VR World

Sony Hack Attack Traced to Thailand Hotel

According to a new report from Bloomberg, investigators have determined the source of the crippling cyber attacks that struck Sony (TYO: 6758): it wasn’t a cyber command center in North Korea nor an intermediary in China, but rather a five-star hotel in Bangkok, Thailand.

Reports say that someone using the St.Regis’ WiFi — whether it was from a guest room or a public space like a lobby is yet to be determined — initiated the attack against Sony which saw a vast volume of the company’s private data (including unreleased films) leak to the web, in addition to effectively shutting down the networks in the office.

North Korea has not taken direct responsibility for the attack, but has gone as far as to call it a “noble deed”. Earlier reports say that the attack against Sony bears some resemblance to tactics used by the North Korean hacking group “Dark Seoul” which targeted broadcasters and financial institutions in South Korea in response to “aggression” against the North.

Sony has yet to release a dollar figure of the damages it has incurred from this hack attack, but that figure is sure to be high.

 

  • John Malone

    I live in Thailand.
    100% of Thai internet is behind government proxies and DNS hijacking. How can you trace an IP adress in Thailand when I for example can do a refresh on my browser and suddenly have another government proxy?

    Hotel WiFi? In Thai: We talk 16Mbit/1Mbit up that is shared by 10-20 hotel rooms. If someone for example stats to sync dropbox = nothing works since TCP/IP packets don’t have enough ACK bandwidh.

    Minimum requirement living in Thailand is a VPN. Maybe the “police” tracked the VPN server and backtracked the IP adress from the logs.

    BTW. They talk about 60000gig? data is stolen? How the FCSK can you download that from a network without anyone notice it? Even if the client have a fibre 1000Mbit connection it must take time?
    There I work: Every alarm bell would start to ring when suddenly enormous bandwidth is used to upload stuff to the extranet! Sony IT is not competent.

    (remember the PSN hack 4 years ago? A 5 year un patched SSH. Had they just had minimum patching rules the hack would not have happened. Something that is really easy to implement on Unix/Linux by distributed auto patching. Have existed at least 20 years.(