the whole thing. Attribution is very hard with cybersecurity, 541 00:34:31,600 --> 00:34:33,640 Speaker 1: it is much easier to get a handle on what 542 00:34:33,840 --> 00:34:37,560 Speaker 1: damage was done than it is to definitively say this 543 00:34:37,680 --> 00:34:41,080 Speaker 1: is who was behind it. One story that tends to 544 00:34:41,120 --> 00:34:44,880 Speaker 1: be pitched is that the attacks were not particularly sophisticated, 545 00:34:45,239 --> 00:34:48,759 Speaker 1: largely because you know, Sony had such terrible security that 546 00:34:48,840 --> 00:34:52,520 Speaker 1: it actually didn't require a state backed military hacker group 547 00:34:52,560 --> 00:34:56,400 Speaker 1: to gain access, that it could have potentially been carried 548 00:34:56,400 --> 00:34:59,440 Speaker 1: out by amateurs. And since one of the big theories 549 00:34:59,520 --> 00:35:02,440 Speaker 1: was that it was a North Korea sponsored hacker group 550 00:35:02,719 --> 00:35:05,680 Speaker 1: that was to blame, this would cast some doubt on 551 00:35:05,760 --> 00:35:11,560 Speaker 1: that particular story. After all, anyone could infiltrate this system, 552 00:35:11,760 --> 00:35:14,000 Speaker 1: then there's no reason to suspect it was a really 553 00:35:14,080 --> 00:35:17,600 Speaker 1: well equipped, well funded, and highly trained group of hackers 554 00:35:17,640 --> 00:35:21,600 Speaker 1: that were to blame. But you get into some other elements, 555 00:35:22,000 --> 00:35:24,680 Speaker 1: each of which makes the actual difficulty of pulling off 556 00:35:24,719 --> 00:35:28,280 Speaker 1: the whole thing a little more steep if you assume 557 00:35:28,320 --> 00:35:31,719 Speaker 1: the attackers were not from North Korea. For one thing, 558 00:35:32,320 --> 00:35:34,920 Speaker 1: a lot of the stuff posted from the raid included 559 00:35:35,640 --> 00:35:38,640 Speaker 1: code that appeared to have been compiled on a machine 560 00:35:38,760 --> 00:35:42,040 Speaker 1: running in the Korean language. Now, as many people have 561 00:35:42,080 --> 00:35:45,280 Speaker 1: pointed out, that could just be a strategy to throw 562 00:35:45,320 --> 00:35:48,520 Speaker 1: investigators off the scent. You could have said it to 563 00:35:48,960 --> 00:35:51,120 Speaker 1: you know, the internal language of the computer to Korean 564 00:35:51,680 --> 00:35:53,520 Speaker 1: as a smoke screen, and it could just be a 565 00:35:53,560 --> 00:35:56,800 Speaker 1: red herring in order to shift the blame to North Korea. 566 00:35:57,000 --> 00:35:58,759 Speaker 1: Then there was the issue that some of the i 567 00:35:58,880 --> 00:36:02,239 Speaker 1: P addresses so seated with posting stuff about the raid 568 00:36:02,600 --> 00:36:06,279 Speaker 1: appeared to be originating from North Korea. And again you 569 00:36:06,400 --> 00:36:09,719 Speaker 1: can fake that. You can use tools to hide your 570 00:36:09,800 --> 00:36:13,439 Speaker 1: true i P address and substitute another one, and this 571 00:36:13,680 --> 00:36:16,759 Speaker 1: is not really that hard to do, but it's also 572 00:36:16,800 --> 00:36:19,920 Speaker 1: not exactly the sort of thing a really amateurish group 573 00:36:19,920 --> 00:36:23,680 Speaker 1: of hackers wouldn't necessarily think about. So my point is 574 00:36:23,719 --> 00:36:27,000 Speaker 1: that if we use critical thinking, we see that the 575 00:36:27,080 --> 00:36:31,680 Speaker 1: argument of anyone could have done this doesn't necessarily hold water, 576 00:36:31,840 --> 00:36:34,920 Speaker 1: simply because it would require a bit more thought and 577 00:36:35,040 --> 00:36:38,240 Speaker 1: effort put into it then a lot of folks would 578 00:36:38,280 --> 00:36:41,080 Speaker 1: typically manage. Now that's not to say that the North 579 00:36:41,160 --> 00:36:45,040 Speaker 1: Korea hypothesis is iron clad, but rather