Modern field guide to security and privacy

Opinion: In response to Sony hack, US should focus on China not North Korea

President Obama has few good options from deterring North Korea from attacking – but he might be able to convince Beijing. 

North Koreans bowed to commemorate the third anniversary of the death of former leader Kim Jong Il.

​It's a story more bizarre than any Hollywood script about out-of-control hackers, but it turns out the North Koreans actually were behind the hack against Sony Pictures.

President Obama said Friday that we will “respond proportionately and in a place and time and manner that we choose.” What this really means for now is that the administration will keep the issue quiet, continue the focus on Cuba, and allow DC to take a year-end vacation.

 Mr. Obama’s punt is not a big surprise as there simply are no good options for responding to North Korea. How do you calibrate a “proportional response” when not countering a military attack but one that targets freedom of expression? How do you penalize a dangerous pariah state that might strike out even more dangerously and has been nearly undeterred from far more dangerous behavior?

The way through is for Obama to turn his personal attention to his Chinese counterpart, Xi Jinping, in Beijing every bit as much as Pyongyang.

To start with, the US government does not need to respond as if this is a cyberwar: no one has died from the digital assault on Sony (and it doesn’t appear that anyone has ever died from any cyber attack ever). And though it is tempting to unleash our own cyber forces, the seemingly mighty US Cyber Command is not likely to offer many promising options. If the assault were still continuing, then US military cyberattacks might have been able to disrupt the adversaries, but now the attack is over and the damage is done.

Likewise, it would be worse than useless for “proportional” to mean a law-enforcement investigation which may or may not result in an indictment, as the Department of Justice did against Chinese officers involved in corporate espionage. The Sony attack has gone beyond spying and needs a stronger response.

So in order to have a “proportional response,” the US must go beyond just an increase in sanctions and publicly release the specific evidence. Vague assertions won’t cut it. The US cannot create the global norms it wants by keeping information classified and only discussing the issues behind closed doors with diplomats, generals and spies. 

If the last two administrations had been more public and transparent with those denunciations, such adversaries might feel less emboldened. It took 10 years for the US government to tell the Chinese that aggressive commercial espionage against companies was unwelcome and despite leaking that Iran was responsible for denial-of-service attacks against US banks, the government never went public with the evidence or the allegations. 

Better yet, Washington learn from the response to past North Korean atrocities, such as in 2010 when a submarine torpedoed and sank the Cheonon, a South Korean naval corvette, an attack which killed 46 sailors. Then, a group of forensic and other experts examined all the evidence to produce a comprehensive report which helped cement the facts and Pyongyang’s responsibility. As described in a recent Atlantic Council report on cyber confidence-building measures, the US should convene a similar group to examine the Sony hack, perhaps led by a world-class technologist such as Internet-founders Vint Cerf or Steve Crocker.

Transparency of all sorts, and especially a public investigation, would be a strong step to prove that attribution is possible and help create stronger international norms.

In addition to transparency, the White House should start by convening a high-level meeting with its allies Japan and South Korea to discuss next steps to deal with North Korea’s cyberthreat.

The main strategic result of Russia’s 2007 attacks on Estonia was that NATO wakened to the Russian cyber threat and established plans, capabilities and purpose-built organizations. The allies which routinely face North Korean cyber threats should similarly form a regular working group to stand together and improve defenses and common responses.

Of course, the US must also raise the matter in the UN Security Council. Even if it cannot get consensus to condemn the North for a threat to the peace, perhaps it can still obtain a Presidential Statement, as it did after the Cheonan.

Most importantly, and as I have written previously, “[w]hen it comes to preventing the regime of Kim Jong Un from lashing out with cyberattacks, the path must begin not in Pyongyang but Beijing.”

With the new “reset” of China and US relations, the administration must re-engage the Chinese to rein in their unruly ally. China could probably stop this directly and immediately if they wanted, as many if not most North Korean hackers work from inside China.

 But an even more important reason to enroll China is to get President Xi Jinping’s personal buy-in that Sony-style attacks are unacceptable. The president probably can’t deter North Korea from these kinds of attacks, but perhaps he can convince Beijing. 

Without strong steps now, perhaps it won’t just be a North Korean attack against a film company next, but a Chinese or Russian attack on Google, CNN, or The Christian Science Monitor for featuring investigative journalism the carrying unflattering stories on corruption. The long-term chilling effect on free speech could be the most important long-term aspect of this attack and this should be the center of the administration’s concerns, not the specific North Korean behavior.

Cyberattacks are still neither particularly dangerous nor deadly. The Sony attack is embarrassing and severe, but not an act of war. But it demands a response, else it encourages a new form of conflict where nations feel enabled to attack companies or individuals across borders for practically any reason.

Without norms against such behavior as this North Korean attack on Sony, the Internet simply won’t be as open or free for our grandkids and their grandkids as it was for us.

Jason Healey is the Director of the Cyber Statecraft Initiative at the Atlantic Council of the United States and author of the first history book on cyber conflict, A Fierce Domain: Cyber Conflict 1986 to 2012. You can follow his comments on cyber cooperation, conflict and competition on Twitter, @Jason_Healey


You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Opinion: In response to Sony hack, US should focus on China not North Korea
Read this article in
QR Code to Subscription page
Start your subscription today