North Korea is apparently responsible for the cyber-attack on Sony Pictures, a US based firm, as retaliation for producing a satirical film about the assassination of its leader, Kim Jong-un. The hacks took place a couple of weeks ago against Sony’s cyber infrastructure and rendered it dark as well as causing tens of millions of dollars in damage to software, servers and computers. If Sony doesn’t recoup its production costs for the film, it could lose another $100 million.
The FBI has made such a determination after sifting through all the evidence that the attack bears the hallmark of similar North Korean cyber-attacks in the past mainly against South Korean interests. The attack was accompanied by threats from the rogue regime that release of the film, The Interview, would result in serious consequences for any entity associated with the movie, including the producer, distributor and, by default, potential viewers who would venture to a screening. The attack has deeper consequences than the immediate and apparent monetary damage experienced by Sony. It is a grave and massive case of extortion.
This attempt at censorship, especially by a nation state, is a serious attack on personal liberty and free speech, and cannot go unpunished. We have long railed against government infringing on privacy rights through its obtrusive, invasive, ubiquitous surveillance tactics. That this is a hermit kingdom, a rogue state, a bit player on the world stage is of little consequence. In fact it may be argued that North Korea’s isolation and reclusiveness makes them all the more dangerous.
Unlike another repressive regime, Russia, the DPRNK has little to lose. In launching such a blatant attack and combining it with threats designed to bring companies and a nation to heel, North Korea has demonstrated that it may succeed in the cyber-technology arena where it has hailed in the nuclear and military stage. And it is a wake-up call to corporations and individuals alike that more encryption, more defensive tools must be utilized against hackers- be they governments or individual criminals.
It is interesting to observe the response by the many constituencies affected by the attack. Sony had been portrayed as cravenly caving in to the hack by cancelling release of the film. It’s CEO, Michael Lynton, in an interview on CNN’s GPS program with Fareed Zachariah categorically denied the allegations. He said that he was left with no option, because it was the distributors, theaters, and mall operators- all people over whom he has no control- who refused to show the picture. With that, he is left with online only options such as Netflix etc. and said he is willing to explore all options in getting the film aired. He did not dismiss out of hand a suggestion by Mitt Romney that he release it on YouTube.
Lynton also expressed dismay with the administration, with which he consulted prior to his decision, and particularly with President Obama’s remarks that he “made a mistake” (in pulling the plug) and that he wishes Lynton “spoke to me.” For the aforementioned reasons, Obama was ignorant about the events as they played out and Lynton was in contact with senior White House advisers.
Recognizing the danger of such a cyber-attack and to kow-towing to North Korea’s blackmail, the President promised a “proportional” response to the hack without going into details. Beyond any official reaction by the US government, this incident should raise an alarm among individuals, governments and corporations alike that privacy must be safeguarded by improving encryption standards. It’s ironic that an unlawful act by a rogue state may result in the development of technology that actually thwarts law enforcement and makes mass surveillance less of a possibility.