South Koreans burned portraits of former North Korean leader Kim Jong-il and current leader Kim Jong-un after a cyber attack in 2009. REUTERS/Jo Yong-Hak What hackers have done to Sony Pictures is astounding.

How did they do it?

There have been just enough details leaked to the press and analyzed by security experts to put it together.

This was a targeted attack. That means the hackers set out to break into Sony. A targeted attack is the hardest to stop.

"Against a sufficiently skilled, funded and motivated attacker, all networks are vulnerable," wrote renowned security expert Bruce Schneier about the Sony attack.

The hackers said they gained access to Sony's networks from inside Sony. In November, after the attack was made public, several journalists said they contacted the group that claimed responsibility, Guardians of Peace, or GOP.

"Sony left their doors unlocked, and it bit them," a GOP member known as "Lena" told CSO Magazine. "They don't do physical security anymore."

"Physical security" is hackerspeak for things like doors, windows, keycards, and video cameras.

The hackers said sympathetic employees let them into the building. Lena told The Verge, "Sony doesn't lock their doors, physically, so we worked with other staff with similar interests to get in."

We don't know if these employees were knowingly helping hackers or tricked into helping.

The hackers reportedly stole a key password from someone in IT. US investigators told CNN the hackers stole the computer credentials of a system administrator, which gave them broad access to Sony's computer systems.

Once on the network, they planted malware. Some security experts, and documents obtained by Ars Technica, say that this was a form of "wiper" malware. Generally, that refers to malware designed to destroy the data, although in this case they used malware to collect data, too. The malware used Microsoft Windows management and network file-sharing features to spread, shut down the network, and reboot computers, reports Ars Technica.

This so-called wiper was apparently a variant of the type that a group called DarkSeoul used on South Korean banks last year. The FBI confirmed that the Sony malware found resembled that used in the bank hack.

The malware found and stole other passwords. The GOP told Sony it had grabbed private files, computer source code files for software, and files that held passwords for Oracle and SQL databases, among other documents. With access to that, the GOP grabbed data on movie production schedules, emails, financial documents, and much more and published much of it.

Security experts say this is where Sony was particularly weak. It could have used layers of security that would have prevented them from grabbing so much information even after breaking in. Many companies don't want to spend money on extra security that would specially protect email servers, password files, databases. That's a big lesson any company can learn. Use layers of security protection that can stop hackers after they break in.

The malware transmitted information back to other computers. The malware was communicating to computers elsewhere, including in Japan — possibly other computers on Sony's network. Some of the malware was written in Korean, Ars Technica and others report.

On the day of the hack, employees turned on computers and found this message on their screens, according to emails of the message sent to journalists.

Ultimately, the hackers threatened Sony with a terrorist attack if it didn't pull "The Interview" from theaters. The movie is a comedy about trying to assassinate North Korean dictator Kim Jong Un.

Sony bowed to the pressure and pulled the picture, and on Friday the FBI reported that "the North Korean government is responsible" for the hack.

Not everyone believes that North Korea was responsible, though.

Sony hasn't issued technical details of the attack, but it is busy trying to spin the situation, especially after Obama said on Friday that the company should not have caved and yanked the movie from theaters.