North Korea's Hack on Sony: A Cyber Attack on Free Speech

In late November 2014, North Korean state-sponsored hackers launched one of the most devastating cyber attacks in history against Sony Pictures Entertainment. The breach exposed approximately 38 million files—including 170,000 employee emails, thousands of Social Security numbers, unreleased films, and sensitive executive communications—and crippled Sony's computer systems with malware designed to destroy data.

The attack was a direct response to Sony's production and planned theatrical release of *The Interview*, a comedy film depicting an assassination attempt on North Korean leader Kim Jong Un. North Korea had condemned the film as "an act of terrorism" and "war" after the teaser trailer's release in June 2014. By December 8, hackers claiming to represent a group called the "Guardians of Peace" (GOP) issued explicit threats, warning of 9/11-style attacks on theaters that showed the film and beginning to leak stolen data.

The infiltration itself had begun months earlier, in July 2014, with hackers slowly stealing data before launching the full public attack on November 24. The timing and coordination suggested nation-state involvement rather than independent cybercriminals. U.S. intelligence agencies quickly mobilized to investigate.

On December 19, 2014, the FBI formally attributed the hack to the North Korean government—the first time the United States publicly blamed a nation-state for a cyber attack. The NSA assisted in the attribution through malware analysis and network tracing, aided by the agency's prior 2010 intrusion into North Korean networks. Both agencies noted that the hackers had been careless, using proxy IP addresses originating in North Korea, a critical oversight that helped confirm the connection.