sony pictures entertainment case a

14
Sony Pictures Entertainment, Inc.: A Cybersecurity Attack from North Korea (A) Cyberattack November 24, 2014 began like most other days for Michael Lynton, Chief Executive Officer of Sony Pictures Entertainment. Upon arriving at the office, Lynton received a call from CFO David Hendler informing Lynton that Sony’s cybersecurity had been compromised. Employees started their computers that morning only to find disturbing images of Lynton’s severed head appear on their screens. Shortly after, Sony shut down all computer systems worldwide, issuing the following statement: “We are investigating an I.T. matter.” 1 The next day, four of the studio’s unreleased movies were posted on pirate Web sites. The hackers also claimed to have stolen approximately 100 terabytes of internal data, including personal and confidential information from thousands of Sony Pictures employees. 2 Lynton and Sony executives could not have predicted that in three short weeks, the digital attack would be at the center of a global controversy. In total, eight leaks released an estimated 38 million files and thousands of personal, damaging e-mails belonging to Sony Pictures executives. 3 According to investigators, the magnitude of the data published was simply unprecedented in U.S. corporate history. Sony Pictures soon found its brand identity under scrutiny, making headlines in all major news sources. Rich Klein, partner at McLarty Associates advisory firm, called the event “an international crisis, the cyberattack that put Americans’ vulnerability on display, a free speech cause, an Oval Office gut-check, and a cautionary tale for the future of warfare.” 4 Entering the Motion Picture Entertainment Business Sony Pictures is a United States based subsidiary of Sony Corporation. Sony Corporation was established in 1946 and based in Tokyo, Japan. 5 In 1960, Sony Corporation of America was established in the United States and was listed on the New York Stock Exchange in 1970. Late in the Twentieth Century, Sony had become one of the world’s leading consumer electronics manufacturers. In 1991, Sony acquired Columbia Pictures Entertainment and renamed it Sony Pictures Entertainment, Inc., (SPE). In 2004, Michael Lynton joined SPE as Chairman and Chief Executive Officer. That same year, Amy Pascal was promoted to Chairman of the Motion Picture Group, and to Co-Chairman of SPE two years later. In 2006, SPE crossed the $1 billion mark in domestic box-office receipts for the fifth year in a row. 6

Upload: ashley-chase

Post on 13-Apr-2017

110 views

Category:

Documents


1 download

TRANSCRIPT

Sony Pictures Entertainment, Inc.:A Cybersecurity Attack from North Korea (A)

Cyberattack

November 24, 2014 began like most other days for Michael Lynton, Chief Executive Officer ofSony Pictures Entertainment. Upon arriving at the office, Lynton received a call from CFODavid Hendler informing Lynton that Sony’s cybersecurity had been compromised. Employeesstarted their computers that morning only to find disturbing images of Lynton’s severed headappear on their screens. Shortly after, Sony shut down all computer systems worldwide, issuingthe following statement: “We are investigating an I.T. matter.” 1

The next day, four of the studio’s unreleased movies were posted on pirate Web sites. The hackers also claimed to have stolen approximately 100 terabytes of internal data, includingpersonal and confidential information from thousands of Sony Pictures employees.2 Lynton andSony executives could not have predicted that in three short weeks, the digital attack would be atthe center of a global controversy. In total, eight leaks released an estimated 38 million files andthousands of personal, damaging e-mails belonging to Sony Pictures executives.3 According toinvestigators, the magnitude of the data published was simply unprecedented in U.S. corporatehistory.

Sony Pictures soon found its brand identity under scrutiny, making headlines in all majornews sources. Rich Klein, partner at McLarty Associates advisory firm, called the event “aninternational crisis, the cyberattack that put Americans’ vulnerability on display, a free speechcause, an Oval Office gut-check, and a cautionary tale for the future of warfare.” 4

Entering the Motion Picture Entertainment Business

Sony Pictures is a United States based subsidiary of Sony Corporation. Sony Corporation wasestablished in 1946 and based in Tokyo, Japan.5 In 1960, Sony Corporation of America wasestablished in the United States and was listed on the New York Stock Exchange in 1970. Latein the Twentieth Century, Sony had become one of the world’s leading consumer electronicsmanufacturers.

