HOME

TheInfoList



OR:

On November 24, 2014, a hacker group identifying itself as " Guardians of Peace" leaked a release of confidential data from the film studio
Sony Pictures Sony Pictures Entertainment Inc. (commonly known as Sony Pictures or SPE, and formerly known as Columbia Pictures Entertainment, Inc.) is an American diversified multinational mass media and entertainment studio Conglomerate (company), conglom ...
Entertainment (SPE). The data included personal information about Sony Pictures employees and their families, emails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, plans for future Sony films, scripts for certain films, and other information. The perpetrators then employed a variant of the
Shamoon Shamoon ( fa, شمعون), also known as W32.DistTrack, is a modular computer virus that was discovered in 2012, targeting then-recent 32-bit NT kernel versions of Microsoft Windows. The virus was notable due to the destructive nature of the atta ...
wiper malware to erase Sony's computer infrastructure. During the hack, the group demanded that Sony withdraw its then-upcoming film '' The Interview'', a comedy about a plot to assassinate North Korean leader Kim Jong-un, and threatened terrorist attacks at cinemas screening the film. After many major U.S. theater chains opted not to screen ''The Interview'' in response to these threats, Sony chose to cancel the film's formal premiere and mainstream release, opting to skip directly to a downloadable digital release followed by a limited theatrical release the next day. United States intelligence officials, after evaluating the software, techniques, and network sources used in the hack, concluded that the attack was sponsored by the government of North Korea, which has since denied all responsibility.


Hack and perpetrators

The exact duration of the hack is yet unknown. U.S. investigators say the culprits spent at least two months copying critical files. A purported member of the Guardians of Peace (GOP) who has claimed to have performed the hack stated that they had access for at least a year prior to its discovery in November 2014, according to ''
Wired ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fran ...
''. The hackers involved claim to have taken more than 100 terabytes of data from Sony, but that claim has never been confirmed. The attack was conducted using malware. Although Sony was not specifically mentioned in its advisory, US-CERT said that attackers used a Server Message Block (SMB) Worm Tool to conduct attacks against a major entertainment company. Components of the attack included a listening implant, backdoor, proxy tool, destructive hard drive tool, and destructive target cleaning tool. The components clearly suggest an intent to gain repeated entry, extract information, and be destructive, as well as remove evidence of the attack. Sony was made aware of the hack on Monday, November 24, 2014, as the malware previously installed rendered many Sony employees' computers inoperable by the software, with the warning by a group calling themselves the Guardians of Peace, along with a portion of the confidential data taken during the hack. Several Sony-related Twitter accounts were also taken over. This followed a message that several Sony Pictures executives had received via email on the previous Friday, November 21; the message, coming from a group called "God'sApstls" , demanded "monetary compensation" or otherwise, "Sony Pictures will be bombarded as a whole". This email message had been mostly ignored by executives, lost in the volume they had received or treated as spam email. In addition to the activation of the malware on November 24, the message included a warning for Sony to decide on their course of action by 11:00p.m. that evening, although no apparent threat was made when that deadline passed. In the days following this hack, the Guardians of Peace began leaking yet-unreleased films and started to release portions of the confidential data to attract the attention of social media sites, although they did not specify what they wanted in return. Sony quickly organized internal teams to try to manage the loss of data to the Internet, and contacted the FBI and the private security firm FireEye to help protect Sony employees whose personal data was exposed by the hack, repair the damaged computer infrastructure and trace the source of the leak. The first public report concerning a North Korean link to the attack was published by ''
Re/code ''Recode'' (formerly ''Re/code'') is a technology news website that focused on the business of Silicon Valley. Walt Mossberg and Kara Swisher founded it in January 2014, after they left Dow Jones and the similar website they had previously ...
'' on November 28 and later confirmed by NBC News. On December 8, 2014, alongside the eighth large data dump of confidential information, the Guardians of Peace threatened Sony with language relating to the September 11 attacks that drew the attention of U.S. security agencies. North Korean state-sponsored hackers are suspected by the United States of being involved in part due to specific threats made toward Sony and movie theaters showing '' The Interview'', a comedy film about an assassination attempt against Kim Jong-un. North Korean officials had previously expressed concerns about the film to the
United Nations The United Nations (UN) is an intergovernmental organization whose stated purposes are to maintain international peace and security, develop friendly relations among nations, achieve international cooperation, and be a centre for harmonizi ...
, stating that "to allow the production and distribution of such a film on the assassination of an incumbent head of a sovereign state should be regarded as the most undisguised sponsoring of terrorism as well as an act of war." In its first quarter financials for 2015, Sony Pictures set aside $15 million to deal with ongoing damages from the hack. Sony has bolstered its cyber-security infrastructure as a result, using solutions to prevent similar hacks or data loss in the future. Sony co-chairperson
Amy Pascal Amy Beth Pascal (born March 25, 1958) is an American film producer and business executive. She served as the Chairperson of the Motion Pictures Group of Sony Pictures Entertainment (SPE) and Co-Chairperson of SPE, including Sony Pictures Televis ...
announced in the wake of the hack that she would step down as of May 2015, and instead will become more involved with film production under Sony.


