St. Regis Bangkok traced to be source of Sony Pictures leak
Dec 7, 2014, 12:38 pm
#1
Original Poster
Join Date: Oct 2014
Programs: IHG Spire, Marriott
Posts: 574
St. Regis Bangkok traced to be source of Sony Pictures leak
According to Bloomberg, the source of the huge Sony Pictures leak has been traced to a five-star hotel in Thailand's capital. Leaching off of the St. Regis hotel's high-speed wi-fi, the hackers, currently believed the work of the North Korea-linked group DarkSeoul, carried out their devastating and embarrassing attack, leaking 47,000 SSNs and other sensitive information.
The source, who remains unnamed in Bloomberg's report, says it's currently unknown if the hack was carried in a guest room or in a public area. Cybersecurity experts traced the "digital footprints" of the hackers to this location though these same experts are not ruling out the possibility that the leak was carried out remotely and only taking advantage of the hotel's open network. Starwood Hotels & Resorts owns and operates the specific hotel that was used in the attack but has yet to issue any official statement regarding these claims.
Of course, the exact reasons why the attack occurred remains unclear, but it seems to be more a personal grudge than an attempt to make money, according to Bloomberg. Earlier today, North Korea denied allegations that they were involved but called the cyberattack a "righteous deed." If the these attacks are deemed state-sponsored, it would definitely be a page turner in the big book of cyber warfare.
Original Article: http://gizmodo.com/report-sony-leak-...tel-1667962977
Source: http://www.bloomberg.com/news/2014-1...hollywood.html
I can't believe the hack could originate from a hotel wifi, I always hated hotel internet speed, it's like trip to the stoneage
The source, who remains unnamed in Bloomberg's report, says it's currently unknown if the hack was carried in a guest room or in a public area. Cybersecurity experts traced the "digital footprints" of the hackers to this location though these same experts are not ruling out the possibility that the leak was carried out remotely and only taking advantage of the hotel's open network. Starwood Hotels & Resorts owns and operates the specific hotel that was used in the attack but has yet to issue any official statement regarding these claims.
Of course, the exact reasons why the attack occurred remains unclear, but it seems to be more a personal grudge than an attempt to make money, according to Bloomberg. Earlier today, North Korea denied allegations that they were involved but called the cyberattack a "righteous deed." If the these attacks are deemed state-sponsored, it would definitely be a page turner in the big book of cyber warfare.
Original Article: http://gizmodo.com/report-sony-leak-...tel-1667962977
Source: http://www.bloomberg.com/news/2014-1...hollywood.html
I can't believe the hack could originate from a hotel wifi, I always hated hotel internet speed, it's like trip to the stoneage
Last edited by miloworld; Dec 7, 2014 at 1:25 pm
Dec 7, 2014, 3:35 pm
#2
Join Date: Jan 2009
Location: BKK
Posts: 6,741
Starwood does not own the St. Regis Bangkok, or at least not entirely. It is a Minor property.
Last edited by MikeFromTokyo; Dec 8, 2014 at 6:46 am
Dec 7, 2014, 6:53 pm
#3
A FlyerTalk Posting Legend
Join Date: Apr 2004
Location: GVA (Greater Vancouver Area)
Programs: DREAD Gold; UA 1.035MM; Bonvoy Au-197; PCC Elite+; CCC Elite+; MSC C-12; CWC Au-197; WoH Dis
Posts: 52,139
Just think of the ads:
The Internet service favoured by professionals!
The Internet service favoured by professionals!
Dec 7, 2014, 7:34 pm
#4
Join Date: Feb 2003
Location: San Rafael, CA
Programs: Life SPG Plat, 7X NH DIA
Posts: 2,840
Wonder if they we Plats with complimentary access?
Dec 9, 2014, 5:45 pm
#5
Join Date: Apr 2009
Location: Naples Florida and San Diego, California
Programs: Delta Diamond, Starwood Platinum
Posts: 73
This story is a little personal for me as I checked into the St Regis about 20 minutes before the Sony download. I was probably online close to the time it happened.
Tho odd thing was during my time at the St Regis the performance of my Macbook Air began to degrade and finally completely stopped working five days later.