In 1991, Sony acquired Columbia Pictures Entertainment and renamed it Sony PicturesEntertainment, Inc., (SPE). In 2004, Michael Lynton joined SPE as Chairman and ChiefExecutive Officer. That same year, Amy Pascal was promoted to Chairman of the MotionPicture Group, and to Co-Chairman of SPE two years later. In 2006, SPE crossed the $1 billionmark in domestic box-office receipts for the fifth year in a row.6

Sony pledged to operate SPE as independently as possible. The motion picture businessrepresents 10% of revenue for the parent corporation. Although SPE provides just a smallfraction of the company’s total income, the motion picture business bears Sony’s name, whichcarries major implications for the Sony brand.

Size and Scope of Sony Motion Picture Entertainment

The entertainment division is one of the most profitable sectors of the company. Sony MotionPictures has retained profits between 4% and 7% in recent years, while the electronics divisionshave operated consistently in the red.7 In the fiscal year ending March 31, 2014, Sony Picturesreported $8 billion in revenue.8 (See Appendix A).

Sony is a major player in the motion picture industry with 199 completed movies.9 SonyMotion Pictures Entertainment retains an estimated 12.2% of market share, which can becompared to 20th Century Fox (17.3%), Buena Vista (15.6%), and Warner Bros (15.1%). In sum,these four enterprises account for approximately 60% of the total market. Universal andParamount – other well-known players – both lag behind Sony with respect to market share.10

(See Appendix B for additional industry information.)

Technology Revolutionizes the Filmmaking Business

New video technology has revolutionized the way movies are made. Historically, 35mm filmwas the standard for producing, distributing, and displaying motion pictures. This required thephysical film to be copied and distributed to theaters. In 2002, Star Wars: Episode II led thecharge as the first movie shot entirely on digital video.11 This helped inspire an entire digitalgeneration of producers and editors, offering cost savings in both time and money and flexibilityand simplicity in post-production edits.

Digital movies are essentially very large computer files that theaters are able to play onas many movie screens as they desire. In years past, a theater was dependent on the number offilm reels that could be manually delivered to them. Now, via satellite delivery, theaters havemuch greater flexibility, which affords the capability to match screen decisions to consumerdemand. In 2013, the Digital Cinema Distribution Coalition provided digital distributiontechnologies to more than 1,200 theaters and 17,000 screens.12

While digital movie distribution has major benefits, it does not come without its drawbacks andrisks. Enhanced security protocols, such as encryption techniques, are necessary to help preventpiracy. Distribution, a critical component of the movie industry, has also changed as a result,requiring theaters to invest in new digital projection equipment. This investment represents alarge capital expenditure for theaters, costing as much as $70,000 per screen for a digital cinemaretrofit.13,14 Fortunately, studios and distributors have helped theaters offset such costs due to theimportance of digital distribution. Sony Pictures, for example, relies on exhibitors to generatebox office sales. The risk is assumed by exhibitors who choose to turn screens over to Sony andrely on Sony to drive consumer demand and produce box office hits.

2

2014: The Year of Cybersecurity Attacks

The digital age has led to a new era of crime and theft of corporate assets. Companies now storeimportant data such as corporate assets, company records, and customer information digitally.This lends itself to the possibility that hackers could retrieve this valuable information if propersecurity standards are not set and followed.

The year 2014 was popular for corporate data theft. Target, Snapchat, Forbes, Michael’s,eBay, Home Depot, and USPS all suffered major data breaches. CNBC has estimated that overone billion personal data records were compromised that year as a result of approximately 1,500incidents. This is a 78% increase from 2013.15 Hackers were able to retrieve everything fromusers’ e-mail messages, passwords, and credit card information, to employee data and phonenumbers.16 The cyberattacks were designed to access customers’ financial accounts, as well assensitive information that might allow identity theft. The Target hack, for example, resulted inthe online auction of 2 million credit cards, allowing hackers to steal some $53 million.17 Trendsin data hacking reveal that cybercriminals are shifting focus from short-term credit card theft tolong-term identity theft, which helps to create sustainable revenue streams.18

Sony’s Data Protection Controls

Security experts examining Sony’s malware discovered that the hackers were familiar withSony’s network long before the breach occurred. Evidence suggests that the attackers gainedcontrol of Sony’s private cryptographic keys, which secured encrypted information. Control ofthese keys allowed suspicious movements of data to go undetected.

Historically, Sony has been a popular target for hackers. In 2011, account information of77 million Sony Playstation users was stolen.19 It was reported that Sony was threatened inadvance of this breach and failed to implement adequate safeguards to protect it,20 even though itis a company’s responsibility to change their keys frequently, especially after notification ofvulnerabilities.

