At first, the Federal Bureau of Investigation (FBI) wasn’t so certain that North Korea was the responsible party for the massive cyberattack on Sony. Earlier this month, FBI cyber division assistant director Joe Demarest simply stated, “There is no attribution to North Korea at this point.”
Today, however, there is no doubt that North Korea was behind the attack. North Korea was no doubt incensed by the planned release of the movie “The Interview,” which details a plot to assassinate North Korean dictator Kim Jong-un. The FBI released a statement this afternoon concluding that it "now has enough information to conclude that the North Korean government is responsible for these actions.”
“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves,” the FBI statement continued. “We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea’s attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States.
“Such acts of intimidation fall outside the bounds of acceptable state behavior.”
Many people dismissed the effects of the Sony hack when it was first reported, as much of the information that was posted amounted to tabloid fodder — i.e. internal emails poking fun at President Obama and Angelina Jolie, or memos that questioned the need for Sony Pictures to keep partnering with Adam Sandler to produce horrible comedies.
But as the days and weeks went on, more damaging info began to leak including passwords used internally by Sony employees and even private employee information like social security numbers and salaries. Things took a turn for the worse when Guardians of Peace (#GOP), the group claiming responsibility for the hack, threatened the families of Sony employees.
But perhaps the most significant development came earlier this week when #GOP threatened 9/11-style terror attacks on any theater that dared to show “The Interview”.
“Soon all the world will see what an awful movie Sony Pictures Entertainment has made. The world will be full of fear,” #GOP declared in a message posting earlier this week. “Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time.”
That revelation sent movie theaters into a panic, with the five largest cinema chains in the United States announcing their decision to not show “The Interview.” Without the support of the theaters, Sony cancelled the release of the film on Wednesday.
While Sony will have to deal with the aftermath of the hack and the controversy surrounding its decision to cancel the film in the days, weeks, and months to come, the FBI is at least letting American corporations know that it has their backs should such an incident occur in the future.
“The FBI stands ready to assist any U.S. company that is the victim of a destructive cyber attack or breach of confidential business information,” the FBI added. “Working together, the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests.”
It’s good to hear that the FBI will help in any “postmortem” analysis of future cyberattacks, but this ongoing Sony saga should be a wakeup call to all corporations to shore up their defenses against cybercriminals.