that dismissing it 580 00:36:45,080 --> 00:36:48,719 Speaker 1: out of hand is something we cannot do either. It's 581 00:36:48,719 --> 00:36:53,360 Speaker 1: certainly a huge challenge to make off with that much data. 582 00:36:54,040 --> 00:36:57,920 Speaker 1: If you're talking about actual terabytes of information? How do 583 00:36:57,960 --> 00:37:00,799 Speaker 1: you get that off of Sony's serves and into your 584 00:37:00,800 --> 00:37:04,839 Speaker 1: own grubby little hands without anyone noticing? Now, as I'm 585 00:37:04,840 --> 00:37:08,800 Speaker 1: sure you're aware, data transfer speeds hit a limit. Depending 586 00:37:08,880 --> 00:37:11,560 Speaker 1: upon the nature of your connection, you could have a 587 00:37:11,640 --> 00:37:15,239 Speaker 1: data throughput that would mean transferring a terrabyte could take 588 00:37:15,880 --> 00:37:19,160 Speaker 1: several hours or more than a day, depending on those speeds. 589 00:37:19,360 --> 00:37:22,360 Speaker 1: Higher bandwidth connections can do this a lot faster, but 590 00:37:22,440 --> 00:37:25,120 Speaker 1: you're still talking about a ton of data from a 591 00:37:25,120 --> 00:37:29,439 Speaker 1: lot of different Sony systems. This takes time. On top 592 00:37:29,440 --> 00:37:32,520 Speaker 1: of that. On the I T side over at Sony, 593 00:37:32,560 --> 00:37:36,120 Speaker 1: these kinds of transfers could potentially raise some red flags 594 00:37:36,160 --> 00:37:39,279 Speaker 1: if anyone is paying attention and I T admin could 595 00:37:39,280 --> 00:37:42,000 Speaker 1: see that amount of data transferring out of the company, 596 00:37:42,000 --> 00:37:44,480 Speaker 1: and they might have some questions, or they might at 597 00:37:44,560 --> 00:37:46,800 Speaker 1: least look into it to see what the heck Sony 598 00:37:46,920 --> 00:37:50,040 Speaker 1: is transferring and and to whom and why is that 599 00:37:50,120 --> 00:37:52,400 Speaker 1: much information going to a single place or or a 600 00:37:52,520 --> 00:37:56,600 Speaker 1: small group of IP addresses. Of course, it's possible that 601 00:37:56,760 --> 00:38:00,879 Speaker 1: no one even noticed, but another possibility. One the hypotheses 602 00:38:00,960 --> 00:38:03,880 Speaker 1: that some people put forward is that the hack was 603 00:38:04,000 --> 00:38:08,479 Speaker 1: at least in part an inside job. The story goes 604 00:38:08,960 --> 00:38:13,320 Speaker 1: that there was some Sony employee or maybe a former employee, 605 00:38:13,400 --> 00:38:17,640 Speaker 1: who had beef with the company. Maybe it was over salaries, 606 00:38:17,840 --> 00:38:19,920 Speaker 1: maybe it was over work conditions, maybe it was a 607 00:38:20,000 --> 00:38:23,799 Speaker 1: general culture issue or whatever. But this person then had 608 00:38:23,840 --> 00:38:27,160 Speaker 1: a plan to help some hackers get access to a 609 00:38:27,320 --> 00:38:31,239 Speaker 1: huge amount of data that could damage the company that 610 00:38:31,480 --> 00:38:35,880 Speaker 1: the employee hated oh so much. This narrative helps explain 611 00:38:35,960 --> 00:38:38,920 Speaker 1: how the hackers might have gained access to data without 612 00:38:38,960 --> 00:38:44,480 Speaker 1: anyone noticing, with someone perhaps literally transferring files onto drives 613 00:38:44,520 --> 00:38:48,399 Speaker 1: inside Sony and then just smuggling those drives out rather 614 00:38:48,480 --> 00:38:52,680 Speaker 1: than establishing some sort of external network connection with another computer. 615 00:38:53,200 --> 00:38:56,160 Speaker 1: Then at some point the hackers introduced the tools to 616 00:38:56,239 --> 00:39:00,719 Speaker 1: wipe those systems, which might have been done remotely or premises. 