Sony is reportedly turning to defensive hacking to prevent its breached files from spreading after it was hit by hackers who leaked unreleased movies and employee data last month.
First, the company is flooding websites hosting stolen files with dummy content, unnamed sources told Re/code. That move makes it harder for users to know if they’re downloading real leaked Sony files. But that technique is nothing new — media companies often used it in the early days of file sharing to dissuade piracy in the dial-up era, when illegally downloading a movie was an hours-long affair.
The more interesting claim in re/code’s report is that Sony is using Distributed Denial of Service (DDoS) attacks against websites hosting stolen Sony files. Those attacks send bogus Internet traffic to a target server in hopes of slowing other users’ connections to a standstill.
DDoS attacks are easy from a technological standpoint. A hacker who wants to conduct one only needs control over a large number of computers, which they typically get from sneaking malware onto unsuspecting users’ machines. Still, that Sony could be attacking servers hosting its stolen stuff is significant in terms of understanding the company’s damage control strategy.
A recondite group of hackers that some have linked to North Korea have already published Sony Pictures Entertainment financial information, salaries, internal emails and feature films on file-sharing websites.