Information obtained

According to a notice letter dated December 8, 2014, from SPE to its employees, SPE learned on December 1, 2014, that personally identifiable information about employees and their dependents may have been obtained by unauthorized individuals as a result of a "brazen cyber-attack", including names, addresses,
Social Security number In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents under section 205(c)(2) of the Social Security Act, codified as . The number is issued t ...
s and financial information. On December 7, 2014, C-SPAN reported that the hackers stole 47,000 unique Social Security numbers from the SPE computer network. Although personal data may have been stolen, early news reports focused mainly on celebrity gossip and embarrassing details about Hollywood and film industry business affairs gleaned by the media from electronic files, including private email messages. Among the information revealed in the emails was that Sony CEO Kazuo Hirai pressured Sony Pictures co-chairwoman Amy Pascal to "soften" the assassination scene in ''The Interview''. Many details relating to the actions of the Sony Pictures executives, including Pascal and Michael Lynton, were also released, in a manner that appeared to be intended to spur distrust between these executives and other employees of Sony. Other emails released in the hack showed Pascal and Scott Rudin, a film and theatrical producer, discussing
Angelina Jolie Angelina Jolie (; born Angelina Jolie Voight; June 4, 1975) is an American actress, filmmaker, humanitarian and former Special Envoy to the UN High Commissioner for Refugees. The recipient of numerous accolades, including an Academy Award ...
. In the emails, Rudin referred to Jolie as "a minimally talented spoiled brat" because Jolie wanted David Fincher to direct her film ''Cleopatra'', which Rudin felt would interfere with Fincher directing a planned film about Steve Jobs. Pascal and Rudin were also noted to have had an email exchange about Pascal's upcoming encounter with
Barack Obama Barack Hussein Obama II ( ; born August 4, 1961) is an American politician who served as the 44th president of the United States from 2009 to 2017. A member of the Democratic Party, Obama was the first African-American president of the U ...
that included characterizations described as racist, which led to Pascal's resignation from Sony.Mike Fleming, Jr.
Scott Rudin Apologizes After Leak Of Sony’s Hacked Racially Insensitive E-Mails On Barack Obama
'' Deadline Hollywood'', December 11, 2014
Variety Staff
Sony’s Amy Pascal Apologizes for Obama Emails
'' Variety'', December 11, 2014
Christopher Rosen
Scott Rudin & Amy Pascal Apologize After Racially Insensitive Emails About Obama Leak
'' The Huffington Post'', December 11, 2014
The two had suggested they should mention films about African-Americans upon meeting the president, such as ''
Django Unchained ''Django Unchained'' () is a 2012 American revisionist Western film written and directed by Quentin Tarantino, starring Jamie Foxx, Christoph Waltz, Leonardo DiCaprio, Kerry Washington, and Samuel L. Jackson, with Walton Goggins, Dennis C ...
'', ''
12 Years a Slave ''Twelve Years a Slave'' is an 1853 memoir and slave narrative by American Solomon Northup as told to and written by David Wilson. Northup, a black man who was born free in New York state, details himself being tricked to go to Washington, D.C., ...
'' and ''
The Butler ''The Butler'' (full title ''Lee Daniels' The Butler'') is a 2013 American historical drama film directed and co-produced by Lee Daniels and with a screenplay by Danny Strong. It is inspired by Wil Haygood's '' Washington Post'' article "A B ...
'', all of which depict slavery in the United States or the pre-civil rights era. Pascal and Rudin later apologized. Details of lobbying efforts by politician Mike Moore on behalf of the
Digital Citizens Alliance The Digital Citizens Alliance is a United States non-profit organization focused on Internet safety issues. It releases reports focused on malware, credit card theft, online drug sales to teens, piracy, and overall Internet consumer safety. In 201 ...
and
FairSearch FairSearch is a group of organizations that lobby against Google's market dominance in online search and related practices. The group is controlled by Oracle and Naspers executives and has been characterized as a consumer protection organization, a ...
against Google were also revealed. The leak revealed multiple details of behind-the-scenes politics on
Columbia Pictures Columbia Pictures Industries, Inc. is an American film production studio that is a member of the Sony Pictures Motion Picture Group, a division of Sony Pictures Entertainment, which is one of the Big Five studios and a subsidiary of the mult ...
' current ''Spider-Man'' film series, including emails between Pascal and others to various heads of Marvel Studios. Due to the outcry from fans, the Spider-Man license was eventually negotiated to be shared between both studios. In addition to the emails, a copy of the screenplay for the ''James Bond'' film ''
