Sony Hackers Threaten A Media Organization And Others

The hackers who compromised Sony Pictures Entertainment’s servers, releasing private files and emails to the public which detailed everything from the personal, financial and medical data of present and past employees and much more, are now threatening a “news media organization,” according to a new report. That organization may be CNN, based on information posted on anonymous sharing site Pastebin.* (Or not: See update, below).

The Intercept today published a join memo from the FBI and the Department of Homeland Security it obtained which says the hacking group, known as the “Guardians of Peace,” have threatened to attack a U.S. new media organization, and the threat “may extend to other such organizations in the near future.”

The memo doesn’t state the news media organization by name, but instead references Pastebin messages that taunt both the FBI and “USPER2,” which is how the FBI’s memo referenced the news media organization. The memo only mentioned the news organization was mocked for the “‘quality’ of  their investigations,” and an additional threat was implied.

Further investigation by Matthew Keys at The Desk uncovered copies of messages posted to Pastebin on December 20th, which have since been removed. One message mocked CNN for its “investigation” into the Sony hack, and offered a gift in the form of a YouTube video entitled “you are an idiot!”

Google’s cache still hosts the Pastebin message in question, which reads in part:

The result of investigation by CNN is so excellent that you might have seen what we were doing with your own eyes.
We congratulate you success.
CNN is the BEST in the world.

The message ended with a demand that CNN “give us the Wolf,” which probably refers to CNN news anchor Wolf Blitzer, notes The Desk.

It’s unclear at this point how legitimate a threat this was (beyond being a “news organization” mentioned in the FBI memo, of course). And it’s also unclear if or how the FBI may have authenticated the above Pastebin message, or whether it’s attributed to the same group behind the Sony hack.*

The DHS and FBI memo concludes that “hacking groups have historically made exaggerated threat statements,” but still warns that federal, state and local governments’ cyber, counterterrorism and law enforcements, first responders, and private sector security partners “remain vigilant to threats of physical violence or cyber attacks.”

The FBI stated it believed North Korea was behind the attack on Sony Pictures, though some claim their evidence is flimsy. North Korea also denied it was involved. More recently, a report from a cybersecurity firm Norse Group states the hack appears to be an “inside job” involving disgruntled ex-employees.

The Guardians of Peace stole an estimated 100 terabytes of data from Sony’s servers, but the hack itself wasn’t very sophisticated. Sony’s technology infrastructure was poorly protected, and the company didn’t have sufficient password standards. Documents weren’t encrypted and top execs, including CEO Michael Lynton, were using very simple passwords – all things that were well outside industry best practices, it’s been said. Meanwhile, news organizations like CNN tend to be better protected, given they’re often the target of hacks, state-sponsored and otherwise.

Update: While the FBI memo does mention threats against a media organization, the Pastebin referencing CNN as a target could be a hoax.