I haven't found a good write up on the attack, however my understanding is it was mainly due to Sony's lack of security and not the prowess of the hackers.
This was something like SQL Injection and non password protected excel files with employees social security numbers. The state-sponsored APTs you are talking about are hundreds of millions of dollars worth of custom software engineering.
However I agree with your general premise that another government essentially blackmailing one of our private companies is worrying.