A class-action complaint was filed against Sony in response to the 2014 cyberattack. Thecomplaint alleges that, “Sony failed to secure its computer systems, servers, and databases(‘Network’), despite weaknesses that it has known about for years . . . .” and, “Sonysubsequently failed to timely protect confidential information of its current and formeremployees from law-breaking hackers . . . .” 21

The Interview: A Comedy

SPE was in the final preparations for launching The Interview to theaters nationwide when thecyberattack occurred. The movie, a fictional comedic film depicting the attempted assassinationof North Korean leader Kim Jong-un, starred Seth Rogen and James Franco. It was directed byEvan Goldberg and Seth Rogen. Sony invested $44 million in production, and the movie was

3

projected to bring in $90 million in revenue, based on a strong record of comedies starring SethRogen.22 Sony embarked on a major marketing campaign prior to the movie’s winter premiere.Advertising costs were estimated to reach nearly $30 million.23

Sony Corporation CEO Kazuo Hirai voiced concerns soon after learning about the film’splot because of Japan and North Korea’s tense bilateral relationship. Hirai sent formal demandsto Pascal and the team to change parts of the film after receiving warnings from North Koreannews agencies in June of 2014.24

Sony executives worked with government think tanks to talk about possible politicalconsequences. The company made some changes, such as using “Columbia Pictures” instead ofthe Japanese Sony brand. Direct retribution from North Korea was simply not envisioned as acredible threat.25 Various entertainment media reported that studio executives questionedwhether The Interview should refer to the real North Korean regime or, perhaps, a fictitiousdictator.26 After consulting with several experts, Lynton was told the film was safe to release.

The movie was set to premiere on Christmas Day, December 25, 2014, at all majorcinemas across the United States. The launch plan included premieres in 10 other countrieswithin the following eight weeks.27 (See Appendix C for the movie poster.)

North Korea’s Involvement

The Democratic People’s Republic of Korea is a rigidly authoritarian state that has been led bythe Kim family for more than 60 years.28 North Korea maintains strict government controls overits citizens, including many that are thought to violate basic human rights. Draconian lawsinvolving severe punishment enforce citizen loyalty to the North Korean regime. AlthoughNorth Korea limits access to the Internet, the nation maintains a robust corps of computerhackers.29 The North Korean regime chooses some of its best talent for cyberwarfare trainingand allocates substantial resources to maintain and develop the program. “Cyberwarrior,” infact, is a highly coveted government position.30

North Korea’s reaction to The Interview reflects the unusually strict ideology of thecountry. The movie parodied the country’s leader and his imagined assassination. The depictionof Kim Jong-un and his dynasty as fallible – an impossible and frightening image to the regime –likely helped to inspire calls for retribution.31 Credible, material evidence gathered following thedata breach indicates that the hackers engineered the attack to damage Sony’s computer systemsand to humiliate the company, thereby proving their loyalty to Kim Jong-un. This objectivediffers from the majority of corporate hacks, which focus on financial gain.

On December 19th, the United States government was able to confirm that the hack originated inNorth Korea. Investigators found significant overlap between the digital fingerprints of the Sonyattack to other North Korean cyberattacks on South Korean banks. The U.S. stated that itviewed the event as a “serious national security matter.” 32

4

The Aftermath of the Cyberattack

In the immediate aftermath of the cyberattack, Sony’s communication system was shut down. Senior executives quickly implemented alternative communication networks at the company,leveraging phone trees, notepads, and outdated cell phones. The compromised system at SonyPictures took weeks to restore. The hackers not only stole Sony’s data, but had completelyerased it.

The attackers threatened to leak Sony movies as well as thousands of internal documentsand the personal information of more than 47,000 people, including employees, freelancers, andmovie stars. They did not identify themselves or issue specific demands. Although it wassuspected that the hack was perpetrated by North Korean cybercriminals, officials of the DPRKdenied all allegations. This made it difficult to communicate details surrounding the attack toemployees and external parties.

The crisis-management team at Sony Pictures set up desks to help employees with creditprotection and fraud alerts. The team also set up new e-mail accounts and telephone numbers.They were doing what they could to shift all digital systems back to traditional pen-and-papermethods; however, it seemed to be too late. The hackers already had accessed all the data theyneeded to irrevocably damage Sony’s reputation.

