North Koreans (or somebody very much like them...) hacked into Sony's systems and revealed emails that upset a bunch of high-paid executives, producers and actors.
Boo hoo.
In response to a vague threat of violence by the same people, all the major cinema chains decided not to run the movie that is the cause of the attack.
If they make a vague threat against the Super Bowl, will it be cancelled? How about the next Olympics? Or all the malls in American the week before Christmas? Or your cousin Sheldon's bar mitzvah?
The first sensible thing I've read about this whole situation is an interview with cybersecurity expert Peter W. Singer by Jason Koebler at Motherboard.vice.com. Here are a few of Singer's observations:
Sony has labeled what happened to it as cyberterrorism and various media have also described it as cyber terrorism. The reality is having your scripts posted online does not constitute a terrorist act. The FBI describes that as an 'act that results in violence.'
...We need to distinguish between threat and capability—the ability to steal gossipy emails from a not-so-great protected computer network is not the same thing as being able to carry out physical, 9/11-style attacks in 18,000 locations simultaneously.
By caving in, [Sony] may think they're cutting their losses, but they're setting an absolutely horrible precedent that makes every other company less safe moving forward.
In a follow-up post, Jason Koebler points out:
North Korea (or whoever it was) used code that has been described by Cisco's security intelligence group as "simplistic, not very complex, and not very obfuscated" to steal social security numbers and intellectual property from a company that stores its passwords in an unencrypted Excel file called Master_Password_Sheet and saves unencrypted, plaintext listings of the unencrypted servers holding its employees’ social security numbers.
If you leave your keys in the car, don't be surprised if it's gone when you finish shopping.
The sane response would have been for Sony (and every other company) to take this is a wake-up call, strengthen the security of their systems, and let the movie run.