Sony hack: Why do analysts believe North Korea is behind attack?

Sony reportedly canceled the release of 'The Interview' Wednesday, after a terrorist threat aimed at theaters that screened the comedy about the attempt to assassinate Kim Jong-un.

Kevork Djansezian/Reuters
Cast members James Franco (L) and Seth Rogen pose during premiere of the film "The Interview" in Los Angeles Dec. 11. The New York premiere of "The Interview", a Sony Pictures comedy about the assassination of North Korean President Kim Jong-Un, has been canceled and several chains have pulled the movie, after threats from a hacking group.

The sweeping cyberattack at Sony in apparent retaliation for the film “The Interview” – and the subsequent terrorist threat by hackers that caused the studio to cancel the release of the movie Wednesday – has caused observers to wonder if the release of a low-brow comedy really is the sort of minor-league event that would incur the wrath of North Korea. And does the secretive dictatorship even have that sort of capability?

The answer, analysts say, appear to be yes and yes.

“It’s hard for me to believe that a non-state actor or rogue ex-employee would have the capability or the capacity to be able to pull off something like this,” says Amy Chang, a research associate at the Center for a New American Security.

“If you look at the trajectory of the hack, and how much data they took, it had to have been taken over a really long period of time,” she says. “It seems to be something that was coordinated with lots of resources.”

Although the breadth and depth of the hack was considerable, Ms. Chang adds, it’s not a particularly tricky thing to pull off with the right manpower. 

“I actually don’t think one has to have very sophisticated techniques,” she says. “For companies that aren’t in the ‘security space’ – Sony, Home Depot, Target – security is an afterthought. By sending out phishing emails or corrupt links – even the most basic techniques – you’re able to infiltrate a system.”

The material hacked has included everything from payroll information and the Social Security numbers of Sony employees to unreleased films to embarrassing e-mails, at least from the point of view of executives, who had written scathing comments about actors such as Angelina Jolie, Michael Fassbender, and Kevin Hart and cattily joked about President Obama's taste in films.

Although North Korea’s cyber capabilities are hampered by aging infrastructure and a lack of foreign technology – as well as restrictions that countries like the US impose on high-tech trade to North Korea – its cyber warfare capabilities are nonetheless on the rise, according to recent study.

Indeed, North Korea is “remarkably committed” to improving its cyber capabilities, according to the report from Hewlett-Packard researchers.

South Korea also claims that North Korea has a premiere hacking unit, known as Unit 121, that is, after the US and Russia, the “world’s third largest cyber unit.”

North Korea has long been reported to receive help in its cyber endeavors from China and Iran, Chang notes.

But would the regime really be motivated to launch a large-scale cyber attack based on a comedic film – even one about the assassination of Kim Jong-un? After all, "Team America: World Police" had a similar subplot 10 years ago.

“Because of the nature of the film and its content – assassination – this has the potential to create ripples in North Korea,” Chang posits. “They are a very closed-off society, but sometimes pirated films can make it through the borders.” 

And making fun of North Korea’s "Supreme Leader," she adds, “is considered an existential threat to the safety of the regime.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.