617 00:39:01,600 --> 00:39:06,359 Speaker 1: But that theory is a little iffy. I mean, it's 618 00:39:06,920 --> 00:39:10,360 Speaker 1: it's certainly possible. I don't know if I would go 619 00:39:10,400 --> 00:39:13,160 Speaker 1: so far as to say plausible. There were definitely Sony 620 00:39:13,160 --> 00:39:15,799 Speaker 1: employees who had beef with Sony. Sony was going through 621 00:39:15,840 --> 00:39:19,760 Speaker 1: layoffs in two thousand and fourteen, and morale at Sony 622 00:39:19,840 --> 00:39:25,080 Speaker 1: was pretty low. But it's it's challenging to see how 623 00:39:25,239 --> 00:39:27,719 Speaker 1: this kind of approach would also have hackers say, oh, 624 00:39:27,840 --> 00:39:31,239 Speaker 1: let's throw the sent off and cast the blame on 625 00:39:31,560 --> 00:39:37,200 Speaker 1: North Korea. Um Also, one of the arguments that supports 626 00:39:37,239 --> 00:39:42,600 Speaker 1: this is that the evidence that was dropped had a 627 00:39:42,640 --> 00:39:47,200 Speaker 1: particular harm towards Sony and was targeted specifically at Sony, 628 00:39:47,280 --> 00:39:50,719 Speaker 1: and that only people in the know in Hollywood would 629 00:39:50,760 --> 00:39:53,560 Speaker 1: know to drop that specific information. That I think is 630 00:39:53,600 --> 00:39:57,360 Speaker 1: a spurious argument because the information that was dropped was 631 00:39:57,400 --> 00:40:01,320 Speaker 1: in huge, huge chunks of data, and yes, there was 632 00:40:01,360 --> 00:40:06,520 Speaker 1: incredibly damaging stuff thrown in there, but it wasn't necessarily targeted, right. 633 00:40:06,600 --> 00:40:09,720 Speaker 1: It was more like the shotgun approach. Lots of little pellets, 634 00:40:09,800 --> 00:40:13,200 Speaker 1: some of which are hitting the target, but it I 635 00:40:13,280 --> 00:40:17,960 Speaker 1: don't know necessarily that the hackers had a deep appreciation 636 00:40:18,160 --> 00:40:21,520 Speaker 1: for which bits of information have potentially the biggest punch. 637 00:40:21,960 --> 00:40:25,359 Speaker 1: I think it was just that shotgun approach. Then there's 638 00:40:25,360 --> 00:40:28,800 Speaker 1: the theory that the hacks orchestrator wanted to hurt Sony 639 00:40:28,880 --> 00:40:31,759 Speaker 1: for financial gain, and this story says that the person 640 00:40:31,840 --> 00:40:35,200 Speaker 1: responsible maybe they wanted to short sell Sony stock. So 641 00:40:35,239 --> 00:40:37,560 Speaker 1: that's when you borrow stock in a in a specific 642 00:40:37,560 --> 00:40:40,880 Speaker 1: company from some other investor, you sell that stock at 643 00:40:40,920 --> 00:40:43,560 Speaker 1: whatever the current market value is, and then you wait. 644 00:40:43,840 --> 00:40:46,799 Speaker 1: Now you have to return the stocks you borrowed at 645 00:40:46,880 --> 00:40:50,440 Speaker 1: some specific deadline, but what you're hoping is that the 646 00:40:50,440 --> 00:40:53,400 Speaker 1: stock price will drop, So then you buy back the 647 00:40:53,440 --> 00:40:55,400 Speaker 1: shares you borrowed, but you do so at a lower 648 00:40:55,440 --> 00:40:59,000 Speaker 1: price and you get to keep the difference. Anyway, that 649 00:40:59,080 --> 00:41:01,840 Speaker 1: was another hypothesis as being thrown around, But the really 650 00:41:01,880 --> 00:41:05,160 Speaker 1: big one, the main one, the one that the FBI pushed, 651 00:41:05,680 --> 00:41:09,200 Speaker 1: was that North Korea directed a government funded hacker group 652 00:41:09,280 --> 00:41:12,480 Speaker 1: to conduct these attacks, and some of the evidence seemed 653 00:41:12,480 --> 00:41:14,480 Speaker 1: to point that way, such as the fact that, as 654 00:41:14,520 --> 00:41:18,200 Speaker 1: I said, the code was definitely compiled on machines that 655 00:41:18,280 --> 00:41:21,160 Speaker 1: were switched to the Korean language, and that some of 656 00:41:21,160 --> 00:41:24,000 Speaker 1: these IP addresses associated with the attack appeared to be 657 00:41:24,080 --> 