Leadership

Sony Corporation CEO Kazuo Hirai played a negligible media role during the attack, preferringto place his confidence in Lynton and Pascal. However, Hirai claimed he signed off on allexternal communication and decisions made with regards to the cyberattack.33 CEO MichaelLynton, reserved and analytical, was forced to jump into the spotlight, shadowing Motion PictureChief, Amy Pascal, who had long been the “face of Sony Pictures.” Pascal’s credibility haddeteriorated after several of her e-mails surfaced on December 8th and 10th, which includedcelebrity insults and racist comments involving President Obama. 34

Sony leadership promised employees that they would receive an e-mail outlining steps tosign up for identity protection services. Two days after the promised e-mail, 47,426 uniquesocial security numbers and other personal information of more than 15,000 current and formerSony employees were leaked.35 (Appendix D outlines details of this memo.)

Sony took a gamble when deciding how to respond to the cyberattack. Severalemployees would later allege that Sony knew about the risks to its digital storage and thegeopolitical sensitivity of The Interview but chose to make decisions that were not in the bestinterest of Sony employees.

5

In response to the allegations that Sony did not react well to the cyberattack, CEOMichael Lynton said that he felt otherwise. He stated that his top priority was to make importantdecisions quickly, saying, “You can’t be caught in the headlights doing nothing.” 36 Lyntondescribed the situation as difficult, with no playbook to follow.

Revenue at Stake as Theaters Cancel Film Showing

On December 15th, the Guardians of Peace (#GOP) claimed responsibility for the Sony hack andthreatened major terrorist attacks on theaters showing the film. Theaters such as RegalEntertainment Group, AMC Entertainment Holdings Inc., Cinemark Holdings Inc., and CarmikeCinemas Inc., as a result, opted out of showing the movie, citing concerns for audience safety.37

The Department of Homeland Security said the #GOP’s threats lacked credibility. Dueto concerns over box office sales across the industry, theater operators encouraged Sony to delaythe opening. After Sony declined, the theaters announced they wouldn’t show The Interviewuntil the FBI completed its investigation.38 (Appendix E shows the effects of this decision on thecompany’s stock price.) Shortly after this announcement, Sony Pictures decided to cancel itsplanned release of The Interview, a last-minute decision unprecedented in the modern motionpicture industry. Entertainment industry sources estimated that damage to the studio and lossesincurred from shelving the release would top at least $100 million.39 As of Thursday, December18th, Sony had no plans to release the film in any capacity. 40

Discussion Questions

1. How can Sony employ communication strategies to defend its public reputation and improveemployee morale?

2. What options are available to Sony to minimize revenue loss on The Interview?

3. Is Sony to blame for the cyberattack in the first place? Should the company take the blame?

4. If you were Sony Pictures CEO Michael Lynton, what actions, if any, would you have takenwhen you first heard about the security breach?

Appendix A

6

7

Appendix B

8

Appendix C

9

Appendix D

Internal Memo

On the evening of December 2, 2014, sources reported that Sony CEO Michael Lynton and Co-Chairman Amy Pascal at Sony sent an internal memo to 6,500 current employees that confirmedthat a “large amount of confidential Sony Pictures Entertainment data has been stolen by thecyberattackers, including personnel information,” stated that “the privacy and security of ouremployees are of real concern to us,” warned that “we are not yet sure of the full scope ofinformation that the attackers have or might release” and “unfortunately have to ask you toassume that information about you in the possession of the company might be in theirpossession,” and promised employees that they would receive an email on December 3, 2014that outlined steps to sign up for identity protection services.

10

Appendix E

11

1 Cieply, M., & Barnes, B. (2014, December 30). “Sony Cyberattack, First a Nuisance, Swiftly Grew Into aFirestorm.” The New York Times. Retrieved from <http://www.nytimes.com/2014/12/31/business/media/sony-attack-first-a-nuisance-swiftly-grew-into-a-firestorm-.html>

2 Seal, M. (2015, March). “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair (Online). Retrieved from<http://www.vanityfair.com/hollywood/2015/02/sony-hacking-seth-rogen-evan-goldberg>

3 Johnson, K., Dorell, O., & Weise, E. (2014, December 18). “Official: North Korea Behind Sony Hack.” USAToday. Retrieved from <http://www.usatoday.com/story/news/world/2014/12/17/north-korea-sony-hack/20558135/>

4 Seal, M. (2015, March). “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair (Online). Retrieved from<http://www.vanityfair.com/hollywood/2015/02/sony-hacking-seth-rogen-evan-goldberg>

5 “Company History.” (n.d.). Sony Corporation Global Headquarters. Retrieved from <http://www.sony.net/SonyInfo/CorporateInfo/History/history.html>

