Obama blames North Korea for Sony hack: 'We will respond'

Even North Korea experts who say they still need to see proof of Pyongyang’s involvement are categorical: Whoever carried out the attack, the response must be so swift and punitive as to nip in the bud what many are calling a new type of warfare that threatens the global flow of ideas.

Kevork Djansezian/Reuters
Heavy security surrounds the entrance of United Artists theater during the premiere of the film 'The Interview' in Los Angeles, Calif. in this December 11. Sony Pictures canceled the December 25 theatrical release of its North Korea comedy after major United States theater chains pulled out of showing the film following threats from hackers.

Now that the Obama administration says North Korea had a hand in the hacking at Sony Pictures that resulted in Sony’s decision not to release a North Korea-themed comedy movie, attention is shifting to what steps the United States – and other upholders of freedom of expression – should take to counter the cyber attack.

On Friday, President Obama laid the blame for the attack on North Korea, but also said Sony should not have bowed to the threats.

"We can confirm North Korea engaged in this attack," Mr. Obama said at his end-of-the-year press conference. He also said that Sony "made a mistake," in pulling the film.

Even North Korea experts who say they still need to see proof of Pyongyang’s involvement are categorical about one thing: Whoever carried out the attack, the response must be so swift and punitive as to nip in the bud what many are calling a new type of warfare that threatens the global flow of ideas.

“President Obama likes to talk about teachable moments. I think he and all of us should want this to be a very teachable moment,” says Nick Eberstadt, an expert in North Korea and political economy at the American Enterprise Institute in Washington.

While he believes North Korea has the means to carry out a sophisticated cyberattack, Mr. Eberstadt says he still wants to see the evidence the US government has to be convinced Pyongyang was involved in this case.

But whoever attacked Sony and threatened mass violence over a planned movie release, he adds,  “If we go down the path [of retaliation], we have to make sure the measures are so forceful and far-reaching that the perpetrator this time, or whoever might contemplate this kind of action, never ever thinks about doing this again.”

On Wednesday Sony canceled the scheduled Christmas Day release of “The Interview,” a comedy in which actors James Franco and Seth Rogen portray floundering TV journalists who are recruited by the CIA to assassinate North Korean Leader Kim Jong-un.

A murky group of hackers calling themselves “Guardians of Peace” had warned that viewers of “The Interview” risked a “bitter fate” reminiscent of the 9/11 attacks. Major theater chains said they would not show the film, and Sony said it had no choice but to take the “sad” step of canceling the release.

US officials began commenting anonymously after Sony’s decision that the attack had the hallmarks of North-Korean-directed activity. On Friday the FBI issued a statement saying it “now has enough information to conclude that the North Korean government is responsible for these actions.”

The FBI offered evidence it said led to its conclusion, including:

  • Data deletion malware used in the attack revealed links to other malware the FBI knows was developed by “North Korean actors.”
  • Several IP addresses known to be associated with North Korean infrastructure communicated with IP addresses hardcoded into the malware used in the Sony attack.
  • Tools used in the Sony attack “have similarities” to a cyberattack last year on South Korean banks that was carried out by North Korea.

The White House on Thursday declared the Sony attack “a serious national security matter,” with spokesman Josh Earnest saying that a response, once responsibility for the attack was determined, would be “proportional.”

"We will respond. We will respond proportionally and in a place and time and in a manner that we choose," Obama said, adding he wouldn't be laying out the details at a press conference. Action is necessary, he said, because "we cannot have a society where a dictator someplace can start imposing censorship here in the US."

But many cyberanalysts and North Korea experts said it was unclear what a “proportional response” would be, while others said the implications of the Sony attack are so grave that any response must go beyond some kind of equivalent measures.

“A disproportionate response is what would be called for,” says Eberstadt, author of “The End of North Korea,” a 1999 study of the systemic failures he believes will lead to the communist pariah state’s collapse.

Some administration officials have hinted that more sanctions could be in the offing, although the paltry North Korean economy is already heavily sanctioned. 

Perhaps the most effective action would be to sanction the offshore banks, often Chinese, that the North Korean regime depends on, some North Korea experts say. US officials say Pyongyang uses the banks to launder the proceeds of illicit tobacco, pharmaceutical, and other drug trading.

US Treasury Department measures carried out against the Macao-based Banco Delta Asia in 2005 over its dealing with North Korea are often cited as the most successful punitive action dealt the Kim regime.

Whatever the US decides to do, it will have to be carried out in conjunction with others to be effective, some experts say. In particular, any measures designed to cut short a new global war on freedom of expression will have to include other proponents of universal rights, analysts say.

One tricky factor is that any effective effort aimed at curtailing North Korean cyberattacks should include China, Pyongyang’s principal backer, Eberstadt says. But China also stands accused by the US of engaging in hacking of US companies’ databases, and even of US government information systems.

“China would have to be part of any stop light assembled against North Korea,” says Eberstadt. “China is North Korea’s financial patron and its defense attorney internationally.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.