00:41:28,040 Speaker 1: from Korea. While some security experts questioned the reliability of 658 00:41:28,080 --> 00:41:31,480 Speaker 1: the evidence cited by the FBI, the National Security Agency 659 00:41:31,600 --> 00:41:35,840 Speaker 1: or an essay, said it had more ironclad evidence that 660 00:41:35,880 --> 00:41:37,920 Speaker 1: supported the link to North Korea, but it was not 661 00:41:38,080 --> 00:41:41,719 Speaker 1: able to publicize what evidence was due to concerns about 662 00:41:41,800 --> 00:41:46,080 Speaker 1: national security, which then critics said was oh, isn't that convenient. 663 00:41:46,960 --> 00:41:49,440 Speaker 1: In two thousand eighteen, the U s Department of Justice 664 00:41:49,520 --> 00:41:52,960 Speaker 1: charged a man named Park Jin Yolk, who was believed 665 00:41:52,960 --> 00:41:55,920 Speaker 1: to be in North Korea, as being a responsible party 666 00:41:55,960 --> 00:41:59,640 Speaker 1: in several hacking attacks, among them the attack on Sony. 667 00:41:59,760 --> 00:42:02,240 Speaker 1: He was also charged with stealing more than eighty million 668 00:42:02,280 --> 00:42:05,759 Speaker 1: dollars from a bank in Bangladesh and being partly responsible 669 00:42:05,800 --> 00:42:08,759 Speaker 1: for the development and deployment of a famous piece of 670 00:42:08,840 --> 00:42:13,080 Speaker 1: ransomware called Wanna Cry. US officials said that a multi 671 00:42:13,160 --> 00:42:16,240 Speaker 1: year investigation led to the discovery that Park was one 672 00:42:16,280 --> 00:42:19,319 Speaker 1: of the hackers responsible for these attacks, and that he 673 00:42:19,400 --> 00:42:22,640 Speaker 1: belonged to a North Korean backed hacker organization called the 674 00:42:22,719 --> 00:42:26,440 Speaker 1: Lazarus Group. The officials said that Park had headed up 675 00:42:26,480 --> 00:42:30,279 Speaker 1: a company in China that posed as a legit tech company, 676 00:42:30,320 --> 00:42:33,120 Speaker 1: but it was in fact affront for this hacker group. 677 00:42:33,880 --> 00:42:36,160 Speaker 1: And from a code perspective, there seemed to be links 678 00:42:36,160 --> 00:42:39,440 Speaker 1: to the Lazarus Group, which was known to repurpose bits 679 00:42:39,440 --> 00:42:43,040 Speaker 1: of code in updated malware design, so they just would 680 00:42:43,040 --> 00:42:45,520 Speaker 1: reuse certain bits of code, and that was one way 681 00:42:45,520 --> 00:42:49,160 Speaker 1: that security researchers could say this either came from the 682 00:42:49,239 --> 00:42:51,840 Speaker 1: Lazarus Group or it came from someone who was taking 683 00:42:52,360 --> 00:42:55,480 Speaker 1: malware that was developed by the Lazarus Group and repurposing it, 684 00:42:55,880 --> 00:42:58,840 Speaker 1: and that this this code dates back to two thousand 685 00:42:58,960 --> 00:43:01,799 Speaker 1: nine in some cases, which suggests that the Lazarus Group 686 00:43:01,840 --> 00:43:04,480 Speaker 1: is kind of a long time actor in the hacking world. 687 00:43:05,160 --> 00:43:08,640 Speaker 1: North Korea, I should point out, denies that Park even exists, 688 00:43:09,120 --> 00:43:12,720 Speaker 1: But earlier this year, US federal prosecutors announced charges against 689 00:43:12,800 --> 00:43:17,160 Speaker 1: Park and two other North Korean citizens, Jong Chung Yolk 690 00:43:17,600 --> 00:43:22,040 Speaker 1: and Kim Ill with criminal conspiracy, conspiracy to commit wire fraud, 691 00:43:22,400 --> 00:43:26,279 Speaker 1: and bank fraud. And again, this is about more than 692 00:43:26,360 --> 00:43:29,799 Speaker 1: just sony pictures. These charges include claims that the three 693 00:43:29,800 --> 00:43:33,960 Speaker 1: set up fraudulent blockchain operations and defrauded targets of millions 694 00:43:34,000 --> 00:43:39,919 Speaker 1: of dollars. There is zero chance that these men will 695 00:43:39,960 --> 00:43:42,960 Speaker 1: ever have to face charges in the United States for 696 00:43:43,000 --> 00:43:45,560 Speaker 1: their crimes, because the United States and North Korea do 697 00:43:45,640 --> 00:43:51,600 Speaker 1: not have the sort of diplomatic relationship to extradite people 698 00:43:51,680 --> 00:43:54,680 Speaker 1: from one country to the other to stand trial for crimes. 