6 “Company History.” (n.d.). Sony Pictures. Retrieved from <http://www.sonypictures.com/corp/history.html>

7 Inagaki, K. (2015, January 19). “Sony’s Backers Focus on Bigger Picture After Cyber Attack.” Financial Times.Retrieved from <http://www.ft.com/cms/s/0/3af3b790-97f2-11e4-84d4-00144feabdc0.html#axzz3XoHwAEBe>

8 “Sony: Consolidated Financial Statements For the Fiscal Year Ending March 2014.” (n.d.). Retrieved from<http://www.sony.net/SonyInfo/IR/financial/fr/FY13_Consolidated_Financial_Statement.pdf>

9 “Sony Pictures.” (n.d.). Movie Insider. Retrieved from <http://www.movieinsider.com/c8/sony-pictures/>

10 “Box Office by Studio: Studio Market Share.” (n.d.). Box Office Mojo. Retrieved from<http://www.boxofficemojo.com/studio/?view=company&view2=yearly&yr=2014&p=.htm>

11 Harris, T. (n.d.). “How Digital Cinema Works.” HowStuffWorks. Retrieved from <http://entertainment.howstuffworks.com/digital-cinema.htm>

12 Stewart, A. (2013, October 23). “Digital Cinema Distribution Coalition Flips the Switch on Theatrical SatelliteService.” Variety (Online). Retrieved from <http://variety.com/2013/digital/news/digital-cinema-distribution-coalition-flips-the-switch-on-theatrical-satellite-service-1200755429/>

13 Acharya, A., Hamilton, M., Head, T., Hosu, J., Sarma, H., & Torres, D. (n.d.). “The Evolution of Digital Cinema:Executive Summary.” The Tuck School of Dartmouth. Retrieved from <http://faculty.tuck.dartmouth.edu/images/uploads/faculty/ron-adner/Digital_Cinema_Exec_SummaryFinal.pdf>

14 Stewart, A. (2013, April 17). “Filmmakers Lament Extinction of Film Prints.” Variety (Online). Retrieved from<http://variety.com/2013/film/news/film-jobs-decline-as-digital-distribution-gains-foothold-1200375732/>

15 Kharpal, A. (2015, February 12). “Year of the Hack? A Billion Records Compromised in 2014.” CNBC (Online).Retrieved from <http://www.cnbc.com/id/102420088#>

16 Bitium. (2015, February 10). “The Biggest Data Breaches and Hacks of 2014.” Recode. Retrieved from<http://recode.net/2015/02/10/the-biggest-data-breaches-and-hacks-of-2014/>

17 Gilbert, D. (2014, December 19). “Hackers Take Control in 2014.” International Business Times (Online).Retrieved from <http://www.ibtimes.co.uk/hackers-take-control-2014-sony-pictures-anonymous-hacktivism-fappening-snappening-regin-1480274>

References

12

18 “Identity Theft: Evolving with Technology.” (n.d.) San Jose Police Department. Retrieved from<https://www.sjpd.org/BFO/Community/Crimeprev/crimeprevention%20forms/Identitytheft.pdf>

19 Brustein, J. (2014, December 3). “Experts: Sony Hackers Were Inside The Company Network For A Long Time.”Bloomberg (Online). Retrieved from <http://www.bloomberg.com/bw/articles/2014-12-03/sony-hackers-were-inside-the-company-network-for-a-long-time>

20 “Class Action Complaint, Corona v. Sony Pictures Entertainment, Inc., CV09600.” (2014, December 15). Page15. Retrieved from <http://www.aceds.org/wp-content/uploads/2014/12/Corona-and-Mathis-v.-Sony-Pictures-Entertainment-12-15-14.pdf> 21 “Class Action Complaint, Corona v. Sony Pictures Entertainment, Inc., CV09600.” (2014, December 15). Page2. Retrieved from <http://www.aceds.org/wp-content/uploads/2014/12/Corona-and-Mathis-v.-Sony-Pictures-Entertainment-12-15-14.pdf>

22 Inagaki, K. (2015, January 19). “Sony’s Backers Focus on Bigger Picture After Cyberattack.” Financial Times(Online). Retrieved from <http://www.ft.com/intl/cms/s/0/3af3b790-97f2-11e4-84d4-00144feabdc0.html#axzz3Y444OMrD>

