Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

North Korean leader Kim Jong Un AP Photo/Wong Maye-E, File

If North Korea did hack Sony, it's a watershed moment in cyber-warfare

It is reportedly the first to use “a highly destructive class of malicious software that is designed to make computer networks unable to operate” into a company’s computer system in the United States.

THE HACK ON Sony Pictures Entertainment is one of the most debilitating ever targeted at US corporate servers.

The Nov 24th incident didn’t just result in the theft of proprietary data, including unreleased films and employee information.

It is reportedly the first to use “a highly destructive class of malicious software that is designed to make computer networks unable to operate” into a company’s computer system in the United States, according to Reuters.

North Korea has emerged as a leading suspect in the hack. Pyongyang had already vowed “merciless” retaliation over “The Interview,” a Sony release in which James Franco and Seth Rogan play talk show hosts that the CIA enlists for an assassination plot against North Korean leader Kim Jong-Un.

And it has greatly developed its cyber-offensive capabilities over the past decade. An unnamed security source told Reuters that North Korea is currently the “principal suspect.”

If the Hermit Kingdom really is involved, it would make the Sony incident a potential turning point in the history of cyber-warfare.

Sony Hack Sony Pictures Entertainment headquarters in Culver City AP Photo / Nick Ut, File AP Photo / Nick Ut, File / Nick Ut, File

For the past several years, states have started to compromise the computer systems of rival governments and private companies to further political or strategic aims: think China’s infiltration of computers at the New York Times in response to a series of Pulitzer Prize-winning reports in 2012 on the private wealth of the country’s top leadership, or Russia’s “cyber-invasion” of Estonia in 2007.

But according to Dave Aitel, a former NSA research scientist and CEO of the cyber-security firm Immunity, the severity of the Sony attack, along with its nakedly political motives, would put the incident in its own unique category assuming it was North Korea’s handiwork.

“If it was North Korea, these attacks against Sony would indicate that foreign powers are going beyond the traditional information-stealing attacks to enforcing their own law against American companies via what we would consider cyber terrorism,” Aitel told Business Insider by email.

It would be a watershed moment in how the world handles cyber policy and reaction.

Aitel says the hacks are potentially  ”a ‘near red-line moment’” since they represent the kind of incident that would almost require a US policy response assuming a rival state was behind it. As Aitel says, ”This is the first demonstration of what the military would call Destructive Computer Network Attack (CNA) against a US Corporation on US soil … a broad escalation in cyberwarfare tactics” that would demand some kind of American response.

It would also signal an increased willingness for North Korea to deploy its developing cyber-offensive capabilities against American targets.

An August 2014 report from Hewitt Packard Security Research explained Pyongyang’s longstanding policy of attempting ot integrate cyber attacks into its doctrine of “asymmetrical warfare” — namely, North Korea’s attempts at closing the defense gap with its more conventionally capable enemies, like South Korea and the United States, in whatever ways it can.

The report explains:

Cyber warfare allows North Korea to leverage the Internet’s inherent flaws for offensive purposes while maintaining its defenses, primarily via air-gapping its most critical networks from the outside world.

To that end, North Korea established a group of hackers within its military special forces architecture, called Unit 121, that is trained in a hotel in eastern China. Early results were alarming: as early as 2004, North Korea “reportedly gained access to 33 of 80 South Korean military wireless communication networks;” in 2006, “an attack on the US State Department originating in the East Asia-Pacific region coincided with U.S.-North Korea negotiations over the regime’s nuclear missile testing.”

There’s evidence that North Korea was attempting ambitious attacks on private sector entities as well.

According to the HP report, in February of 2013, a private security firm called Solutionary recorded 11,000 “touches,” or electronic attempts to steal deal, on “a single financial institution,” all originating from North Korean IP addresses.

Solutionary noted that North Korean IPs only attempted 200 touches a month at a time, suggesting this rapid uptick was part of a concerted attack on the institution, which goes unnamed in HP’s report.

North Korea has been developing its hacking capabilities from the safety of a web infrastructure that’s largely cut off from the rest of the world. And it might feel like it can afford to gamble a bit, given successful nuclear tests and rocket launches in the last couple of years.

The international community responded with trade sanctions and a policy of diplomatic isolation — but not the point where the regime’s control over the country has ever been all that seriously in question.

It would be unsurprising if North Korea believed it could get away with something of the Sony hack’s magnitude. The question now is how the US might respond if Pyongyang’s responsibility is more conclusively proven.

- Ardmin Rosen, Michael B. Kelley contributed to this report.

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Published with permission from
View 26 comments
Close
26 Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.
    JournalTv
    News in 60 seconds