Expert: Thousands of people capable of Sony hack

The skill-set required to launch the massive cyberattack on Sony Pictures Entertainment last fall was not unique.

“There are probably a couple thousand, three, four, five thousand people that could do [the Sony] attack today,” said Jon Miller, a former hacker and current vice president of strategy at security firm Cylance, in a "60 Minutes" interview that aired Sunday night.

“Not all of them are in friendly countries,” Miller added. “And the number is growing rapidly.”

ADVERTISEMENT

The Sony hack has become an inflection point for cybersecurity issues. It spurred companies to ramp up their cyber defenses and has driven Congress to more seriously consider long-stalled cyber bills.

The digital assault crippled Sony. According to "60 Minutes," it destroyed over 3,000 computers and more than 800 servers. The film studio is still working to repair the damage.

Before the hackers wiped Sony’s system clean, they stole and then released troves of the company’s data, including senior executives’ emails, unreleased films and over 6,000 employees’ personal information.

The White House pinned the attack on North Korea and alleged the hit was retaliation for Sony’s comedy, “The Interview,” which depicts the assassination of North Korean leader Kim Jong Un.

Facing threats of physical violence from the hackers, Sony nearly pulled the film. Ultimately, the studio chose to roll out "The Interview" through online streaming platforms and in a small number of independent theaters.

President Obama eventually imposed economic sanctions on the reclusive East Asian nation as part of the government’s response.

Despite the massive disruption caused by the incident, Miller insists the attack itself was “not very” sophisticated.

“When you look at it in contrast to the capabilities the United States government is deploying, it is nowhere close to being sophisticated.”

He equated the Sony hack to a moped. In comparison, the U.S. government is an F-22 fighter jet.

Still, Sony is not the last time a company will fall victim to a similar cyberattack.

“We’re going to see deeper levels of destruction,” Kevin Mandia, chief operating officer at security firm FireEye, told "60 minutes."

Sony brought in FireEye almost immediately after discovering the hack. The firm matched the malware on Sony’s system to a malware sample it’s thought North Korea used in a 2013 hacking on South Korea’s banks.

“It’s going to get worse before it gets better,” Mandia said.