23 Reyes, M. (2014, December 23). “The Staggering Amount of Money Sony Could Lose On the Interview.” CinemaBlend. Retrieved from <http://www.cinemablend.com/new/Staggering-Amount-Money-Sony-Could-Lose-Interview-68751.html#comment-1750448701>

24 Seal, M. (2015, March). “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair (Online). Retrieved from<http://www.vanityfair.com/hollywood/2015/02/sony-hacking-seth-rogen-evan-goldberg>

25 Fritz, B., Yadron, D., & Schwartzel, E. (2014, December 30). “Behind the Scenes at Sony as Hacking CrisisUnfolded.” The Wall Street Journal (Online). Retrieved from <http://www.wsj.com/articles/behind-the-scenes-at-sony-as-hacking-crisis-unfolded-1419985719>

26 Seal, M. (2015, March). “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair (Online). Retrieved from<http://www.vanityfair.com/hollywood/2015/02/sony-hacking-seth-rogen-evan-goldberg>

27 Internet Movie Database. (n.d.). “The Interview.” Retrieved from<http://www.imdb.com/title/tt2788710/?ref_=nv_sr_1>

28 U.S. Department of State. (n.d.) “Democratic People’s Republic of Korea: 2013 Human Right Report.” Retrievedfrom <http://www.state.gov/j/drl/rls/hrrpt/humanrightsreport/index.htm?year=2013&dlid=220202#wrapper>

29 Fritz, B., Schwartzel, E., & Devlin, B. (2014, December 18). “Sony Pulls Korea Film 'The Interview;' U.S. BlamesPyongyang for Hack.” Wall Street Journal (Online). Retrieved from <http://www.wsj.com/articles/sony-cancels-release-of-the-interview-us-blames-pyongyang-for-hack-1418844906>

30 Kwaak, J. S. (2014, December 18). “Sony Hack Shines Light on North Korea's Cyber Attackers.” Wall StreetJournal (Online). Retrieved from <http://www.wsj.com/articles/sony-hack-shines-light-on-north-koreas-cyber-attackers-1418877740>

31 Foweler, S. (2014, December 17). “Why North Korea Fears The Interview.” BBC (Online). Retrieved from<http://www.bbc.com/culture/story/20141217-why-north-korea-fears-this-film>

32 Curran, J. (2015, January 12). “White House Sets Sanctions on North Korea for Sony Hack.” Cybersecurity PolicyReport. Retrieved from <http://search.proquest.com/docview/1648337932?accountid=12874>

13

33 Inagaki, K. (2015, January 19). “Sony’s Backers Focus on Bigger Picture After Cyber Attack. Financial Times(Online). Retrieved from <http://www.ft.com/intl/cms/s/0/3af3b790-97f2-11e4-84d4-00144feabdc0.html?siteedition=intl#axzz3RNT92iUr>

34 Seal, M. (2015, March). “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair (Online). Retrieved from

<http://www.vanityfair.com/hollywood/2015/02/sony-hacking-seth-rogen-evan-goldberg>

35 “Class Action Complaint, Corona v. Sony Pictures Entertainment, Inc., CV09600.” (2014, December 15). Page 9.Retrieved from <http://www.aceds.org/wp-content/uploads/2014/12/Corona-and-Mathis-v.-Sony-Pictures-Entertainment-12-15-14.pdf>

36 Fritz, B., Yadron, D., & Schwartzel, E. (2014, December 30). “Behind the Scenes at Sony as Hacking CrisisUnfolded.” Wall Street Journal (Online). Retrieved from <http://www.wsj.com/articles/behind-the-scenes-at-sony-as-hacking-crisis-unfolded-1419985719>

37 Fritz, B., Schwartzel, E., & Devlin, B. (2014, December 18). “Sony Pulls Korea Film 'The Interview;' U.S. BlamesPyongyang for Hack.” The Wall Street Journal (Online). Retrieved from <http://www.wsj.com/articles/sony-cancels-release-of-the-interview-us-blames-pyongyang-for-hack-1418844906>

38 Ibid.

39 Richwine, L. (2014, December 9). “Cyber Attack Could Cost Sony Studio as Much as $100 million.” Reuters. Retrieved from <http://www.reuters.com/article/2014/12/09/sony-cybersecurity-costs-idUSL1N0TT1YO20141209>

40 Alexander, B.; Mandell, A.; Weise, E. (2014), December 18). “No ‘Interview’ . . . on any platform.” USA Today.<http://www.usatoday.com/story/tech/2014/12/17/sony-hack-the-interview/20519545/>

14