Spectre Spectre, specter or the spectre may refer to: Religion and spirituality * Vision (spirituality) * Apparitional experience * Ghost Arts and entertainment Film and television * ''Spectre'' (1977 film), a made-for-television film produced and wri ...
'', released in 2015, was obtained. Several future Sony Pictures films, including '' Annie'', ''
Mr. Turner ''Mr. Turner'' is a 2014 biographical drama film based on the last 25 years of the life of artist J. M. W. Turner (1775–1851). Written and directed by Mike Leigh, the film stars Timothy Spall in the title role, with Dorothy Atkinson, Paul J ...
'', '' Still Alice'' and ''
To Write Love on Her Arms To Write Love on Her Arms (TWLOHA) is an American nonprofit organization that aims to present hope for people struggling with addiction, depression, self-injury and thoughts of suicide, while also investing in treatment and recovery. Based in ...
'', were also leaked. The hackers intended to release additional information on December 25, 2014, which coincided with the release date of ''The Interview'' in the United States. According to '' The Daily Dot'', based on the email leaks, while he was at Sony, executive Charles Sipkins was responsible for following senior executives' orders to edit Wikipedia articles about them. In December 2014, former Sony Pictures Entertainment employees filed four lawsuits against the company for not protecting their data that was released in the hack, which included Social Security numbers and medical information. As part of the emails, it was revealed that Sony was in talks with Nintendo to make an
animated film Animation is a method by which still figures are manipulated to appear as moving images. In traditional animation, images are drawn or painted by hand on transparent celluloid sheets to be photographed and exhibited on film. Today, most anim ...
based on the '' Super Mario Bros.'' series (which came to fruition 4 years later, albeit under
Universal Universal is the adjective for universe. Universal may also refer to: Companies * NBCUniversal, a media and entertainment company ** Universal Animation Studios, an American Animation studio, and a subsidiary of NBCUniversal ** Universal TV, a t ...
and Illumination instead of Sony, and is currently slated for a 2023 release). In January 2015, details were revealed of the MPAA's lobbying of the
United States International Trade Commission The United States International Trade Commission (USITC or I.T.C.) is an agency of the United States federal government that advises the legislative and executive branches on matters of trade. It is an independent, bipartisan entity that analyze ...
to mandate U.S. ISPs either at the internet transit level or consumer level internet service provider, to implement
IP address blocking IP address blocking, or IP banning, is a configuration of a network service that blocks requests from hosts with certain IP addresses. IP address blocking is commonly used to protect against brute force attacks and to prevent access by a disrup ...
pirate websites as well as linking websites.
WikiLeaks WikiLeaks () is an international non-profit organisation that published news leaks and classified media provided by anonymous sources. Julian Assange, an Australian Internet activist, is generally described as its founder and director and ...
published over 30,000 documents that were obtained via the hack in April 2015, with founder Julian Assange stating that the document archive "shows the inner workings of an influential multinational corporation" that should be made public. In November 2015, after
Charlie Sheen Carlos Irwin Estévez (born September 3, 1965), known professionally as Charlie Sheen, is an American actor. He has appeared in films such as ''Platoon'' (1986), ''Wall Street'' (1987), '' Young Guns'' (1988), '' The Rookie'' (1990), ''The Thr ...
revealed he was HIV positive in a television interview to
Matt Lauer Matthew Todd Lauer (; born December 30, 1957) is an American former television news personality, best known for his work with NBC News. After serving as a local news personality in New York City on WNBC, his first national exposure was as the ne ...
, it was revealed that information about his diagnosis was leaked in an email between senior Sony bosses dated March 10, 2014. In December,
Snap Inc. Snap Inc. is an American camera and social media company, founded on September 16, 2011, by Evan Spiegel, Bobby Murphy, and Reggie Brown based in Santa Monica, California. The company developed and maintains technological products and services, ...
, due to the hack, was revealed to have acquired Vergence Labs for $15 million in cash and stock, the developers of
Epiphany Eyewear Epiphany Eyewear are smartglasses developed by Vergence Labs. The glasses record video stored within the glasses' hardware for live-stream upload to a computer or social media. The glasses use smartphone technology. The head mounted display is a ...
, and mobile app Scan for $150 million.


