(Bloomberg) -- Sony Pictures Entertainment security advisers believe the cyberattack on the company’s computer systems was the work of an organized group, Chief Executive Officer Michael Lynton said in an e-mail to his staff.
Lynton said the investigation into the attack, which has paralyzed the company’s computers for almost two weeks, is continuing. Responding to staff concerns about security, he passed on a message he received from Kevin Mandia, chief operating officer of FireEye Inc., the cybersecurity firm assisting Culver City, California-based Sony Pictures in its investigation.
Mandia described the attack on Sony Corp.’s film and television studio as unprecedented and said the malware used was undetectable by industry-standard antivirus software.
“This was an unparalleled and well planned crime, carried out by an organized group,” Mandia said in the e-mail, adding that neither Sony nor other companies “could have been fully prepared.”
Over the past week, a group calling itself “Guardians of Peace” paralyzed the U.S. unit’s computers and disseminated thousands of confidential documents. Some contained thousands of Social Security numbers of employees and celebrities and sucked in other firms such as the accounting firm Deloitte & Touche, which also as a result had pay information leaked.
Studio employees recently received an e-mail from the purported hackers, threatening their families and the studio. The e-mail, saying it’s from the head of the Guardians of Peace, calls on Sony employees to sign their names at an e-mail address. It says their families will be in danger if they don’t comply.
The studio said it’s aware of the threatening e-mail and is working with law enforcement. The Federal Bureau of Investigation said it’s aware of the situation.
A Sony internal investigation has linked the hacking to a group associated with North Korea known as DarkSeoul, according to a person familiar with the matter. DarkSeoul wiped out computers of South Korean banks and broadcasters in March 2013.
North Korean supporters may have carried out the attack, that country’s news agency said today, citing an unidentified spokesman at the National Defense Commission. While North Korea doesn’t know why Sony Pictures was targeted, it does know the company is producing a film that defames its leadership, state- run Korea Central News Agency cited the spokesman as saying.
Sony Pictures is due to release “The Interview” on Dec. 25, an R-rated Seth Rogen comedy about a plot to kill North Korean leader Kim Jong Un.
In June, North Korea promised to “mercilessly destroy” anyone associated with the film. The country’s government described the project as an “act of a war,” according to the BBC. An unnamed North Korean diplomat this week denied the government had any role in the hacking, Voice of America reported.
The e-mail to employees written in broken English made the hackers’ objective clear.
“Removing Sony Pictures on earth is a very tiny work for our group which is a worldwide organization,” according to the e-mail, reported yesterday by industry magazine Variety.
In 2011, Tokyo-based Sony experienced a cyberattack that took down its PlayStation Network. In the breach, criminals stole personal information for 77 million customers and cost the company $171 million.
Copyright 2017 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.