Over a month ago, the “Guardians of Peace” hacking group began stealing sensitive information from Sony Pictures Entertainment, and crippling the company’s systems. Now, Sony is reportedly using Amazon Web Services, the online retailer’s cloud computing branch, to execute Denial of Service — or DoS — tactics to counterattack the hackers.
The hackers claim to have stolen nearly 100 terabytes (or 100,000 gigs) of data, and have been parceling out the files on public sharing sites like PasteBin. Consequently, Hollywood has been spun into a frenzy after the public has found out that Sony pays men more than it pays women, that it may have corrupt connections with news sources, and worse.
When individuals tried to access the fifth of the hackers’ dumps, they encountered bogus “seeds” — or computers — that sapped their software’s resources.
This DoS technique is similar to the one that was employed in the frontier days of file sharing, when the media company worked with anti-piracy firm MediaDefender, which populated file-sharing networks with decoy files labeled as movies to get users to spend hours downloading empty files. The idea was to frustrate them, and get them to turn to legitimate means of obtaining movies and music.
However, it was only a temporary fix. File-sharing sites became more sophisticated, and provided users with means to identify the decoys.
“In the early days of file sharing, Sony would contract Media Defender to populate file sharing sites with bogus data in order to dissuade and frustrate a general audience looking to illegally download movies/music,” says Jason of Sectorlink Operations. “This was semi-effective for a time, until improvements were made to the file sharing protocols, and basic social networking capabilities were introduced to file sharing index sites. In this case, Sony is trying to obfuscate a set of data from a more targeted audience. Ultimately, retaliatory-style attacks will be insufficient in order to fix the problem. It will need to be addressed by fixing the security vulnerabilities — both in the software, and in the user access control.”
Two insiders with direct knowledge on the matter came to tech news site Re/Code with the info, though Amazon have denied that such actions are being taken.
“The activity being reported is not currently happening on AWS (Amazon Web Service),” said Amazon in an emailed statement to Re/code.
However, Sony is using hundreds of computers in Asia to launch the counterattacks, and Amazon does have data centers in Tokyo and Singapore, so the counterattacks could be legitimate.