Threats surrounding ''The Interview''

On December 16, for the first time since the hack, the "Guardians of Peace" mentioned the then-upcoming film ''The Interview'' by name, and threatened to take terrorist actions against the film's New York City premiere at Sunshine Cinema on December 18, as well as on its American wide release date, set for December 25. Sony pulled the theatrical release the following day. Seth Rogen and James Franco, the stars of ''The Interview'', responded by saying they did not know if it was definitely caused by the film, but later canceled all media appearances tied to the film outside of the planned New York City premiere on December 16, 2014. Following initial threats made towards theaters that would show ''The Interview'', several theatrical chains, including
Carmike Cinemas Carmike Cinemas was a motion picture exhibitor headquartered in Columbus, Georgia. As of March 2016, the company had 276 theaters with 2,954 screens in 41 states, and was the fourth largest movie theater chain in the United States. The company ...
, Bow Tie Cinemas, Regal Entertainment Group, Showcase Cinemas,
AMC Theatres AMC Entertainment Holdings, Inc. ( d/b/a AMC Theatres, originally an abbreviation for American Multi-Cinema; often referred to simply as AMC and known in some countries as AMC Cinemas or AMC Multi-Cinemas) is an American movie theater chain fo ...
,
Cinemark Theatres Cinemark Holdings, Inc. (stylized as CineMark from 1998 to 2022 and CINEMARK since 2022) is an American movie theater chain that started operations in 1984 and since then it has operated theaters with hundreds of locations throughout the America ...
, as well as several independent movie theater owners announced that they would not screen ''The Interview''. The same day, Sony stated that they would allow theaters to opt out of showing ''The Interview'', but later decided to fully pull the national December 25 release of the film, as well as announce that there were "no further release plans" to release the film on any platform, including home video, in the foreseeable future. On December 18, two messages (both allegedly from the Guardians of Peace) were released. One, sent in a private message to Sony executives, stated that they would not release any further information if Sony never releases the film and removed its presence from the internet. The other, posted to Pastebin, a web application used for text storage that the Guardians of Peace have used for previous messages, stated that the studio had "suffered enough" and could release ''The Interview'', but only if Kim Jong-un's death scene was not "too happy". The post also stated that the company cannot "test
hem A hem in sewing is a garment finishing method, where the edge of a piece of cloth is folded and sewn to prevent unravelling of the fabric and to adjust the length of the piece in garments, such as at the end of the sleeve or the bottom of the ga ...
again", and that "if ony Picturesmakes anything else,
hey Hey or Hey! may refer to: Music * Hey (band), a Polish rock band Albums * ''Hey'' (Andreas Bourani album) or the title song (see below), 2014 * ''Hey!'' (Julio Iglesias album) or the title song, 1980 * ''Hey!'' (Jullie album) or the title ...
will be here ready to fight". President Barack Obama, in an end-of-year press speech on December 19, commented on the Sony hacking and stated that he felt Sony made a mistake in pulling the film, and that producers should "not get into a pattern where you are intimidated by these acts". He also said, "We will respond proportionally and we will respond in a place and time and manner that we choose." In response to President Obama's statement, Sony Entertainment's CEO
Michael Lynton Michael Mark Lynton (born January 1, 1960) is a businessman and current chairman of Snap Inc. He previously served as chairman and chief executive of Sony Pictures Entertainment. In 2017, Lynton stepped down as CEO of Sony Entertainment to becom ...
said on the
CNN CNN (Cable News Network) is a multinational cable news channel headquartered in Atlanta, Georgia, U.S. Founded in 1980 by American media proprietor Ted Turner and Reese Schonfeld as a 24-hour cable news channel, and presently owned by t ...
program '' Anderson Cooper 360'' that the public, the press and the President misunderstood the events. Lynton said the decision to cancel the wide release was in response to a majority of theaters pulling their showings and not to the hackers' threats. Lynton stated that they would seek other options to distribute the film in the future, and noted "We have not given in. And we have not backed down. We have always had every desire to have the American public see this movie." On December 23, Sony opted to authorize approximately 300 mostly-independent theaters to show ''The Interview'' on Christmas Day, as the four major theater chains had yet to change their earlier decision not to show the film."''The Interview'': Obama hails move to screen North Korea film."
''
BBC #REDIRECT BBC Here i going to introduce about the best teacher of my life b BALAJI sir. He is the precious gift that I got befor 2yrs . How has helped and thought all the concept and made my success in the 10th board exam. ...
''. Retrieved December 24, 2014.
The FBI worked with these theaters to detail the specifics of the prior threats and how to manage security for the showings, but noted that there was no actionable intelligence on the prior threats. Sony's Lynton stated on the announcement that "we are proud to make it available to the public and to have stood up to those who attempted to suppress free speech". ''The Interview'' was also released to Google Play, Xbox Video, and YouTube on December 24. No incidents predicated by the threats occurred with the release, and instead, the unorthodox release of the film led to it being considered a success due to increased interest in the film following the attention it had received. On December 27, the North Korean
National Defence Commission The National Defence Commission of the Democratic People's Republic of Korea (NDC) () was the highest state institution for military and national defence leadership in North Korea, which also served as the highest governing institution of the cou ...
released a statement accusing Obama of being "the chief culprit who forced the Sony Pictures Entertainment to indiscriminately distribute the movie."


