As data continues to pour out from the massive data heist suffered by Sony recently, much of the recent media coverage has included speculation regarding how the attackers might have gained access to Sony’s internal network and stolen all of that data. Confidential documents, emails and internal memos were all taken in the attack, and even studio materials like unreleased scripts and full-length movies were stolen.
It’s easy to imagine a room full of shady hackers surrounded by high-tech gear working tirelessly to penetrate Sony’s cyber defenses, having used a wide range of complex digital tools that are practically unrecognizable to most of us. But an investigation has revealed that the reality is far less dramatic.
In fact, it turns out the hackers used a shockingly simple method to gain access to Sony’s private network.
It was recently revealed that the United States is in possession of compelling evidence that suggests hackers with ties to North Korea were indeed responsible for the massive breach suffered by Sony. The attackers’ demand that Sony not release its new movie “The Interview” certainly indicated as much, but the U.S. now has evidence that confirms it.
“The Interview,” the theatrical release of which was ultimately cancelled by Sony earlier this week, is a movie in which James Franco and Seth Rogen conspire to kill North Korean leader Kim Jong-Un.
Of course, the Kim Jong-Un death scene that hackers didn’t want you to see has already “leaked,” and you can watch it right here.
The North Korean hackers stole gigabytes and gigabytes of data using sophisticated malware that was inserted deep inside Sony’s private network. But what complex digital attack did the hackers use to access the network in the first place?
As CNN noted in a new report, the answer to that question is painfully simple: They stole a single password that belonged to a high-level IT worker at Sony.
CNN spoke to unnamed government investigators on Thursday, and they discovered that a stolen password belonging to one of Sony’s system administrators gave hackers the “keys to the entire building,” granting them access and allowing them to plant malware that helped them steal additional data.
The full report is linked down in our source section, and a video report from CNN is embedded below.