I am in Bali now and the best technician I can find says it is a hardware issue which would make it totally unrelated to the St Regis hack/download which I would like to think is true. I have been busy changing passwords just in case.
I don't know how these things work from a hackers standpoint. It could have been a guest but why check in with a passport unless you are really confident you won't be caught. The St Regis itself does not have a traditional lobby...more like lounges on the first floor. I suspect someone would be noticed sitting there at that time of night.
What I did notice is that my phone was still showing connected to the St Regis as far away at the BTS station [elevated transit system] which has to be a 200 feet from the hotel. Perhaps they sat outside the hotel and used the system.
Whatever happened I find myself newly concerned about internet security on hotel systems. Perhaps it is a good wakeup call for us as guests and Starwood itself.
Tho odd thing was during my time at the St Regis the performance of my Macbook Air began to degrade and finally completely stopped working five days later.
I am in Bali now and the best technician I can find says it is a hardware issue which would make it totally unrelated to the St Regis hack/download which I would like to think is true. I have been busy changing passwords just in case.
I don't know how these things work from a hackers standpoint. It could have been a guest but why check in with a passport unless you are really confident you won't be caught. The St Regis itself does not have a traditional lobby...more like lounges on the first floor. I suspect someone would be noticed sitting there at that time of night.
What I did notice is that my phone was still showing connected to the St Regis as far away at the BTS station [elevated transit system] which has to be a 200 feet from the hotel. Perhaps they sat outside the hotel and used the system.
Whatever happened I find myself newly concerned about internet security on hotel systems. Perhaps it is a good wakeup call for us as guests and Starwood itself.
Dec 9, 2014, 6:26 pm
#6
Join Date: Feb 2008
Location: In the air
Programs: Hyatt Globalist, Bonvoy LT Plat, Hilton Gold, GHA Tit, BA Gold, Turkish Elite
Posts: 8,717
It's good to know they have excellent wifi.
Dec 9, 2014, 6:35 pm
#7
FlyerTalk Evangelist
Join Date: May 2002
Location: Pittsburgh
Programs: MR/SPG LT Titanium, AA LT PLT, UA SLV, Avis PreferredPlus
Posts: 31,007
They must have awesome wifi, if CNN is correct in stating that over 100TB of data was stolen. Isn't that about a full week straight of 20Mbps download?
Dec 10, 2014, 12:47 am
#8
Original Poster
Join Date: Oct 2014
Programs: IHG Spire, Marriott
Posts: 574
My guess would be hacker group wasn't staying there and remotely accessed the network from outside, not sure how accurate when they mention Wifi though. Most tech savvy people won't be able to stand the slow guest internet, let alone seed 35gb of data.
Which made me think they did it from the back-end internet, which is unthrottled and could be a 1Gbps fiber connection. They could have tapped in easily if the hotel utilizes IPTV, IP Phone and sometimes business center computers.
Does this SR have the remote control tablet thing, it might be possible they're broadcasting a high speed in-house network and that's why the hackers chose this SR as their origin.
Which made me think they did it from the back-end internet, which is unthrottled and could be a 1Gbps fiber connection. They could have tapped in easily if the hotel utilizes IPTV, IP Phone and sometimes business center computers.
Does this SR have the remote control tablet thing, it might be possible they're broadcasting a high speed in-house network and that's why the hackers chose this SR as their origin.
Last edited by miloworld; Dec 10, 2014 at 12:54 am
Dec 10, 2014, 1:38 am
#9
Join Date: Feb 2008
Location: In the air
Programs: Hyatt Globalist, Bonvoy LT Plat, Hilton Gold, GHA Tit, BA Gold, Turkish Elite
Posts: 8,717
This sounds like a reasonably sophisticated hack and so it seems unlikely to me that they carried a 100TB capacity hard drive up to the wifi network and just downloaded. You'd instead normally use the St Regis wifi just to access the Internet from where you'd execute commands remotely for data from Sony Pictures to go to a server setup somewhere on a high bandwidth line.
Dec 10, 2014, 2:10 am
#10
Join Date: Oct 2000
Programs: UA Gold 1MM, Marriott Ambassador/Lifetime Titanium, Accor Silver, Club Carlson Gold, BW Diamond
Posts: 2,432