U.S. accusations and formal charges against North Korea

U.S. government officials stated on December 17, 2014 their belief that the North Korean government was "centrally involved" in the hacking, although there was initially some debate within the White House whether or not to make this finding public. White House officials treated the situation as a "serious national security matter", and the Federal Bureau of Investigation (FBI) formally stated on December 19 that they connected the North Korean government to the cyber-attacks. Including undisclosed evidence, these claims were made based on the use of similar malicious hacking tools and techniques previously employed by North Korean hackers—including North Korea's cyberwarfare agency
Bureau 121 Bureau 121 is a North Korean cyberwarfare agency, and the main unit of the Reconnaissance General Bureau of North Korea's military. It conducts offensive cyber operations, including espionage and cyber-enabled finance crime. According to Ame ...
on South Korean targets. According to the FBI: * " technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korea previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks. *"The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack. The FBI later clarified that the source IP addresses were associated with a group of North Korean businesses located in Shenyang in northeastern China. *"Separately, the tools used in the SPE attack have similarities to a cyber-attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea." The FBI later clarified more details of the attacks, attributing them to North Korea by noting that the hackers were "sloppy" with the use of proxy IP addresses that originated from within North Korea. At one point the hackers logged into the Guardians of Peace Facebook account and Sony's servers without effective concealment. FBI Director
James Comey James Brien Comey Jr. (; born December 14, 1960) is an American lawyer who was the seventh director of the Federal Bureau of Investigation (FBI) from 2013 until his dismissal in May 2017. Comey was a registered Republican for most of his adul ...
stated that Internet access is tightly controlled within North Korea, and as such, it was unlikely that a third party had hijacked these addresses without allowance from the North Korean government. The National Security Agency assisted the FBI in analyzing the attack, specifically in reviewing the malware and tracing its origins; NSA director Admiral Michael Rogers agreed with the FBI that the attack originated from North Korea. A disclosed NSA report published by '' Der Spiegel'' stated that the agency had become aware of the origins of the hack due to their own cyber-intrusion on North Korea's network that they had set up in 2010, following concerns of the technology maturation of the country. The North Korean news agency
KCNA The Korean Central News Agency (KCNA) is the state news agency of North Korea. The agency portrays the views of the North Korean government for both domestic and foreign consumption. It was established on December 5, 1946 and now features onlin ...
denied the "wild rumours" of North Korean involvement, but said that "The hacking into the SONY Pictures might be a righteous deed of the supporters and sympathizers with the DPRK in response to its appeal." North Korea offered to be part of a joint probe with the United States to determine the hackers' identities, threatening consequences if the United States refused to collaborate and continued the allegation. The U.S. refused and asked China for investigative assistance instead. Some days after the FBI's announcement, North Korea temporarily suffered a nationwide Internet outage, which the country claimed to be the United States' response to the hacking attempts. On the day following the FBI's accusation of North Korea's involvement, the FBI received an email purportedly from the hacking group, linking to a YouTube video entitled "you are an idiot!", apparently mocking the organization. On December 19, 2014, U.S. Secretary of Homeland Security
Jeh Johnson Jeh Charles Johnson ( "Jay"; born September 11, 1957) is an American lawyer and former government official. He was United States Secretary of Homeland Security from 2013 to 2017. From 2009 to 2012, Johnson was the general counsel of the Departm ...
released a statement saying, "The cyber attack against Sony Pictures Entertainment was not just an attack against a company and its employees. It was also an attack on our freedom of expression and way of life." He encouraged businesses and other organizations to use the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST) to assess and limit cyber risks and protect against cyber threats. On the same day,
U.S. Secretary of State The United States secretary of state is a member of the executive branch of the federal government of the United States and the head of the U.S. Department of State. The office holder is one of the highest ranking members of the president's C ...
John Kerry John Forbes Kerry (born December 11, 1943) is an American attorney, politician and diplomat who currently serves as the first United States special presidential envoy for climate. A member of the Forbes family and the Democratic Party, he p ...
published his remarks condemning North Korea for the cyber-attack and threats against movie theatres and moviegoers. "This provocative and unprecedented attack and subsequent threats only strengthen our resolve to continue to work with partners around the world to strengthen cybersecurity, promote norms of acceptable state behavior, uphold freedom of expression, and ensure that the Internet remains open, interoperable, secure and reliable," he said. On January 2, 2015, the U.S., under an Executive Order issued by President Obama, installed additional economic sanctions on already-sanctioned North Korea for the hack, which North Korean officials called out as "groundlessly stirring up bad blood towards" the country.


