A top security researcher believes the massive Sony Pictures hack that froze the Hollywood studio's internal computer network couldn't have been avoided.
Kevin Mandia, founder of the Mandiant unit of the cybersecurity firm FireEye, told Sony CEO Michael Lynton that the attack was "unprecedented" and "unparalleled," suggesting that other companies could not have done better because the hack was executed deliberately to destroy Sony's systems.
"This attack is unprecedented in nature," says Mandia, who also heads the same team that was called in during the high-profile cyberattack on Target in 2013. "In fact, the scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public."
Mandia says that the malware used to infiltrate Sony's systems was undetectable by industry-standard antivirus programs, a fact which was confirmed by Joshua Campbell, spokesperson of the Federal Bureau of Investigation (FBI), which has joined the investigation into the hack.
"The bottom line is that this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared," Mandia says.
The latest development into the investigation reveals probers traced the hackers to a Thailand-based five-star luxury hotel. Bloomberg cites a person familiar with the matter who says the hackers were mooching off the high-speed Internet network of the St. Regis to leak troves of internal documents containing sensitive business information and personal data about thousands of Sony employees, including email exchanges between workers about medical treatments and romantic links between boss and employee. Five Sony films, four of which are officially unreleased, were also leaked to file-sharing websites for the pirates.
It was unclear, however, if the hackers were working in the lobby or in a guest room of the Rajdamri Road hotel. Investigators are also not discounting the possibility that the hackers could have taken advantage of the hotel's open network to hide among the hundreds of network users and work from a remote location.
The source, who spoke on condition of anonymity, also says that an Internet Protocol (IP) address used by the malware was linked back to the open network of an unnamed university in Thailand.
"There are many things Sony could have done to prepare and defend against this attack," says Daniel Clemens, CEO of boutique cybersecurity firm PacketNinjas.
Clemens says while the attack was unprecedented in nature, government investigation would reveal that Sony did not have the right security systems in place to guard against hackers.
Sony has long been the subject of high-profile attacks, the most recent of which happened earlier this year, when Sony's PlayStation Network was infiltrated by hackers who made away with the credit card information of more than 24 million customers.
It is unclear who is behind the current cyberattack, but sources say internal investigators are looking to North Korea for answers. The Pyongyang government has denied connections to the attack, although it says it is happy with the way things are going for Sony and believes the attack was launched by its "supporters and sympathizers."
North Korea was not pleased when Sony unveiled the trailer for a new Dec. 25 movie about the fictional assassination of its supreme leader Kim Jong-Un. In a letter addressed to the United Nations, North Korean representatives called the comedy, starring actors Seth Rogen and James Franco, an "act of war" and promised retaliation against anyone associated with the film.