Click to Skip Ad
Closing in...

How hackers hacked Sony

Published Dec 19th, 2014 9:45AM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

As data continues to pour out from the massive data heist suffered by Sony recently, much of the recent media coverage has included speculation regarding how the attackers might have gained access to Sony’s internal network and stolen all of that data. Confidential documents, emails and internal memos were all taken in the attack, and even studio materials like unreleased scripts and full-length movies were stolen.

It’s easy to imagine a room full of shady hackers surrounded by high-tech gear working tirelessly to penetrate Sony’s cyber defenses, having used a wide range of complex digital tools that are practically unrecognizable to most of us. But an investigation has revealed that the reality is far less dramatic.

In fact, it turns out the hackers used a shockingly simple method to gain access to Sony’s private network.

FROM EARLIER: Obama, Hollywood stars and more react to the cancellation of The Interview

It was recently revealed that the United States is in possession of compelling evidence that suggests hackers with ties to North Korea were indeed responsible for the massive breach suffered by Sony. The attackers’ demand that Sony not release its new movie “The Interview” certainly indicated as much, but the U.S. now has evidence that confirms it.

“The Interview,” the theatrical release of which was ultimately cancelled by Sony earlier this week, is a movie in which James Franco and Seth Rogen conspire to kill North Korean leader Kim Jong-Un.

Of course, the Kim Jong-Un death scene that hackers didn’t want you to see has already “leaked,” and you can watch it right here.

The North Korean hackers stole gigabytes and gigabytes of data using sophisticated malware that was inserted deep inside Sony’s private network. But what complex digital attack did the hackers use to access the network in the first place?

As CNN noted in a new report, the answer to that question is painfully simple: They stole a single password that belonged to a high-level IT worker at Sony.

CNN spoke to unnamed government investigators on Thursday, and they discovered that a stolen password belonging to one of Sony’s system administrators gave hackers the “keys to the entire building,” granting them access and allowing them to plant malware that helped them steal additional data.

The full report is linked down in our source section, and a video report from CNN is embedded below.

Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 15 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.