Doubts about accusations against North Korea

Cyber security expert Kurt Stammberger from cyber security firm Norse, DEFCON organizer and
Cloudflare Cloudflare, Inc. is an American content delivery network and DDoS mitigation company, founded in 2009. It primarily acts as a reverse proxy between a website's visitor and the Cloudflare customer's hosting provider. Its headquarters are in San ...
researcher Marc Rogers, Hector Monsegur and Kim Zetter, a security journalist at ''Wired'' magazine, have expressed doubt and tended to agree that North Korea might not be behind the attack.
Michael Hiltzik Michael A. Hiltzik (born November 9, 1952) is an American columnist, reporter and author who has written extensively for the ''Los Angeles Times''. In 1999, he won a beat reporting Pulitzer Prize for co-writing a series of articles about corrupti ...
, a journalist for the '' Los Angeles Times'', said that all evidence against North Korea was "circumstantial" and that some cybersecurity experts were "skeptical" about attributing the attack to the North Koreans.Hiltzik, Michael (December 19, 2014)
"The Sony hack: What if it isn't North Korea?"
'' Los Angeles Times''. Retrieved December 21, 2014.
Cybersecurity expert Lucas Zaichkowsky said, "State-sponsored attackers don't create cool names for themselves like 'Guardians of Peace' and promote their activity to the public." Kim Zetter of ''Wired'' magazine called released evidence against the government "flimsy". Zetter, Kim (December 17, 2014)
"The Evidence That North Korea Hacked Sony Is Flimsy."
''Wired''. Retrieved December 21, 2014.
Former hacker Hector Monsegur, who once hacked into Sony, explained to
CBS News CBS News is the news division of the American television and radio service CBS. CBS News television programs include the ''CBS Evening News'', '' CBS Mornings'', news magazine programs '' CBS News Sunday Morning'', '' 60 Minutes'', and '' 48 ...
that exfiltrating one or one hundred terabytes of data "without anyone noticing" would have taken months or years, not weeks. Monsegur doubted the accusations due to North Korea's insufficient internet infrastructure to handle the transfer of that much data. He believed that it could have been either Chinese, Russian, or North Korean-sponsored hackers working outside of the country, but most likely to be the deed of a Sony employee. Stammberger provided to the FBI Norse's findings that suggest the hack was an
inside job An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security ...
, stating, "Sony was not just hacked; this is a company that was essentially nuked from the inside. We are very confident that this was not an attack master-minded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history." Stammberger believes that the security failure may have originated from six disgruntled former Sony employees, based on their past skill sets and discussions these people made in chat rooms. Norse employees identified these people from a list of workers that were eliminated from Sony during a restructuring in May 2014, and noted that some had made very public and angry responses to their firing, and would be in appropriate positions to identify the means to access secure parts of Sony's servers. After a private briefing lasting three hours, the FBI formally rejected Norse's alternative assessment. Seth Rogen also expressed doubts about the claims that North Korea was behind the hack. Based on the timeline of events and the amount of information hacked, he believes the hack may have been conducted by a Sony employee. "I've also heard people say that they think someone was hired to do the hack as a way of getting Amy Pascal fired. I don't know if I subscribe to those theories, but I kind of don't think it was North Korea."


