Sony: N. Korea Warns of 'Consequences'

Regime Demands Joint Investigation Into Sony Pictures Attack
Sony: N. Korea Warns of 'Consequences'

North Korea has denied the Obama administration's allegations that it launched the hack attack against Sony Pictures Entertainment and demanded that a joint investigation with the U.S. into the incident be launched. The secretive communist regime, based in Pyongyang, also promised there would be "grave consequences" if the United States failed to agree to the joint probe.

See Also: Webinar | Identity Crisis: How to Combat Session Hijacking and Credential Theft with MDR

The North Korean demands follow the FBI on Dec. 19 reporting that its analysis of the Sony hack attack - based on the tools, infrastructure and techniques used - found that the attack had been launched by Pyongyang. But multiple information security experts have questioned that attribution and called on the bureau to publish detailed evidence to sustain those claims (see FBI Attributes Sony Hack to North Korea).

Some commentators have characterized the hack attack against Sony Pictures as an act of "cyberwar," although President Barack Obama has strongly dismissed such assertions. "I don't think it was an act of war," Obama told CNN in an interview that was taped Dec. 19. "I think it was an act of cyber vandalism that was very costly, very expensive. We take it very seriously. We will respond proportionately, as I said."

Obama suggested, for example, that North Korea might be added again to the State Department list of countries that sponsor terrorism. The country was first added to that list in 1987 after two of its agents blew up a South Korean airliner in mid-air, killing all 151 people aboard. In 2008, the country was removed from that list by the administration of former President George W. Bush, as part of denuclearization talks.

Sen. John McCain, R-Ariz., the incoming chairman of the Senate Armed Services Committee, has sought to define the Sony hack in stronger terms than Obama. "The president does not understand that this is the manifestation of a new form of warfare," McCain told CNN. "When you destroy economies and are able to impose censorship on the world ... it's more than vandalism, it's a new form of warfare." McCain says he plans to hold hearings on the hack-attack against Sony in the first two weeks after Congress reconvenes on Jan. 3, 2015.

Hack Tied To Film?

Following the FBI publishing its hack-attack attribution, President Obama promised in a Dec. 19 press conference that the U.S. would react "proportionately" to North Korea's actions. "They caused a lot of damage, and we will respond," he said. The hack attack appeared to have been sparked by Sony Pictures comedy "The Interview" - previously due for a Dec. 25 release - about a pair of tabloid TV reporters traveling to Pyongyang to interview dictator Kim Jong-un, who are approached by the CIA to kill him instead.

North Korea has responded to Obama's allegations by not only demanding the joint investigation, but with its National Defense Commission - led by Kim Jong-un - warning that the country's 1.1 million-strong army stands ready to fight the United States. "Our toughest counteraction will be boldly taken against the White House, the Pentagon and the whole U.S. mainland, the cesspool of terrorism, by far surpassing the 'symmetric counteraction' declared by Obama," the commission said in a statement provided to the state-sponsored Korean Central News Agency.

In recent days, the secretive communist regime has also threatened to increase its nuclear capabilities in response to an ongoing United Nations inquiry, which has recommended referring the country's leadership - including Kim Jong-un - to the International Criminal Court, to be tried for crimes against humanity.

Pyongyang previously demanded a joint investigation into the sinking of the South Korean navy ship Cheonan in 2010, in which 46 crew members died. South Korea rejected that request and assembled a team of international experts, who concluded that the ship had been sunk by a North Korean submarine's surprise torpedo attack.

Obama Criticizes Sony

Obama also said it had been a "mistake" for Sony to announce that it would cancel "The Interview" in response to threats from a group calling itself the "Guardians of Peace," which quickly claimed credit for the hack attack, which appeared to have begun as an extortion attempt with no connection to the film. After threatening Sony employees, the group subsequently issued a "terror" threat to all movie theaters and theatergoers that showed "The Interview." But "G.O.P." claimed it would cease leaking stolen Sony data if the entertainment firm canceled the film, which centered on a pair of tabloid TV reporters traveling the Pyongyang to interview Kim Jong-un, who are approached by the CIA to kill him instead.

In a statement uploaded Dec. 18 to text-sharing website Pastebin, meanwhile, G.O.P. revised its demand that "The Interview" never be released, saying "you have suffered through enough threats" and that the studio was now free to release the film, so long as it removed the Kim Jong-un death scene. "September 11 may happen again if you don't comply with the rules," it said.

Sony Pictures CEO Comments

In response to Obama's comments - and sustained criticism from numerous other politicians, entertainers and commentators - Sony Pictures chief executive Michael Lynton told CNN Dec. 19 that the studio had "not caved" to hackers. Rather, he said Sony was forced to shelve the movie, at least temporarily, when theaters said they would not show it. Reversing previous statements made by Sony officials, Lynton said Sony is now exploring other distribution options, including potentially releasing the film via Google's YouTube.

"We would still like the public to see this movie, absolutely," Lynton said. "There are a number of options open to us. And we have considered those, and are considering them." Sony has also hired a celebrity spin doctor to help it try to recover from the hack attack and negative publicity sparked by the contents of executives' leaked Outlook e-mail spools. Many industry watchers think that corporate parent Sony will sell Sony Pictures Entertainment - formerly known as Columbia Pictures and bought by Sony in 1989 - to rid itself of the ongoing public relations saga.

US-CERT Details Sony Wiper Malware

More information has now come to light on the malware that was used to attack Sony, via the U.S. Computer Emergency Response Team issuing an advisory Dec. 19 about a server message block worm that was recently used to target "a major entertainment company."

"This tool contains five components - a listening implant, lightweight backdoor, proxy tool, destructive hard drive tool, and destructive target cleaning tool," the alert warns. The worm spreads by brute-force guessing passwords for Windows SMB shares, and "phones home" to a command-and-control server every five minutes. The malware includes file-transfer capabilities, as well as the ability to overwrite a system's master boot record, which can make the system inoperable once rebooted.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.