With Sony Hack, Nation-State Attacks Go From Quiet To Overt | KERA News

With Sony Hack, Nation-State Attacks Go From Quiet To Overt

Dec 18, 2014
Originally published on December 22, 2014 10:02 am

NPR has confirmed from U.S. intelligence officials that North Korea was centrally involved with the recent attacks against Sony Pictures. And the company says it is pulling its comedy film The Interview from the box office. It was supposed to debut on Christmas. These are major developments in what we may now call cyberwarfare.

The White House hasn't come out and said it yet, but intelligence officials tell us that the North Korean government was in fact involved in this hack against Sony, where everything from social security numbers to executive salaries and celebrity gossip got leaked.

Yes, it's the confirmation that many people have been waiting for. Though it's also really important to note that we don't exactly know what that means — and I've spoken with security experts who remain skeptical.

That said, if it's true, it really is extraordinary. North Korea is one of the poorest countries on Earth. Its people don't go online — they're cut off from the Internet. But its government has allegedly launched an overt cyberattack — and even secured a decisive victory — against one of the biggest companies on Earth.

Repeat: overt.

That's a key part here — the fact that you and I and everyone else know about it.

I want to compare this with another cyberattack — one that was carried out by nation-state actors: Stuxnet in 2010. That's when the U.S. and Israel used some very sophisticated code to dig their way into nuclear facilities in Iran and damage the actual physical centrifuges.

In that case, the hackers caused physical damage in the real world — but they did it covertly. While the news eventually broke, it's not like the U.S. was sending out press releases.

In this case, the hackers — who might be North Korean officials or backed by the regime — have been very vocal from the get. Using the name "Guardians of Peace," they've even threatened to hurt people who go to see the movie in theaters.

Theater chains that were supposed to screen The Interview decided not to, and Sony canceled the Christmas Day release.

So, effectively, the hackers grabbed a ton of attention through an online attack — one that was nowhere near as sophisticated as Stuxnet. And they leveraged all that attention, that power, to pivot — and make a physical threat that people suddenly felt was credible.

This whole chain of events has experts inside the cybersecurity industry really concerned. I talked to a few people whose job it is to ward off these kinds of attacks. And they have different takes on whether Sony, by caving, made the right decision for itself.

But across the board, they're worried that the company is sending the wrong message by handing off a huge win to a disgruntled state with very limited resources.

So the concern is that we're going to see copycats or a new trend on the horizon.

Cyberattacks happen every day. At this point, they're nothing new.

I was talking to this one security expert in Moscow, who pointed out that during the height of tensions between Russia and Ukraine, there were plenty of cyberattacks — online skirmishes with one side taking down the other side's media outlet or defacing websites.

Now this Sony episode is showing what a disproportionate impact a small, angry entity can have — and how an attack online can spill over to physical-world consequences.

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

Transcript

DAVID GREENE, HOST:

U.S. intelligence officials say North Korea has carried out a cyberattack in this country. The target was Sony pictures, which as we've reported was working on a comedy called "The Interview" about an attempt to assassinate North Korean leader Kim Jung Un. Now Sony has announced it is pulling that movie from the box office. It was supposed to debut on Christmas Day, but that is not going to happen now. Let's bring in NPR's tech reporter Aarti Shahani, who's on the line. Aarti, good morning to you.

AARTI SHAHANI, BYLINE: Good morning.

GREENE: So we've heard about this hack against Sony. I mean, they got everything from Social Security numbers to embarrassing emails, and now let's be careful. What exactly are intelligence officials telling NPR? They're using this term that North Korea was centrally involved?

SHAHANI: Yeah. I mean, in a sense it's the confirmation that many people have been waiting for, though it's also really important to note that we don't exactly know what it means. And I have spoken with security experts who are skeptical about just how involved North Korea was. Now, that said, if it's true, it really is extraordinary. North Korea is one of the poorest countries on earth. Its people don't go online. They're cut off from the Internet. But its government has allegedly launched an overt cyber attack and even secured a decisive victory against one of the biggest companies on earth.

GREENE: What you mean by overt cyber attack?

SHAHANI: Well, that's a key part here, the fact that you and I and everyone else knows about it. I want to compare this with another cyber attack, one that was carried out by nation-state actors in 2010. It's called Stuxnet. That when the U.S. and Israel used some very sophisticated code to dig their way into nuclear facilities in Iran and damage actual centrifuges used to enrich uranium.

In that case, the hackers caused physical damage in the real world, but they did it covertly. While the news eventually broke, it's not like the U.S. was sending out press releases. In this case, the hackers who might be North Korean officials or backed by the regime have been very vocal from the get. Using the name Guardians of Peace, they've even threatened to hurt people who go and see the movie in theaters.

GREENE: Well, and those threats have led to something pretty extraordinary - I mean, for this massive company, Sony, deciding to pull a movie from the box office.

SHAHANI: That's right. I mean, theater chains that were supposed to screen "The Interview" decided not to. And Sony canceled the Christmas Day release. So effectively the hackers grabbed a ton of attention through an online attack, and one, by the way, that was nowhere near as sophisticated as Stuxnet. And they leveraged all that attention, that power, to pivot and make a physical threat that people suddenly felt was credible.

Now, this whole chain of events has experts inside the cybersecurity industry really concerned. I talked to a few people whose job it is to ward off these kinds of attacks. And they have different takes on whether Sony, by caving, made the right decision for itself. But, you know, across the board they're worried that the company is sending the wrong message by handing off a huge win to a disgruntled state with very limited resources.

GREENE: All right. Just a crazy story. We've been speaking about it with NPR's Aarti Shahani in San Francisco. Aarti, thanks a lot.

SHAHANI: Thank you. Transcript provided by NPR, Copyright NPR.