Sony Pictures Entertainment hack

source: www.google.com

The Sony Pictures Entertainment hack was a release of confidential data belonging to Sony Pictures Entertainment on November 24, 2014. The data included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of (previously) unreleased Sony films, and other information. The hackers called themselves the "Guardians of Peace" or "GOP" and demanded the cancellation of the planned release of the film The Interview, a comedy about a plot to assassinate North Korean leader Kim Jong-un. United States intelligence officials, evaluating the software, techniques, and network sources used in the hack, allege that the attack was sponsored by North Korea. North Korea has denied all responsibility, and some cybersecurity experts have cast doubt on the evidence, alternatively proposing that current or former Sony Pictures employees may have been involved in the hack.

Hack and perpetrators

The duration of the hack is yet unknown, though evidence suggests that the intrusion had been occurring for more than a year, prior to its discovery in November 2014. The hackers involved claim to have taken over 100 terabytes of data from Sony.Following the breach, the hackers implanted Wiper on Sony's computer infrastructure, a malwaresoftware program designed to erase data from the servers.

Sony was made aware of the hack on Monday, November 24, 2014, as the malware previously installed rendered many Sony employees' computers inoperable by the software, with the warning by the Guardians of Peace, along with a portion of the confidential data taken during the hack. Several Sony-related Twitter accounts were also taken over.This followed a message that several Sony Pictures executives had received via email on the previous Friday, November 21; the message, coming from a group called "God'sApstls" , demanded "monetary compensation" or otherwise, "Sony Pictures will be bombarded as a whole". This email message had mostly gone ignored by executives, lost in the volume they had received or treated as spam email. In addition to the activation of the malware on November 24, the message included a warning for Sony to decide on their course of action by 11pm that evening, although no apparent threat was made when that deadline passed. In the days following this hack, the Guardians of Peace began leaking yet-unreleased films and started to release portions of the confidential data to attract the attention of social media sites, although they did not specify what they wanted in return. Sony quickly organized internal teams to try to manage the loss of data to the Internet, and contacted the FBI and the private security firm FireEye, Inc., to help protect Sony employees whose personal data was exposed by the hack, repair the damaged computer infrastructure and trace the source of the leak.

Information obtained

According to a notice letter dated December 8, 2014, from SPE to its employees, SPE learned on December 1, 2014, that personally identifiable information about employees and their dependents may have been obtained by unauthorized individuals as a result of a "brazen cyber-attack", including names, address, social security numbers and financial information. On December 7, 2014, C-SPAN reported that the hackers stole 47,000 unique Social Security numbers from the SPE computer network.

Although personal data may have been stolen, early news reports focused mainly on celebrity gossip and embarrassing details about Hollywood and film industry business affairs gleaned by the media from electronic files, including private email messages, released by the computer criminals. Among the information revealed in the e-mails was that Sony CEO Kazuo Hirai pressured Sony Pictures co-chairwoman Amy Pascal to "soften" the assassination scene in the upcoming Sony film The Interview. Many details relating to the actions of the Sony Pictures executives, including Pascal and Michael Lynton, were also released, in a manner that appeared to be intended to spur distrust between these executives and other employees of Sony.

Other e-mails released in the hack showed Pascal and Scott Rudin, film and theatrical producer, discussing Angelina Jolie and her wanting David Fincher to direct her filmCleopatra. In the e-mails, Rudin referred to Jolie as "a minimally talented spoiled brat" and said he did not want her getting involved with a planned film about Steve Jobs. Pascal and Rudin were also noted to have had an e-mail exchange about Pascal's upcoming encounter with President Barack Obama that included characterizations described as racist. The two had suggested they should mention films about African-Americans upon meeting the president, such as Django Unchained, 12 Years a Slave, and The Butler, all of which depict slavery in the United States or the pre-civil rights era. Pascal and Rudin later apologized. Details of lobbying efforts by politician Mike Moore on behalf of the Digital Citizens Alliance and FairSearch against Google were also revealed.