Other investigations

In response to allegations that the intrusion was the result of an inside job, or something other than a state-sponsored cyber attack, computer forensic specialist Kevin Mandia, president of the security firm FireEye, commented that there was not a "shred of evidence" that an insider was responsible for the attack and that the evidence uncovered by his security firm supports the position of the United States government. In February 2016, analytics firm Novetta issued a joint investigative report into the attack. The report, published in collaboration with Kaspersky Lab,
Symantec Symantec may refer to: *An American consumer software company now known as Gen Digital Inc. *A brand of enterprise security software purchased by Broadcom Inc. Broadcom Inc. is an American designer, developer, manufacturer and global supplier ...
, AlienVault,
Invincea Invincea, Inc. was a company that offered a suite of endpoint protection software products. Originally called Secure Command LLC, Invincea, Inc. was a venture-backed software company that provided malware threat detection, prevention, and analysis t ...
,
Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and ...
,
Carbon Black Carbon black (subtypes are acetylene black, channel black, furnace black, lamp black and thermal black) is a material produced by the incomplete combustion of coal and coal tar, vegetable matter, or petroleum products, including fuel oil, flui ...
, PunchCyber,
RiskIQ RiskIQ was a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. The company was co ...
, ThreatConnect and Volexity, concluded that a well-resourced organization had committed the intrusion, and that "we strongly believe that the SPE attack was not the work of insiders or hacktivists". The analysis said that the same group is engaged in military espionage campaigns.Novetta Exposes Depth of Sony Pictures Attack
, novetta.com, February 24, 2016.
Collaborative Operation Blockbuster aims to send Lazarus back to the dead
symantec.com, February 24, 2016.


Formal charges

The U.S. Department of Justice issued formal charges related to the Sony hack on North Korean citizen Park Jin-hyok on September 6, 2018. The Department of Justice contends that Park was a North Korean hacker that worked for the country's
Reconnaissance General Bureau The Reconnaissance General Bureau ( ko, 정찰총국; RGB, Reconnaissance Bureau of the General Staff Department) is a North Korean intelligence agency that manages the state's clandestine operations. Most of their operations have a specific foc ...
, the equivalent of the
Central Intelligence Agency The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
. The Department of Justice also asserted that Park was partially responsible for arranging the WannaCry ransomware attack of 2017, having developed part of the ransomware software. The Department of Justice had previously identified Park and had been monitoring him for some time, but could not indict him immediately as much of the information around him was classified. The Criminal Complaint was unsealed by the US Department of Justice via a press release in September 2018.


Legal responses

Obama also issued a legislative proposal to Congress to update current laws such as the
Racketeer Influenced and Corrupt Organizations Act The Racketeer Influenced and Corrupt Organizations (RICO) Act is a United States federal law that provides for extended criminal penalties and a civil cause of action for acts performed as part of an ongoing criminal organization. RICO was en ...
and introduce new ones to allow federal and national law enforcement officials to better respond to cybercrimes like the Sony hack, and to be able to prosecute such crimes compatibly to similar off-line crimes, while protecting the privacy of Americans.


Governmental responses

Less than a month following the attack, North Korea reportedly lost its connection to the internet. Although the United States' government did not take credit, President Obama announced that the United States would carry out a “proportional response” in light of the Sony hack.


Public discussion


About reporting on the hack

In December 2014, Sony requested that the media stop covering the hack. Sony also threatened legal action if the media did not comply, but according to law professor
Eugene Volokh Eugene Volokh (; born February 29, 1968 as Yevhen Volodymyrovych Volokh ( uk, Євге́н Володимирович Волох)) is an American legal scholar known for his scholarship in American constitutional law and libertarianism as well as ...
, Sony's legal threats are "unlikely to prevail". Sony then threatened legal action against Twitter if it did not suspend accounts of people who posted the hacked material. American screenwriter
Aaron Sorkin Aaron Benjamin Sorkin (born June 9, 1961) is an American playwright, screenwriter and film director. Born in New York City, he developed a passion for writing at an early age. Sorkin has earned an Academy Award, a BAFTA Award, five Primetime Em ...
wrote an op-ed for '' The New York Times'' opining that the media was helping the hackers by publishing and reporting on the leaked information. On December 18, Reddit took the unusual step of banning the subreddit r/SonyGOP that was being used to distribute the hacked files.


