What Now for Sony Pictures?
| published December 18, 2014 |

By R. Alan Clanton
Thursday Review editor

Though the massive attack was suspected of having links to North Korea, neither the private security teams, like Fire Eye’s Mandiant cyber unit, nor the FBI were confirming the connection to the government of Kim Jong-un.

Now, however, the White House and the FBI—along with several other U.S. authorities—are confirming what is known: the data breach which occurred at Sony Pictures Entertainment last month was the result of North Korean hackers, likely members of the elite military group called Unit 121, and probably using outside mercenary contractors in China and Thailand to assist with the cyber-attack.

The intrusion and theft has resulted in the widespread release of tens of thousands of emails, reams of corporate data and financial spreadsheets, salary information, and personnel data which includes names, addresses, social security numbers and medical and dental insurance records of employees. The hack also resulted in the deliberate theft of a dozen digital versions of motion pictures, along with marketing materials related to films and television programs.

The group that initiated the attack—which calls itself Guardians of Peace—says that the breach was meant to stop the release of the movie The Interview, a satire-comedy starring Seth Rogen and James Franco. The film was scheduled for a Christmas Day release, but due to a flurry of cancellations by several of the largest U.S. theater chains over the previous 24 hours (Carmike Cinemas, Cineplex-Odeon, Regal Cinemas, AMC, and Cinemark all announced on Wednesday that they were withdrawing from screening the movie), Sony Pictures reluctantly yielded to concerns and pulled the film from immediate distribution.

Sony has not said whether it will attempt to release the movie at some later date or in some other venue, but conservative estimates suggest that if the film is scrapped forever, the cost to Sony would be at least $54 million. Actor, director and other royalties would also suffer, meaning that the overall economic impact would stretch far beyond Sony’s corporate level.

Worse for Sony may be the long-range impact of the lawsuits now trickling in across a variety of jurisdictions, including class action suits being brought by current and former employees of Sony Pictures.

Questions now circle around what—if any—response will come from the United States. The Obama administration, though pointing the finger at Pyongyang, has not indicated whether it will retaliate.

Though North Korean officials have repeatedly said that its country is not responsible for the cyber-attack, it has publicly praised the intrusion as a “righteous deed.” The Interview tells the comedic-action story of two television journalists who are recruited by the CIA to travel to Pyongyang and assassinate Kim Jong-un. When word of the film and its script reached North Korea early in 2014, Pyongyang asked the United Nations and other international bodies to intervene to stop the motion picture from reaching the big screen. When there was no intervention by international authorities in the matter, North Korea upped the ante—waging a campaign of denouncement and threats, and encouraging supporters of the country to take action against Sony Pictures.

The cyber-attack has been a disaster for the Culver City based Sony Pictures. Stolen emails and other internal correspondence have caused embarrassment and distress across a wide range of issues (including race and gender), and spreadsheets showing actor salary disparities between female leads and their male counterparts in many movies have irked progressives and liberals who generally believe that Hollywood’s business practices reflect its overall inclination to progressive causes and political concerns. The potential loss of revenue from the stolen movies (these include Fury, Annie, and Mr. Turner), some of which were widely distributed within hours of the attack, could easily run into the tens of millions of dollars. And an unfavorable outcome in the various class-action lawsuits—each of which allege, among other things—that Sony Pictures sought to save money by not upgrading its computer system nor its cyber-intrusion counter measures, could also cost Sony many millions in damages.

Marketing and advertising will also be disrupted for many months, if not years, as many of the emails and other stolen material reveal closely-guarded secrets regarding casting decisions, screenplays and scripts, character development and plot twists, and the details of internal debates about shooting schedules and editing decisions. Advertising dollars already deployed or earmarked for the Christmas season will also face a myriad of problems. Example: even though the major theater chains and Sony Pictures have pulled The Interview from its Christmas Day release, ads promoting the movie’s December 25 premier were still airing on many cable networks as of late last night, and it is not immediately clear if Sony has the ability to insert alternate ads into those time slots).

Actors Seth Rogen and James Franco, after appearing on Saturday Night Live on December 13, postponed or scrubbed all further public events related to the film, including an appearance of The Tonight Show as well as a planned premiere in New York. It was not clear if the decision to cancel appearances by Rogen and Franco came from Sony, from the actors’ agents and management, or if the decision was made personally. At that time, Sony Pictures said it still intended to release the movie as planned on Christmas Day.

The cancellations by the major theater chains came after Guardians of Peace—the group which has claimed responsibility for the cyber-attack—issued not-so-subtle warnings earlier this week that theaters which chose to screen The Interview could expect a 9/11 style attack. Though the FBI and the U.S. Department of Homeland Security each said publicly that there was no credible evidence of an actual attack on theaters, internet and street buzz gained so much momentum (as did concerns among groups representing theater employees), that by early Wednesday at least one theater chain had already announced it would not show The Interview. By later in the same day four other major chains had dropped the film.

“Due to wavering support for the film The Interview by Sony Pictures,” Regal Entertainment said in a written and emailed statement on Wednesday, “as well as the ambiguous nature of any real or perceived security threats, Regal Entertainment Group has decided to delay the opening of the film in our theaters.”

AMC followed suit within hours.

“The recent cancellation of The Interview’s premiere and publicity appearances by its leading talent, and the overall confusion and uncertainty that has been created in the marketplace, brings into serious doubt whether the movie will open at all next week. At this time, to best enable AMC guests to plan their holiday movie-going with certainty and confidence, AMC is programming its theaters without The Interview.”

Though the cancellation of the Christmas Day release of The Interview may help the short-term profits of Sony’s competitors (Other December 25 openings include Walt Disney’s Into the Woods, starring Meryl Streep and Johnny Depp, and Universal’s Unbroken), this is little comfort to much of the Hollywood establishment which senses that the same catastrophe could have easily affected it. In fact, some cyber-security experts suggest that the Sony Pictures hack attack is merely one early example of what to expect as cyber-warriors and computer terrorists become more effective at their tradecraft.


Related Thursday Review articles:

Sony Pictures Cancels Release of The Interview; R. Alan Clanton; Thursday Review; December 17, 2014.

Sony Pictures Attorney Strikes Back; R. Alan Clanton; Thursday Review; December 16, 2014.