Skip to main content

Sony attacks torrents to prevent spread of stolen data

Sony attacks torrents to prevent spread of stolen data


FBI says November's hack was advanced enough to breach 90 percent of companies' defenses

Share this story

Sony Pictures, hit by a cyberattack that allowed hackers to steal sensitive data that includes financial documents, email transcripts, unreleased movies, and celebrity social security numbers, has reportedly borrowed a leaf from the hackers' books as it has begun to try to control the spread of its stolen documents.

Recode reports that locations sharing the data have become the target of attacks set in motion by Sony itself. According to two sources familiar with the matter, the company is using Amazon Web Services' data centers to flood the torrent files that contain the company's stolen information with bad seeders, in an attempt to slow download speeds and limit access to the sensitive files. Despite these efforts, the leakers have already adapted. This week, a number of torrents with Amazon Web Services trackers had comments indicating that the files were traps laid by Sony, and the latest information dump, released on Wednesday, was able to dodge the targeted attacks by using a different filename. "AWS employs a number of automated detection and mitigation techniques to prevent the misuse of our services," an Amazon representative said in a statement. "The activity being reported is not currently happening on AWS."

The attack was so sophisticated it would "challenge even state government" security

Earlier this week, the assistant director of the FBI's cyberdivision said that the attack, which took place on November 24th, was sophisticated enough to breach 90 percent of internet defenses, Joe Demarest, speaking at a cybersecurity conference, said that the attack was so advanced that it would have been "likely to challenge even state government" network security.

The FBI briefed Sony employees this week

Despite strong links suggesting that North Korean hackers were behind the attack, Demarest said that the FBI was still unable to determine who was responsible for breaking into Sony Pictures' network. The malware used by the group behind the hack, which calls itself the "Guardians of Peace," was written in Korean, and the method of attack bears resemblances to earlier attacks orchestrated by the totalitarian state.The country's government has denied involvement, but has shown approval for the strike, calling it "a righteous deed."

Sony Pictures has called in outside help to combat the effects of the attack, scheduling a briefing between Sony employees and the FBI to take place this week, and hiring security forensics company Mandiant to investigate the breach. Kevin Mandia, Mandiant's CEO, said last weekend that the attack was an "unprecedented" strike for which Sony Pictures nor other companies "could have been fully prepared."

12/11 5:01pm: Updated to include comment from Amazon Web Services