clock menu more-arrow no yes mobile

Filed under:

Sony Hackers Leaked Movies to File-Sharing Sites

A North Korean connection is still being investigated, sources said.

Columbia TriStar

The devastating hacking attack against Sony Pictures Entertainment entered a new phase this weekend, after it was revealed that five unreleased Sony-made films have leaked onto file-sharing Internet sites; the studio confirmed that it is working with law enforcement to catch those responsible.

Variety reported Saturday that the videos were taken from so-called “screener” DVDs of five films, including at least four that haven’t yet been released. Among those leaked was “Fury,” a film focusing on a tank crew during World War II starring Brad Pitt released earlier this month. Another was “Annie,” a remake of the musical play starring Jamie Foxx, which is set to be released on December 19.

“The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it,” read a terse statement issued by a Sony spokeswoman. The company did not disclose which law enforcement agency it is working with, although the list of candidates includes the FBI and the U.S. Secret Service.

Other films leaked in the incident include: “Mr. Turner,” a biopic on the artist J.M.W. Turner, starring Timothy Spall, and set for release in the U.S. on December 19; “Still Alice,” a drama about Alzheimer’s disease starring Julianne Moore, based on a novel of the same name and set for release on January 15; and “To Write Love on Her Arms,” a film about the anti-suicide organization of the same name, starring Kat Dennings and set for release on March 15.

The studio and outside security consultants are still investigating the circumstances of the attack, as well as the tricky problem of figuring out who did it. As Re/code reported on Friday, Sony and outside security firms are also investigating the possibility that hackers working on behalf of the North Korean government, perhaps operating in China, may have carried out the attack.

North Korea has been critical of Sony’s forthcoming comedy film “The Interview” set to release next month. The film stars Seth Rogen and James Franco as two TV journalists who secure an interview with North Korea’s leader Kim Jong-Un and are later tapped by the CIA to assassinate him.

No firm evidence has yet emerged to tie North Korea to the breach, yet the timing suggests what one person familiar with Sony’s internal deliberations called “a high probability” of a connection to the country, but one that may ultimately prove impossible to definitively prove.

One common thread seen in previous attacks blamed on North Korea is the use of so-called wiping malware, which destroys the data stored on the hard drive of a targeted system. Wipers have been seen in attacks in South Korea attributed to North Korea dating back to 2009.

North Korea’s capabilities and intentions in the cyber-warfare arena are said to have grown in recent years, and it has been blamed in at least one high-visibility attack against its perennial enemy South Korea last year which idled the computer networks of two broadcast television networks and much of that country’s banking system.

A detailed report by the security research unit of computing giant Hewlett-Packard done earlier this year paints a picture of a nation determined to up its game on the cyber-warfare front. The HP report said the unit operates both in the North Korean capital city of Pyongyang, but another key command post is a hotel in Shenyang, the capital of China’s Liaoning Province, which borders North Korea.

Estimates vary as to the size and skill of North Korea’s cyber warfare capabilities, but its army is said to have a group known as Unit 121 that is dedicated to attacking the computer networks of its enemies. South Korea is said to have taken the potential of more attacks against its digital infrastructure from North Korea seriously, and has trained as many as 5,000 people to defend against it.

Specific details of the Sony attack and its effects have remained sketchy and anecdotal. Employees arriving for work Monday saw on their displays an ominous image bearing a skeleton and some text from a group calling itself the Guardians of Peace, or #GOP. On Friday, several sensitive corporate files began to leak to torrent sites. Lacking the computing infrastructure to carry out their day-to-day jobs, Sony Pictures employees were said to have resorted to using pens, paper, landline telephones and fax machines to get things done.

This article originally appeared on

Sign up for the newsletter Sign up for Vox Recommends

Get curated picks of the best Vox journalism to read, watch, and listen to every week, from our editors.