|
source: www.google.com |
The Sony Pictures
Entertainment hack was a release of confidential data belonging to Sony Pictures Entertainment on
November 24, 2014. The data included personal information about Sony Pictures
employees and their families, e-mails between employees, information about
executive salaries at the company, copies of (previously) unreleased Sony
films, and other information. The hackers called themselves the "Guardians
of Peace" or "GOP" and demanded the cancellation of the planned
release of the film The Interview,
a comedy about a plot to assassinate North Korean leader Kim Jong-un. United
States intelligence officials, evaluating the software, techniques, and network
sources used in the hack, allege that the attack was sponsored by North Korea. North
Korea has denied all responsibility, and some cybersecurity experts have cast
doubt on the evidence, alternatively proposing that current or former Sony
Pictures employees may have been involved in the hack.
Hack and perpetrators
The duration of the
hack is yet unknown, though evidence suggests that the intrusion had been
occurring for more than a year, prior to its discovery in November
2014. The hackers involved claim to have taken over 100 terabytes of data
from Sony.Following the breach, the hackers implanted Wiper on Sony's computer infrastructure,
a malwaresoftware program designed to erase data
from the servers.
Sony was made aware
of the hack on Monday, November 24, 2014, as the malware previously installed
rendered many Sony employees' computers inoperable by the software, with the
warning by the Guardians of Peace, along with a portion of the confidential
data taken during the hack. Several Sony-related Twitter accounts were
also taken over.This followed a message that several Sony Pictures executives
had received via email on the previous Friday, November 21; the message, coming
from a group called "God'sApstls" , demanded "monetary
compensation" or otherwise, "Sony Pictures will be bombarded as a
whole". This email message had mostly gone ignored by executives,
lost in the volume they had received or treated as spam email. In addition
to the activation of the malware on November 24, the message included a warning
for Sony to decide on their course of action by 11pm that evening, although no
apparent threat was made when that deadline passed. In the days following
this hack, the Guardians of Peace began leaking yet-unreleased films and
started to release portions of the confidential data to attract the attention
of social media sites, although they did not specify what they wanted in
return. Sony quickly organized internal teams to try to manage the loss of
data to the Internet, and contacted the FBI and the private security firm
FireEye, Inc., to help protect Sony employees whose personal data was exposed
by the hack, repair the damaged computer infrastructure and trace the source of
the leak.
Information obtained
According to a
notice letter dated December 8, 2014, from SPE to its employees, SPE learned on
December 1, 2014, that personally identifiable information about employees and
their dependents may have been obtained by unauthorized individuals as a result
of a "brazen cyber-attack", including names, address, social security
numbers and financial information. On December 7, 2014, C-SPAN reported that the hackers stole 47,000 unique
Social Security numbers from the SPE computer network.
Although personal
data may have been stolen, early news reports focused mainly on celebrity
gossip and embarrassing details about Hollywood and film industry business
affairs gleaned by the media from electronic files, including private email
messages, released by the computer criminals. Among the information revealed in
the e-mails was that Sony CEO Kazuo Hirai pressured Sony Pictures
co-chairwoman Amy Pascal to
"soften" the assassination scene in the upcoming Sony film The
Interview. Many details relating to the actions of the Sony Pictures
executives, including Pascal and Michael Lynton, were also released, in a
manner that appeared to be intended to spur distrust between these executives
and other employees of Sony.
Other e-mails
released in the hack showed Pascal and Scott Rudin, film and theatrical producer,
discussing Angelina Jolie and
her wanting David Fincher to
direct her filmCleopatra. In the e-mails, Rudin referred to Jolie as
"a minimally talented spoiled brat" and said he did not want her
getting involved with a planned film about Steve Jobs. Pascal and Rudin were also
noted to have had an e-mail exchange about Pascal's upcoming encounter with
President Barack Obama that included characterizations
described as racist. The two had suggested they should mention films about
African-Americans upon meeting the president, such as Django Unchained, 12 Years a Slave,
and The Butler, all of which depict slavery in the United States or
the pre-civil rights era. Pascal and Rudin later apologized. Details
of lobbying efforts by politician Mike Moore on behalf of the Digital Citizens Alliance and FairSearch against Google were
also revealed.