DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click
HERE to register or log in.
Accession Number:
AD1046744
Title:
Sony's Nightmare before Christmas: The 2014 North Korean Cyber Attack on Sony and Lessons for US Government Actions in Cyberspace
Descriptive Note:
Technical Report
Corporate Author:
JHUAPL Laurel United States
Report Date:
2018-02-01
Pagination or Media Count:
44.0
Abstract:
The cyber attack on Sony Pictures Entertainment in late 2014 began as a public embarrassment for an American company and ultimately led to the unprecedented action by the US president to formally attribute a cyberattack to a nation-state North Korea. The incident played out at the nexus of the private cyber-security industry and US government communities including the White House, the Federal Bureau of Investigation, and the National Security Agency. The attack was triggered by Sonys plan to release The Interview, a comedy in which an American talk show host and his producer are recruited by the Central Intelligence Agency to travel to North Korea and assassinate North Koreas supreme leader, Kim Jong-un. The cyber attack was discussed everywhere from supermarket tabloids, delighting in gossip-rich leaked emails, to official statements by leaders in the US government, including President Obama. When laid out in a timeline, the events surrounding the cyber attack--which include the attribution to North Korea and subsequent responses by both the government and private-sector cyber-security experts--provide a case study of the actions and interactions of the players in a major cyber attack. The events surrounding the attack and the attribution provide insight into three areas the effects of government and private-sector actions on the perception of a cyber event among the public, the effect of attribution on the behavior of the attackers, and possible motives for North Koreas high-profile cyber actions. The incident also illuminates the role of multi-domain deterrence to respond to attacks in the cyber domain.
Distribution Statement:
APPROVED FOR PUBLIC RELEASE