The cyber attack on Sony
In November, Sony announced that it had been the target of a cyber attack. The hackers, calling themselves “Guardians of Peace,” claimed to have taken over 100 terabytes of data from Sony, including unreleased films, employees’ confidential information, business documents and private email correspondence.
A few days after the announcement of the hack, reports surfaced stating that Sony suspected North Korea was responsible for the attack, in retaliation for the movie, “The Interview,” a comedy depicting the assassination of North Korean dictator Kim Jong-un.
On Dec. 19, the FBI, after launching an investigation into the attacks, announced it believed the North Korean government was “centrally involved” in the hacking.
North Korea’s news agency KCNA denied the FBI’s allegations of the country’s involvement, while calling the cyberattack a “righteous deed” and suggesting that its “supporters and sympathizers” might be taking revenge on the North’s behalf.
North Korea also offered a joint investigation with the U.S. to determine the identities of the hackers.
Experts from various cyber-security firms had expressed doubts about the FBI’s claims, saying the FBI’s evidence was circumstantial.
In an interview with Politico, Kurt Stammberger, from Norse, one of the world’s leading cyber intelligence firms, said, “When the FBI made the announcement so soon after the initial hack was unveiled, everyone in the intelligence community kind of raised their eyebrows at it, because it’s really hard to pin this on anyone within days of the attack.”
After conducting independent investigations, many experts in the cyber intelligence community concluded that North Korea was not behind the attack.
In December, CloudFlare researcher and DefCon official Marc Rogers wrote that “the FBI’s indicators seem to rely on malware that is widely available for purchase and IP addresses easily hijacked by any bad guy.” Errata Security’s Robert Graham also wrote that the hacker underground shares malware code, calling the FBI’s evidence “nonsense.”
Former anonymous hacker turned FBI informant, Hector Monsegur, known as “Sabu,” even expressed doubts about North Korea’s capabilities and infrastructure to carry out the attack. He said to CBS News, “It’s not possible. It would have taken months, maybe even years, to exfiltrate something like 100 terabytes of data without anyone noticing.”
Researchers from Norse have said their own investigation doesn’t point to North Korea at all, but to a combination of hackers for piracy groups and a disgruntled, laid-off Sony employee.
On Dec. 29, Norse met with the FBI to offer its findings. Stammberger said in an interview after the meeting that the FBI was “very open and grateful for our data and assistance” but that they didn’t share any of its data with Norse.
After the meeting with Norse, an FBI spokeswoman announced: “The FBI has concluded the government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment. Attribution to North Korea is based on intelligence from the FBI, the U.S. intelligence community, DHS, foreign partners and the private sector. “There is no credible information to indicate that any other individual is responsible for this cyber incident.”
The making of “The Interview”
Written and directed by Seth Rogen and Evan Goldberg, “The Interview” is their second directorial film following 2013’s “This is the End.”
The film stars Rogen and James Franco as journalists recruited by the CIA to assassinate North Korean leader Kim Jong-un.
In June 2014, an official speaking for the North Korean government, said the film “shows the desperation of the U.S. government and American society—a film about the assassination of a foreign leader mirrors what the U.S. has done in Afghanistan, Iraq, Syria and Ukraine.”
The film caused considerable outrage within the North Korean regime, leading the KCNA to issue threats of “stern” and “merciless” retaliation if the film was released.
Although North Korea has a long history of issuing harsh (but mostly empty) threats, Sony executives decided to delay the film’s release to December in order to make post-production edits.
Rogen told Rolling Stone in an interview: ”We were told one of the reasons they (North Korea) are so against the movie is that they’re afraid it’ll actually get into North Korea. They do have bootlegs and stuff. Maybe the tapes will make their way to North Korea and cause a f***ing revolution.”
Leaked emails from June 2014 revealed that the movie was reviewed by Bruce Bennett, a senior defense analyst at the RAND Corporation, which is a nonprofit global policy think-tank. Bennett was asked to review the movie and offer his expertise on North Korea.
Bennett advised against toning down the assassination scene.
“I have been clear that the assassination of Kim Jong-Un is the most likely path to a collapse of the North Korean government. Thus while toning down the ending may reduce the North Korean response, I believe that a story that talks about the removal of the Kim family regime and the creation of a new government by the North Korean people (well, at least the elites) will start some real thinking in South Korea and, I believe, in the North once the DVD leaks into the North (which it almost certainly will). So from a personal perspective, I would personally prefer to leave the ending alone.”
The “ending” Bennett reviewed was eventually changed at the request of studio executives and Sony’s Japanese chief executive, Kazuo Hirai.
The U.S. may feel distanced from (and accustomed to) North Korean threats, but threats are taken seriously in Japan, given their proximity to the North.
In 2010, North Korea shelled the island of Yeonpyeong, killing four people. North Korea was also found responsible for the 2010 sinking of the Cheonan, a South Korean naval ship, in which 46 seamen died. (For a background on North Korea, please read the May 5, 2013 article written by Ka ‘Ohana student reporter Elizabeth Ruiz.)
According to hacked emails, Hirai intervened in the decision-making process to insist the death scene of Kim Jong-un be edited to remove images of flaming hair, melting face and chunks of skull.
The released version shows Kim leaning out of his helicopter, as he watches the artillery shell pierce the side of the aircraft and he is slowly engulfed in fire. Then his head, obscured by computer-generated flames, explodes.
The Interview’s aftermath
On its Facebook page, “The Interview” is touted as being “controversial.” One post (obviously aimed at an adolescent crowd) even asks: “Do you dare to watch the ballsiest film of the 21st century?”
While the controversy slowly fades amid the dismal reviews of the film (at time of writing, it had a 39 percent rating among top critics on Rotten Tomatoes), one has to wonder how much the film’s “controversial” status was played up to sell tickets to an otherwise mediocre movie.
Sony’s decision to temporarily shelve the film was played up as a “free speech” issue, perhaps leading many who would have skipped the movie, to feel they should watch it.
In an article in the Los Angeles Times, the movie had grossed (from its opening on Dec. 24 to Jan. 4) $31 million from 4.3 million video online transactions. In theaters (because of its limited release) it had grossed only $5.8 million.
Despite the claim that the film is political satire, some critics say the movie goes too far.
The Nation magazine says the movie is popular entertainment that “perpetuates America’s myth of itself as the real guardian of global peace. It sells a hackneyed tale of the two white American heroes killing the evil dictator and saving North Korea, the country the United States is responsible for creating in 1945, a fact not mentioned in the film.”
The Nation magazine also pointed out, “The film contains one of the only commercial depictions, comedy or not, of a sitting president of another nation being killed on screen. The cartoon-like way Kim Jong-un gets blown to pieces (portrays) the dehumanizing manner in which Americans view North Koreans.”
Who hacked whom?
On Jan. 18, the New York Times published an online article titled, “NSA Breached North Korean Networks Before Sony Attack, Officials Say.”
The article claims the National Security Agency (NSA) first gained access to North Korean networks back in 2010 in order to focus on the North’s nuclear program and its leadership, as well as detect attacks the North was aiming at South Korea and the United States.
The attack on South Korean banks and media organizations in 2013 proved the North was becoming a threat, and the focus shifted to the hackers.
So, a new question arises: If the U.S. hacked into North Korean networks and had access to information as far back as 2010, why wasn’t the Sony hack prevented or stopped?
by Jessica Crawford, Ka ‘Ohana Staff Reporter