699 00:43:55,120 --> 00:43:57,840 Speaker 1: That is just not where North Korea and the United 700 00:43:57,880 --> 00:44:02,879 Speaker 1: States are diplomatically, not by a long shot. So these 701 00:44:02,960 --> 00:44:06,160 Speaker 1: charges are you know, they're formal charges, but they're also 702 00:44:06,280 --> 00:44:10,640 Speaker 1: kind of paper threats because there's there's not any chance 703 00:44:11,440 --> 00:44:15,000 Speaker 1: that these three will stand trial for those crimes, and 704 00:44:15,280 --> 00:44:19,799 Speaker 1: so we're left with just the charges, and that is 705 00:44:19,920 --> 00:44:24,040 Speaker 1: very weak evidence for a lot of people, right like 706 00:44:24,400 --> 00:44:27,680 Speaker 1: it could just be they could argue it's a convenience 707 00:44:28,160 --> 00:44:31,000 Speaker 1: and that we don't really have the full or real 708 00:44:31,120 --> 00:44:34,560 Speaker 1: story about who was behind the Sony hack. So it's 709 00:44:34,560 --> 00:44:37,240 Speaker 1: one of those things that feeds into things like conspiracy theories, 710 00:44:37,239 --> 00:44:39,560 Speaker 1: because when you have a lack of information, people will 711 00:44:39,640 --> 00:44:44,400 Speaker 1: fill that gap in with speculation, and often they become 712 00:44:44,480 --> 00:44:48,640 Speaker 1: more and more certain that that speculation is fact. As 713 00:44:48,680 --> 00:44:52,799 Speaker 1: for me, I do not know who committed the Sony hack. 714 00:44:52,920 --> 00:44:57,799 Speaker 1: I honestly don't know. I'm inclined to think it was 715 00:44:57,840 --> 00:45:00,320 Speaker 1: North Korea. But at the same time, I must honest 716 00:45:00,360 --> 00:45:05,800 Speaker 1: and how clumsy the whole handling of it was it 717 00:45:05,800 --> 00:45:09,239 Speaker 1: it is also it's it's simultaneously easy and hard to 718 00:45:09,280 --> 00:45:12,560 Speaker 1: believe that it was North Korea. Um, but only because 719 00:45:12,600 --> 00:45:16,360 Speaker 1: of the lack of sophistication and how the aftermaths of 720 00:45:16,400 --> 00:45:19,439 Speaker 1: the attack was carried out. So I do not know, 721 00:45:19,800 --> 00:45:21,879 Speaker 1: and I'm not gonna put my money down on any 722 00:45:21,920 --> 00:45:24,719 Speaker 1: particular party at this point. I hope one day we 723 00:45:24,800 --> 00:45:28,040 Speaker 1: have a definitive answer and UH, and that we can 724 00:45:28,080 --> 00:45:31,239 Speaker 1: see exactly how this was carried out, why it was 725 00:45:31,320 --> 00:45:36,560 Speaker 1: carried out and UH, and more importantly, figure out how 726 00:45:36,600 --> 00:45:42,279 Speaker 1: to prevent future attacks, largely by practicing better security hygiene. 727 00:45:43,080 --> 00:45:45,880 Speaker 1: But that's it for this episode. Hope you enjoyed this. 728 00:45:46,360 --> 00:45:48,360 Speaker 1: If you have suggestions for topics I should cover in 729 00:45:48,360 --> 00:45:50,520 Speaker 1: future episodes of tech Stuff, please reach out to me. 730 00:45:51,040 --> 00:45:54,360 Speaker 1: The handle on Twitter is text stuff h s W 731 00:45:55,160 --> 00:46:03,720 Speaker 1: and I'll talk to you again release it. Text Stuff 732 00:46:03,800 --> 00:46:06,960 Speaker 1: is an I Heart Radio production. For more podcasts from 733 00:46:06,960 --> 00:46:10,759 Speaker 1: I Heart Radio, visit the i Heart Radio app, Apple Podcasts, 734 00:46:10,840 --> 00:46:12,840 Speaker 1: or wherever you listen to your favorite shows.