Whistleblower site WikiLeaks has published all of the content hackers stole from Sony Pictures Entertainment (SPE) in 2014. The site even set up a search feature so interested parties can wade through the 30,000 documents and 170,000 e-mails between actors and company executives.
In November, the White House alleged that North Korea's intelligence services had obtained and distributed a version of the archive in revenge for Sony’s pending release of "The Interview," a film depicting a future overthrow of the North Korean government and the assassination of its leader, Kim Jong-un. While some data was released at the time, the original archives, which were not searchable, were removed before the public and journalists were able to do more than scratch the surface.
"This archive shows the inner workings of an influential multinational corporation. It is newsworthy and at the center of a geo-political conflict,” said WikiLeaks editor-in-chief Julian Assange. “It belongs in the public domain. WikiLeaks will ensure it stays there." Sony could not immediately be reached for comment.
Sony Pictures has denounced the move by WikiLeaks, according to a report by Deadline.com. “The cyberattack on Sony Pictures was a malicious criminal act, and we strongly condemn the indexing of stolen employee and other private and privileged information on WikiLeaks,” a Sony spokesperson told Deadline.
"The attackers used the dissemination of stolen information to try to harm SPE and its employees, and now WikiLeaks regrettably is assisting them in that effort. We vehemently disagree with WikiLeaks’ assertion that this material belongs in the public domain and will continue to fight for the safety, security, and privacy of our company and its more than 6,000 employees,” the spokesperson added.
An Empty Envelope
We caught up with Mayer Mizrachi, CEO of e-mail security firm Criptext, to get his thoughts on the latest turn of events. He told us the story goes back to “poor Sony.” But this time, it’s also putting every lawyer, investor, producer, actor, client, vendor -- and anyone else who e-mailed Sony -- in the hot seat.
“This is why e-mail technology that allows e-mails to be recalled, without a trace, is imperative for all enterprises, but especially for companies like Sony, whose brand must be trusted to remain strong in the marketplace,” Mizrachi said.
Mizrachi explained that texts and attachments are stored security in the cloud -- not in the actual e-mail -- with the use of streaming e-mail technology. Essentially, that means the actual e-mail is just an empty envelope without the letter. The contents are streamed via a secure channel once the e-mail is opened.
A Game-Changer for Sony
“If Sony and its clients had this in place, the e-mail itself would only exist as a timestamped shell of a communication,” Mizrachi said. “All information within or attached could be recalled with the click of a button.”
Simply stated, streaming e-mail functions in the same way that streaming video does, like YouTube. When you watch a video on YouTube, or Hulu, or HBO GO, you are streaming it. It doesn't actually exist on your computer.
“Streaming encrypted data doesn't only make communications safer, but it also gives people unprecedented control over their information after it's been sent. This would've been a game-changer for Sony in terms of impact and costs incurred,” Mizrachi said. “Instead of an ongoing disaster, a quick recall of e-mails would've meant business as usual for Sony within a matter of days.”