2014 Sony Pictures hack
| Incident Impacts | Data Theft, Data Loss, Business Disruption |
|---|---|
| Affected Sector | Entertainment |
| Associated Intrusion Sets | Lazarus Group |
| Estimated Cost (USD) | 15000000 |
In November 2014, a hacker group calling themselves 'Guardians of Peace' (GOP) compromised Sony Pictures Entertainment's (SPE) networks. They stole confidential data, including personal information about employees, emails, executive salaries, unreleased films, and future film plans before deploying wiper malware to erase data and make systems unusable.
The attackers also demanded that Sony cancel the release of the movie "The Interview," which depicted a fictional plot to assassinate North Korean leader Kim Jong-un. The U.S. government attributed the attack to North Korea.
This historic breach raised significant concerns about cybersecurity and state-sponsored hacking. It highlighted the vulnerability of major corporations to sophisticated cyber threats and underscored the need for robust defenses and international cooperation in addressing such attacks.
A post-mortem analysis by cyber security researchers under 'Operation Blockbuster' attributed the attack to an intrusion set they named Lazarus Group.
Cyber Threat Graph Context
Explore how this cyber incident relates to the wider threat graph
2014 Sony Pictures hack Threat Reports
Operation Blockbuster: Unraveling the Long Thread of the Sony Attack
This report by Novetta covers 'Operation Blockbuster' which was a Novetta-led coalition of private industry partners aiming to understand and ...