Reposting from another thread because it's more relevant here:
Here's something I am curious about: if this was NK and it is in response to The Interview, how did they get so deep so quickly? Other state sponsored hacks seem to span multiple years with multiple iterative hacks that get deeper into the target, but The Interview only wrapped shooting a year ago and wasn't really publicly known until mid 2013.
I think he meant that the malware that was used was pretty advanced and the information that was hard-coded would've taken a lot of time to gather. The movie's premise was only publicly announced last June.
Why don't other attacks act as a litmust test here? One person opening an email doesn't open up access to every system and all the data in one fell swoop. Ok an email was opened. And then... It takes time to go from one system to the next, so why did his happen so fast?
It doesn't take time once you get Domain Admin, and there is no indication of how fast it happened. I've seen companies lose DA, and therefore their entire enterprise, in hours. You can then push malware to everyone on the domain.
Hearsay alert: Sony was penetrated by several independent parties, in 2013, and at least one of the penetrating parties used the access for financial gain.
Here's something I am curious about: if this was NK and it is in response to The Interview, how did they get so deep so quickly? Other state sponsored hacks seem to span multiple years with multiple iterative hacks that get deeper into the target, but The Interview only wrapped shooting a year ago and wasn't really publicly known until mid 2013.