About pulling ''The Interview''

The threats made directly at Sony over ''The Interview'' were seen by many as a threat to free speech. The decision to pull the film was criticized by several Hollywood filmmakers, actors, and television hosts, including
Ben Stiller Benjamin Edward Meara Stiller (born November 30, 1965) is an American actor, comedian, and filmmaker. He is the son of the comedians and actors Jerry Stiller and Anne Meara. Stiller was a member of a group of comedic actors colloquially known a ...
,
Steve Carell Steven John Carell (; born August 16, 1962) is an American actor and comedian. He played Michael Scott in ''The Office'' (2005–2011; 2013), NBC’s adaptation of the British series created by Ricky Gervais and Stephen Merchant, where Car ...
, Rob Lowe, Jimmy Kimmel and Judd Apatow. Some commentators contrasted the situation to the non-controversial release of the 2004 '' Team America: World Police'', a film that mocked the leadership of North Korea's prior leader, Kim Jong-il. The
Alamo Drafthouse The Alamo Drafthouse Cinema is an American cinema chain founded in 1997 in Austin, Texas, which is famous for serving dinner and drinks during the movie, as well as its strict policy of requiring its audiences to maintain proper cinema-going etiq ...
was poised to replace showings of ''The Interview'' with ''Team America'' until the film's distributor Paramount Pictures ordered the theaters to stop. In light of the threats made to Sony over ''The Interview'',
New Regency Regency Enterprises (commonly referred to as Regency onscreen and copyrighting as Regency Entertainment (USA), Inc. in the U.S. and Monarchy Enterprises S.á.r.l. overseas) is an American entertainment company formed by Arnon Milchan. It was fou ...
cancelled its March 2015 production plans for a film adaptation of the graphic novel '' Pyongyang: A Journey in North Korea'', which was set to star
Steve Carell Steven John Carell (; born August 16, 1962) is an American actor and comedian. He played Michael Scott in ''The Office'' (2005–2011; 2013), NBC’s adaptation of the British series created by Ricky Gervais and Stephen Merchant, where Car ...
. ''
Hustler Hustler or hustlers may also refer to: Professions * Hustler, an American slang word, e.g., for a: ** Con man, a practitioner of confidence tricks ** Drug dealer, seller of illegal drugs ** Male prostitute ** Pimp ** Business man, more gener ...
'' announced its intentions to make a
pornographic parody film A pornographic parody film is a subgenre of the pornographic film industry genre where the basis for the production's story or plotline is the parody of a mainstream television show, feature film, public figure, video game or literary works. Thi ...
of ''The Interview''. ''Hustler'' founder Larry Flynt said, "If Kim Jong-un and his henchmen were upset before, wait till they see the movie we're going to make".


Outside the United States

In China, the media coverage of the hackings has been limited and outside sources have been censored. A search for "North Korea hack" on
Baidu Baidu, Inc. ( ; , meaning "hundred times") is a Chinese multinational technology company specializing in Internet-related services and products and artificial intelligence (AI), headquartered in Beijing's Haidian District. It is one of the la ...
, China's leading search engine returned just one article, which named North Korea as "one of several suspects." However, Google, which was and is inaccessible in China, returned more than 36 million results for the same query.
Hua Chunying Hua Chunying (; born 24 April 1970) is a Chinese official and former diplomat serving as spokesperson for the Ministry of Foreign Affairs of the People's Republic of China since 2012 and as the Assistant Minister of Foreign Affairs since 2021. H ...
, a spokeswoman of foreign affairs, "shied away from directly addressing" the Sony hacking situation.Ripley, Will
China censors news on Sony hack
''CNN''. Retrieved December 24, 2014.


See also

*
2013 South Korea cyberattack In 2013 there were two major sets of cyberattacks on South Korean targets attributed to elements within North Korea. March On 20 March 2013, three South Korean television stations and a bank suffered from frozen computer terminals in a suspect ...
* 2015–16 SWIFT banking hack *
North Korea's illicit activities The alleged illicit activities of the North Korean state include manufacture and sale of illegal drugs, the manufacture and sale of counterfeit consumer goods, human trafficking, arms trafficking, wildlife trafficking, counterfeiting currency ...


References

{{Hacking in the 2010s 2014 controversies 2014 controversies in the United States 2014 crimes in the United States 2014 in computing 2014 in North Korea Attacks in the United States in 2014 Cyberattacks Cyberwarfare in the United States Data breaches in the United States Email hacking Hacking in the 2010s North Korea–United States relations November 2014 crimes November 2014 events in the United States Sony Pictures Entertainment Film controversies Film controversies in the United States