Sony Bows to Blackmail Demands and Opens the Door to a New Era of Cyber Terrorism

Maybe Sony Pictures should watch some of its own movies. If they did, they would learn something that the rest of us already know. If you give into blackmailers, they will come back for more. Okay, so Sony agreed not to release “The Interview” because they were threatened with evil consequences from some irate hackers. My only question is: What movies will the hackers allow us to see from now on? Will there be a special ‘Hacker Approved’ label on every movie? After all, none of us wants to be killed for watching the wrong film.

But why stop at films? Let’s not forget that this technique has been used before. Islamic extremists have threatened violence if certain books, cartoons, or newspaper articles were published and this, in fact, did influence some in the media to curtail their activities. No doubt other groups have similar gripes. Why not hire hackers to threaten government officials, publishers, newspapers, or universities that may teach subjects that certain groups do not approve of? It seems media has two choices, 1) ignore the threats and continue business as usual, that is to say, call their bluff or 2) compromise with hacker threats to at least some degree. Sony’s taking the latter course can only encourage hackers or rogue states to use this tactic whenever they are miffed. After all, they have everything to gain and nothing to lose

My first reaction on hearing that North Korea was behind the attack was one of disbelief. After all, didn’t North Korea only discover how to make fire last weekend? I wasn’t even sure if they knew what a computer was. However, as I later learned, North Korea has invested a lot of time and money in learning the ways of cyber warfare, sending many members of its elite Unit 121 to Russia or China for training. In fact, some reports claim that “North Korean hackers have penetrated U.S. military systems more often than attackers from any other country, including Russia and China.” As with nuclear weapons, they realize this is a good tool to use when trying to manipulate Western opinion and actions.

North Korea has been known to carry out cyber attacks with the help of China. They apparently have ‘sleepers’ working in normal IT jobs in China, waiting to be activated upon word from Pyongyang. According to the Wall Street Journal, “Jang Jin-sung, a former official in North Korea’s propaganda department, said hackers are often based in China, posing as software engineers at Chinese companies. They turn to hacking attacks when Pyongyang sends an order for action”.

It is also well known that China monitors all interactions that Chinese companies have with foreign companies by infiltrating corporate networks (whether the company agrees to it or not). Is it a coincidence, then, that the attack on Sony Pictures began at roughly the same time that Shanghai-based, Fosun International, signed a contract with Jeff Rubinov’s Studio 8 and Sony Pictures? I don’t know about you, but if I were a hacker, this seems like the easiest way into the company. Without the proper security architecture, anyone connected to a network can be used as an entrance point that network.

The connection with China may explain why the US is hesitant about directly blaming Pyongyang for the Sony hack and why the security firm, Mandiant, is working with the FBI to investigate it. If the North Korean hackers are working through China, it may be difficult to assign guilt to them. That’s why Mandiant may have been turned to. They are experts on Chinese hacking, having exposed the massive Chinese-based corporate and infrastructure hacks in February, 2013. Once this is sorted out, we should get some more direct statement from the US government on who is responsible. Whether the government will actually do anything about it is another matter.

If we assume that North Korea can carry out a cyber attack like the one on Sony Pictures, can we also assume that they are capable of carrying out the 9/11 type attack that they threaten? The short answer is, yes. According to the August 2014 HP report on North Korea’s cyber capabilities, Profiling an enigma: The mystery of North Korea’s cyber threat landscape, they have the ability to jam and alter GPS signals and launch an EMP (Electromagnetic Pulse) attack. What’s that? Basically, it is a technique used to disrupt a country’s electrical grid. Is it serious? Well, according to the EMP Commission assessment made in 2008, it is “estimated that within 12 months of a nationwide blackout, up to 90% of the U.S. population could possibly perish from starvation, disease and societal breakdown.” That seems pretty serious to me.

The unfortunate fact remains that any retaliation depends on the twisted mind of Kim Jong Un. Whenever people give you god-like status, you can more or less expect to get your way and take actions against anyone who opposes you. This is exemplified by his having his uncle, Jang Sung-taek, machine-gunned to death for treason. If only it had stopped there. According to Taiwan’s China Times, Kim Jong Un “put to death multiple family members of his former mentor”. These included “Jang’s sister Jang Kye-sun, her husband and ambassador to Cuba, Jon Yong-jin, and Jang’s nephew and ambassador to Malaysia, Jang Yong-chol, the nephew’s two sons” and “the children and grandchildren of all close relatives.” Just because Dennis Rodman calls Kim Jong Un a nice guy doesn’t necessarily make it so.

So, I suppose the final question is whether Sony should risk retaliation from the Supreme Successor by showing a film that will be forgotten in three months. Sony’s reputation has already been tarnished and not showing the film can only make it look worse. Sticking to principles may be all they have left to save themselves. Is there a risk? Some. No doubt North Korea will do something to show their irritation at being disobeyed. However, it is unlikely that they would risk their very existence by launching a 9/11 style attack. Even Kim Jong Un can’t be that mad.

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s