In the second episode of the third season of Apple TV+’s The Morning Show, audiences learn that the UBA network has been the victim of a newsroom-wide cyberattack. The hosts of the company’s titular Morning Show are in the middle of taping the day’s broadcast when the equipment begins to experience technical difficulties: the teleprompter cuts out, the producers get locked in the editing room, and all of the landline phones no longer work. The team bands together to try and regain control of the messy situation as the power completely goes out. At first, they believe there’s an active shooter in the building and take shelter. After they regain power, however, they realize an outside party has hacked their systems.
The hackers, whose identity remains unknown throughout the episode, communicate with Cory Ellison (Billy Crudup)—President of the UBA Network—and inform him that they have an intimate video of Bradley Jackson (Reese Witherspoon) that was sent to Laura Peterson (Juliana Margulies), whom Jackson had been romantically involved with. The hacker managed to gain access to many different types of data and demanded that UBA pay $50 million, or the video would be leaked to the public. When he brings this up to the board, they refuse to pay, and Jackson has to go on live television and warn viewers that “certain things may come to light, personal things, that were never meant to be shared.”
You are reading: How The Morning Show Rewrites the Notorious 2014 Sony Hack
If these scenes seem familiar at all, it’s because the show seems to mirror the events of the hack that Sony fell victim to back in 2014. In short, a group of hackers named The Guardians of Peace were gained access to Sony’s computers along with a mountain of information, emails, and data. They communicated with the company on Pastebin and threatened to “commit acts of terrorism against movie theaters” that showed the movie The Interview—a satirical comedy starring James Franco and Seth Rogen, in which two American journalists assassinate North Korean leader Kim Jong Un. The hackers are believed to have some sort of connection with North Korea, though the country’s leadership has denied it.
The cybercriminals were able to access large amounts of sensitive information, including Social Security numbers, medical and salary information, unreleased films and scripts, and even the aliases of close to a dozen Hollywood celebrities. There was also a leaked email between former Sony Entertainment chairperson Amy Pascal and producer Scott Rudin, in which they joked about former president Barack Obama’s race. According to reports from 2015, the hack cost the company $15 million.
Given the upgraded state of cybersecurity today, a hack of this magnitude nearly a decade later might seem to be farfetched fodder for a contemporary TV series. But Suman Jana, an associate professor of computer science at Columbia University, says a breach of this kind remains “very much possible.” He tells TIME that all a hacker needs is access to one machine in the company’s network, and an attack can “propagate from there.” A common way of gaining access is through phishing emails—a fake email hackers send with links that allow them to access a device. Once the hackers gain access to one employee’s device, they might not have what they’re looking for, so they can start “jumping from that employee’s machine to someone else’s machine and start kind of collecting all this data and sending it all over.” Newer networks in companies have been designed with these attacks in mind, so they are built with “partitions” to make jumping from one computer to another more difficult, he says.
Jana tells TIME that companies have also put more policies in place to combat these sorts of attacks, like making passwords longer and harder to guess, as well as extensive training on spotting these suspicious emails. “I feel like the severity of these attacks will probably go down a little bit, depending on the organization and how well it has planned,” Jana says, “It can definitely happen, and I think it happens quite frequently.”
By the end of the second episode of The Morning Show, the issue still looms large, with questions about who was behind the cyber attack, leaving the audience guessing. The board’s decision not to pay the ransom seems likely to cause further issues for the rest of the characters down the line. Ellison, the president of UBA (and its unsuccessful streaming service), has to figure out how to keep himself and the company safe, even if that means some people are collateral damage.