Sony Pictures Hack: The Strike From North Korea and Early Cyberwarfare

On November twenty-fourth, 2014, there was an attack that was caused by a hacker group identifying itself as “Guardians of Peace” or the “Lazarus Group”: a cybercrime group that is run by the government of North Korea.

This particular attack was interesting because of what this particular hacker organization decided to attack.

They did not go and attack some type of important government building or the infrastructure of some great government contractor that would allow them to use their programming skills in order to steal US secrets.

Instead, they decided that it would be a better use of their talents to hack information from the media company Sony Pictures in an event that is now known as the Sony Pictures Hack.

Lots of data were taken from Sony Pictures including the personal information of employees, personal info about the families of said employees, emails between various different employees, information about executive salaries at this company, plans for many of the future films for Sony Pictures, scripts of different products, and other information that was important.

Even the US Ambassador to the United Nations at the time described how strange this particular incident was:

This is absurd. Yet it is exactly the kind of behavior we have come to expect from a regime that threatened to take 'merciless countermeasures' against the U.S. over a Hollywood comedy, and has no qualms about holding tens of thousands of people in harrowing gulags. - United States of America Ambassador to the United Nations Samantha Power

After all of the important information was taken from the systems at Sony Pictures, the attackers then decided to release some malware in order to wipe Sony’s computer infrastructure.

This malware was a variant of Shamoon - a modular computer virus discovered back in 2012 also known as W32. DistTrack targeted certain versions of the Microsoft Windows operating system.

One of the things the hackers demanded is the withdrawal of the then-upcoming film The Interview from theaters - a film about a group of reporters hired by the United States and South Korean governments to assassinate the leader of North Korea:

We will clearly show it to you at the very time and places The Interview be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. Soon all the world will see what an awful movie Sony Pictures Entertainment has made. The world will be full of fear. Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you'd better leave.) Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment. All the world will denounce the SONY. - statement from the “Guardians of Peace” back in December 2014

Despite the threats and danger, the movie The Interview was still released - not in theaters but on digital platforms like Google Play, YouTube, and Xbox Video.

Fortunately for the US, and unfortunately for the North Korean hackers, the move backfired and led to the film still being released because now the movie became a statement about free speech and standing up to cyberterrorism.

After all, if North Korea could scare the United States into not releasing a movie, then foreign hackers would be able to have a huge amount of influence over the country and what media would be released in the future.

Sony even said in a statement: “We are proud to make it available to the public and to have stood up to those who attempted to suppress free speech.”

Who would have known that a hack related to a Hollywood movie would be one of the earliest attempts of a foreign entity to use cyberterrorism in order to control the actions of another country?