Sony Hack Chronology

Day 1: All employee workstations show an intimidating message along with warnings that all demands have to be obeyed or top secret information will be released. Nobody can use their computers.

Day 2: Computers still unusable in primary business regions. Press begins to release assumptions about the situation.

Day 3: Still no working possible via computer, email or voicemail.

Day 4: Movies that were yet to be released are dumped onto online file-sharing platforms for free.

Day 5: Reports surface that Sony suspects a retaliation act by North Korea for the movie ‘The Interview’ which could have been a provocation to them.

Day 6: Sony computers, mail system and voicemail still not available.

Day 7: More speculation on a North Korean involvement

Day 8: Pre-bonus salaries from several Sony executives are leaked. Several other HR related data sets are being published. FBI is asked for cooperation in the case.

Day 9: Sony leadership advises staff of the attack and lets them know that data has been leaked. Personal information might be included.

Day 10: Data dump is released and contains information on budgets, contracts, passports, visas, usernames and passwords. Sony initiates retaliation act by starting denial-of-service attacks on all websites providing the stolen data.

Day 11: Similarities of attack strategy affecting South Korean entities are revealed.

Day 12: Sony employees receive emails that threaten themselves and their families.

Day 13: Attack analysis shows the attack was an unparalleled and well planned crime by an organized group.

Day 14: North Korea denies involvement in the attack but praises the initiative.

Day 15: Warning letter is posted online and includes more leaked data such as a list of celebrity aliases.

Day 16: High level employee email communication is published.

Day 17: Concerned movie ‘The Interview’ has its premier.

Day 18: Medical data and other HR documents of Sony staff is released.

Day 19: 7th large Sony file dump is being released with the working that an upcoming release will put Sony Pictures into the ‘worst state’.

Day 20: Early project data and other business relevant information is released. Sony sends letters to media organizations asking them to delete and destroy and of the data they might have obtained illegally.

Day 21: CEO Michael Lynton confirms that the highest levels of the FBI are supporting them with the investigation and promises that the cyber-attack will not be bringing the company down. Lynton criticizes press and compares them to the hackers. Former employees confirm that the Sony security measures to protect personal data were inadequate.

Day 22: Attackers are threatening theatres that are showing ‘The Interview’. More data and email communication is released.

Day 23: Sony cancels any more premieres and plays of ‘The Interview’. Adverts are being pulled as well.

Day 24: White House Press Secretary takes position on the case and confirms the attach it being treated as serious national security issue.

Day 25: FBI confirm the attack was planned and instrumented by North Korea with intended to harm U.S. business and suppress the right of citizens to express themselves.

Day 26: North Korea rejects the statement, proclaiming to be innocent. They are warning about ‘serious consequences’ if the U.S. retaliates.

Day 27: President Obama states that the U.S. will ‘respond proportionally’ to North Korea’s cyber-attack on Sony Pictures. North Korea claims the movie was instructed by U.S. government and threatens to attack White House, Pentagon and the whole U.S. mainland.

Day 28: U.S. government asks North Korea to compensate Sony for the cyber-attack and the damages done. The estimated losses top $100m and breaches several laws on personal privacy of the employees as well.

Day 29: Sony decides that the movie after all will be aired in theatres on on video-on-demand platforms simultaneously. The decision is praised with the U.S. President and the actors and makers of the movie.

Day 30: Sony makes the movie available for rent and provides it to more movie platforms that operate online.

Linked to article: RESILIA: When InfoSec Meets ITSM