The Interview Film Led to North Korea Hacking Sony Pictures
The North Korea-focused film The Interview, which is due to be launched later this month, is thought to be the reason for Sony Pictures being hacked.Sony Pictures

It sounds like the plot from a spoof film.

North Korea hacks Hollywood studio because it was unhappy about the portrayal of the country in a new film.

But, that is exactly the theory being espoused by many following a sophisticated attack on Sony Pictures last week by a group of mysterious hackers who claim to have stolen huge amounts of sensitive data and "paralysed" the studio's internal systems.

But could this really be the reason for such a huge attack? Here's what we know so far:


Sony Pictures paralysed by hackers


Last week a printed notice was posted on the lifts at Sony Pictures headquarters in Golden Square, just off Regent's Street in central London.

It read:

Please do not log onto your PC equipment or company Wi-Fi until further notice

Sony Pictures Hacked by North Korea
Twitter/@JamesDeanTimes

The company initially told employees that it was having IT problems which would be sorted out soon, playing down the issue as nothing to worry about.

What quickly became clear was that there was a big problem and that the company's systems had been hacked by a mysterious group of hackers called themselves Guardians of Peace, or GOP.

The scale of the attack would only become clear over the weekend and into this week, as more information leaked out about the damage caused by the group of hackers.

Internal systems were "paralysed"; social media accounts were taken over; email and VPN services were switched off; and over the weekend the group published vast troves of sales and contract data spanning from 2008 to 2012.

But what could be most worrying for Sony Pictures is that GOP released preview copies of its films, showing the extent of the data it has stolen from the studio.

Sony Pictures GOP hack
The above image was shown on all Sony Pictures' computers.Business2Community

The hackers released preview copies of five films, including the up-coming remake of Annie; the unreleased Still Alive starring Julianne Moore; the recently-released World War 2 drama Fury starring Brad Pitt; and the highly-acclaimed Mr Turner starring Timothy Spall.

GOP says it has "tens of terabytes" of data taken from Sony Pictures' system, meaning there is likely to be a lot more to come.

Sony Pictures has called in the FBI and security experts Mandiant to help identify who is responsible and get its systems back up and running.


Why would North Korea want to hack Sony Pictures?


The answer is The Interview. A film which depicts a CIA plot to assassinate North Korean leader Kim Jong-Un and stars James Franco and Seth Rogen.

I've had pretty negative reactions to Seth Rogen films in the past, but taking down an entire Hollywood studio surely seems like an over-reaction?

Well, when you consider that the North Korean state media has already called the film "the most undisguised terrorism and a war action" and threatened "strong and merciless countermeasures" against the US and other nations if the film is released, then it no longer seems so far fetched.

The regime isn't really helping to pour cold water on the rumours, with a spokesperson refusing to deny involvement in the attack, simply saying: "The hostile forces are relating everything to the DPRK (North Korea). I kindly advise you to just wait and see."

Another reason North Korea is being blamed is the GOP hackers used "tools very similar to those used last year to attack South Korean television stations and ATMs," people briefed on the investigation told the Wall Street Journal.

South Korea blamed the 2013 attack on North Korea, which saw the systems of three TV stations and three banks all grind to a halt at exactly 2pm local time on 20 March.


Does North Korea have the skills to hack Sony Pictures?


As usual with all things North Korean, it is hard to say.

North Korea is widely thought to have developed a sophisticated, offensive cyber-army in recent times, with one report in July 2014 suggesting it had recently nearly doubled its cyber-warfare unit to 5,900 personnel.

Unit 121 is the special forces division of this cyber-army, and is reported to operate from a luxury hotel in Shenyang, China, which is owned by North Korea and located just three hours from the border.

North Korea is well known for not being connected to the internet, operating its own in-country intranet which gives citizens access to a very limited number of websites.

However, as HP points out in its 75-page report into North Korea's cyber-capabilities, this is an advantage as it allows Unit 121 to carry out offensive attacks against foreign networks, but limits the impact of attacks against them.

The FBI issued a "flash warning" to US businesses on Monday saying that "hackers have used malicious software to launch a destructive cyber-attack in the United States", marking the first major destructive cyber-attack waged against a company on US soil.

The memo didn't specifically mention Sony Pictures, but it is clear that this is the case being referred to.

The attack is clearly sophisticated and would need hackers of considerable skill to execute. North Korea has been shown to be pro-active when it comes to building up their cyber-capabilities and has even in the past been known to hire mercenary hackers to carry out attacks on their behalf.

Re/code is reporting that hackers based in China were responsible for carrying out the attack on North Korea's behalf, and as we have said, the ultra-secretive country is already thought to have a unit operating in that country.