Cyber Crime and Hollywood. The Sony Pictures Hack.
In December 2014, the largest ever hack of its time took place in California. The target of the attack was Sony Pictures; the details behind the cyber-attack had implications for international politics, free speech, and individual employees. It also announced the emergence of a new type of global warfare: Cyber Crime.
The lead up to the cybercrime
In 2012, a group of American writers and actors produced an idea for a new satirical comedy film. The script described the story of two journalists who would be recruited by the FBI and sent on a mission to interview and subsequently assassinate an imaginary, despotic political leader.
Biting political satire is nothing new to the film industry. For years, it is a medium that has been used to deliver highly topical and politicised messages. However, during the writing of the script, the decision was taken that the target for the assassination would change from being an invented person to being the actual sitting leader of North Korea, Kim Jong-Un.
This was breaking new ground. To parody the assassination of a ruling leader of a sovereign nation-state is something that had never, or rarely, been attempted. Furthermore, the filmmakers intended to make this a graphic portrayal of the assassination.
The rights to the film were bought by Sony Pictures, and it went into production in 2014 starring James Franco and Seth Rogan, two high-profile and successful actors.
The promotional gears started turning in the build-up to the film being launched in December 2014. Billboards went up, social media helped fuel the marketing flames and the film was screened to focus groups.
However, as news of the new film was proliferating, things were taking a sinister turn at Sony Pictures…
Sony is hacked
Unbeknownst to anyone at the time, a catfish campaign was already well underway at Sony. An external group had bombarded the social media accounts of Sony employees with messages designed to make them click on nefarious links.
It would only take one of the employees to take the bait…and that is exactly what happened. One email click and the malware was free to weave its destructive path.
Once the hackers had gained access to the network of computers and IT infrastructure at Sony, it was already too late. The hackers moved across the whole of the network, completely undetected by anyone at Sony. These were not simply bedroom hackers, they were a group of extremely organised cyber soldiers hellbent on destruction.
Their intention became clear when, in November 2014, a coordinated set of messages started appearing on employees’ computer screens one morning. These messages, which featured the image of a skeleton alongside blood-curdling sound effects, were precise about their intentions: The complete destruction of Sony Pictures.
The cyber criminals proceeded to create havoc on the network. Computers were wiped, phones were taken offline and the digital network was taken down. Even local businesses were prevented from trading as credit-card machines were affected for weeks.
But, as a warning chillingly pre-empted, it was “just the beginning.”
Prior to the attack, the hackers had already obtained libraries of internal data from the company. This data included executive salaries, private emails, gossip, and details of unreleased films.
This data was sent to local journalists, who were not slow to publish.
Salacious stories about famous A-listers were shared. Films were leaked. Executives were caught making racial slurs, and salaries of employees were made common knowledge.
The data breach continued well into 2015, with HR records, social security data and medical records being shared. In effect, every employee’s entire email inbox was in the public domain.
It was a cyber-crime on a massive scale, and could not have been much higher profile. The commercial, reputational and security damage was enormous.
Whilst the film did manage a very low-key premier, concerns from audiences and cinemas alike led to cinemas refusing to screen it in mainstream theatres. Five days after it premiered, the film was pulled from cinemas.
The hackers had won. Furthermore, since the malware itself had its own counter-forensic measures built-in, it essentially destroyed evidence as it coursed through the network.
The fallout was immense. The hack led to an FBI investigation; employees commenced a class-action lawsuit against Sony; millions of dollars were spent on IT repairs. Many careers, at all levels, were abruptly ended.
There were also clear implications for free-speech, a cornerstone of western democracy for centuries.
Most concerning of all, the hack was declared an international incident. All suspicious eyes were trained on the secretive state of North Korea. President Obama even went as far as blaming North Korea live on television. Never before had a sovereign state been implicated by a sitting American President. But consider this fact alone: Did Obama reluctantly fuel the threat by reacting in this way?
Either way, it was clear that the Sony Pictures hack unveiled a new era for what cyber-attacks could achieve.
Lessons to be learned
What has become clear because of the Sony hack is that we live in a connected world, but it is this connectivity that means we are open to risks of the highest magnitude.
It is also obvious that not only is there the potential for egregious amounts of money to be made in cyber-crime, but enormous reputational damage too.
And if cyber-crime is a threat to multi-national conglomerates, it is a threat to everyone.
The intervening years have also taught us that the threat is not going to recede. Not only are independent cyber criminals at large, but the fear that nation-states may be sponsoring cyber-crime suggests that the parameters for global conflict have shifted from battlefield to server-banks.
There are a number of steps that we can all take to mitigate these threats.
Email is still by far accountable for the highest volume of attempted hacks. It is not enough to ensure that everyone on your network is aware of the threat. The solution is to ensure that the absolute best in next-generation firewall is in place.
Such solutions are available from a number of vendors, but it is crucial that your cyber strategy is curated by a specialist company that will be constantly on the lookout for new threats on your behalf.
SEP2 are a cyber-security specialist and protecting our customers from cyber-crime is why we exist. We are constantly working at the bleeding edge of technology to ensure your security. We employ the greatest technicians and work with world-class vendors. This is why we say we are Tech Driven and People Powered.