President Obama has promised a “proportional” response to what the FBI says was North Korea’s massive, costly, and threatening computer hack at Sony Pictures Entertainment over the corporation’s yet-to-be-released satire “The Interview.”
White House press secretary Josh Earnest has said there are “a range of options” under consideration.
But the possibilities for Obama here are limited. Technically, the US and the "Democratic People's Republic of Korea" (DPRK) have remained at war since the Korean War armistice in 1953.
There is no appetite for military action, and the US already has severe trade sanctions in place. Even if investigators could identify and prosecute the individual hackers believed responsible, there's no guarantee that any of them operating overseas would ever see a US courtroom. For the US to retaliate by hacking North Korean targets could encourage further attacks against American corporation, institutions, and government entities.
“You don’t have a lot of good choices,” Martin Libicki, a cyberwar expert at the Rand Corp, told the Wall Street Journal. “We’re probably looking for something of a small, symbolic nature or a quasi-symbolic nature.”
In the latest twist North Korea said Saturday it could prove it had nothing to do with the attack on Sony.
"We propose to conduct a joint investigation with the US in response to groundless slander being perpetrated by the US by mobilizing public opinion," a North Korean spokesman was cited as saying by KCNA, the official news agency. "If the U.S. refuses to accept our proposal for a joint investigation and continues to talk about some kind of response by dragging us into the case, it must remember there will be grave consequences.”
In a not-so-veiled reference to the recent Senate Intelligence Committee report on “enhanced interrogation techniques,” the North Korean spokesman said, “We have a way to prove that we have nothing to do with the case without resorting to torture, as the CIA does.”
"The U.S. should bear in mind that it will face serious consequences in case it rejects our proposal for joint investigation and presses for what it called countermeasures while finding fault with" North Korea, the spokesman said.
Koh Yu-hwan, a professor at Seoul's Dongguk University in South Korea, called the North's proposal a "typical" tactic the country has taken in similar disputes with rival countries. In 2010, North Korea proposed a joint investigation after a South Korean-led international team concluded that the North was behind a torpedo attack that killed 46 South Korean sailors, though Pyongyang denied its involvement. South Korea rejected the North's offer for the joint probe.
"They are now talking about a joint investigation because they think there is no conclusive evidence," Professor Koh told the Associated Press. "But the US won't accede to a joint investigation for the crime."
In Washington, National Security Council spokesman Mark Stroh dismissed North Korea’s latest response.
"We are confident the North Korean government is responsible for this destructive attack,” Mr. Stroh said. “We stand by this conclusion."
The FBI reported Friday that the agency “now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
• Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
• The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
• Separately, the tools used in the [Sony] attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.”