U.S. Officials Say North Korea Responsible for Sony Cyber Attack

The White House may formally accuse North Korea of launching a cyberterrorism attack on the Hollywood studio

2 min read
U.S. Officials Say North Korea Responsible for Sony Cyber Attack
Photo: KCNA/Xinhua/Alamy

Update, 19 December: The U.S. Federal Bureau of Investigation says “has enough information to conclude that the North Korean government is responsible for these actions.” President Barack Obama told reporters that “we will respond proportionally and we will respond in a place and time and manner that we choose.” He also called Sony’s decision to cancel release of the “The Interview” a mistake.

The idea of North Korea hacking a Hollywood studio in retaliation for making a comedy film about an assassination attempt on North Korean leader Kim Jong un might have sounded absurd at first. But U.S. officials say they have uncovered evidence of North Korea’s involvement in the cyberattack on Sony Pictures and subsequent public leaking of a slew of internal corporate files ranging from embarassing executive e-mails to the upcoming slate of unreleased films.

News publications such as the New York Times cited “senior administration officials” as saying President Obama’s administration was debating whether to formally accuse North Korea of launching the equivalent of a cyberterrorism attack. The Sony Pictures hack recently took on an even darker tone when the purported hackers invoked the memory of the 11 Sept. 2001 terrorist attacks and threatened attacks on movie theaters if Sony went ahead with the theatrical release of its comedy film “The Interview.”

Such threats led all four major theater chains in the U.S. to cancel showings of “The Interview” and prompted Sony Pictures to officially put the film’s release plans on hold, according to Deadline. The chill descending over the freedom of artistic expression may be felt for a long time in Hollywood: an untitled thriller set in North Korea involving director Gore Verbinski and actor Steve Carell has also been scrapped.

White House press secretary Josh Earnest deflected questions about North Korea’s involvement at a press briefing held today (18 December), but President Obama is scheduled to speak during his usual end-of-year press briefing tomorrow. Earnest only described the cyberattack as a “serious national security matter” involving a “sophisticated actor.” He also confirmed that the U.S. Department of Justice is working with the FBI on the investigation.

Attributing responsibility for cyberattacks is notoriously difficult. According to the New York Times, the forensic evidence from the Sony Pictures hack suggests the attackers used commonly available commercial tools and techniques found in previous cyberattacks on a Saudi Arabian oil company and on South Korean banks and media companies. Experts also suspect insider help because of the names of Sony servers and administrative credentials found in the malware code that infiltrated Sony’s computer network. (See IEEE Spectrum’s previous story “How Not to Be Sony Pictures.”)

The New York Times added that the U.S. National Security Agency has attempted to penetrate North Korea’s computer networks to keep track of the country’s cyber activities. But many of North Korea’s cyberattacks originate from China, a country that also has swarms of hackers for hire. Criminal hacker organizations also exist in many other countries worldwide.

U.S. officials potentially face a dilemma in deciding how to respond to North Korea, if they decide the Sony hack constitutes a serious act on the level of something like cyberterrorism. Coincidentally, Hollywood’s Universal Studios recently released a second trailer for its upcoming Michael Mann thriller “Blackhat,” which stars Chris Hemsworth as a hacker helping U.S. and Chinese law enforcement track down a cyberterrorist.

The Conversation (0)

How the FCC Settles Radio-Spectrum Turf Wars

Remember the 5G-airport controversy? Here’s how such disputes play out

11 min read
This photo shows a man in the basket of a cherry picker working on an antenna as an airliner passes overhead.

The airline and cellular-phone industries have been at loggerheads over the possibility that 5G transmissions from antennas such as this one, located at Los Angeles International Airport, could interfere with the radar altimeters used in aircraft.

Patrick T. Fallon/AFP/Getty Images

You’ve no doubt seen the scary headlines: Will 5G Cause Planes to Crash? They appeared late last year, after the U.S. Federal Aviation Administration warned that new 5G services from AT&T and Verizon might interfere with the radar altimeters that airplane pilots rely on to land safely. Not true, said AT&T and Verizon, with the backing of the U.S. Federal Communications Commission, which had authorized 5G. The altimeters are safe, they maintained. Air travelers didn’t know what to believe.

Another recent FCC decision had also created a controversy about public safety: okaying Wi-Fi devices in a 6-gigahertz frequency band long used by point-to-point microwave systems to carry safety-critical data. The microwave operators predicted that the Wi-Fi devices would disrupt their systems; the Wi-Fi interests insisted they would not. (As an attorney, I represented a microwave-industry group in the ensuing legal dispute.)

Keep Reading ↓Show less