It is being widely reported in the press that Sony has been hacked again. Unreleased movies are now posted on line. Confidential HR data has been released. Employees have taken a step back into the 1980’s, replacing email with telephones, handwritten notes and fax machines (Mommy, whats a fax machine?”).
Nobody knows who did this, but the suspicion is that North Korea has done this in retribution for the pending release of a movie found objectionable by the PRK government. re/code has good coverage of this evolving story.
How could the PRK infiltrate Sony networks? HP looked at this issue in the context of an earlier attack attributed to the PRK. Unsurprisingly, spearphishing was one of the ways in.