President Obama criticized Sony Pictures Entertainment on Friday for retreating on a film that seemingly instigated a devastating cyberattack now blamed on the North Korean government.
Amid escalating concerns over porous U.S. electronic security, the FBI said it had amassed evidence linking North Korea to the massive hack. Obama denounced the cross-border assault even as he said Sony “made a mistake” in canceling the planned Dec. 25 release of the film “The Interview.”
“I’m sympathetic that Sony as a private company was worried about liabilities and this and that and the other,” the president said, but “I wish they had spoken to me first. I would’ve told them, `Do not get into a pattern in which you’re intimidated by these kinds of criminal attacks.’”
Obama, speaking at a year-end news conference, added that “we can’t start changing our patterns of behavior any more than we stop going to a football game because there might be the possibility of a terrorist attack.”
The North Korean government has denied direct involvement.
A group that calls itself the Guardians of Peace claimed responsibility for the cyberattack – discovered in late November – and subsequently issued threats against Sony, its employees and theaters that distribute its movies. In response, the company canceled the opening of “The Interview,” a putative comedy about a U.S. plot to assassinate North Korea’s leader, Kim Jong Un.
The administration’s explicit pinning of responsibility on the reclusive North Korean government further raises the stakes, turning one company’s woes into a foreign policy dilemma. Senior lawmakers from both parties urged Obama to re-designate North Korea as a state sponsor of terrorism, pledged to impose tougher economic sanctions and invoked the language of war.
“North Korea is attacking our infrastructure. It is also attacking our values,” declared Rep. Ed Royce, the California Republican who chairs the House Foreign Affairs Committee. “We better quickly respond comprehensively to defend freedom of speech in the face of terrorist threats and cyberattacks.”
Foreshadowing the kinds of possible U.S. reprisals to come, the House of Representatives passed a Royce bill by voice vote last July that would stiffen sanctions on North Korea. The bill, which died in the Senate, focused on issues such as human rights and counterfeiting rather than cybersecurity. All that may change in the new Congress, where Republicans will control both the House and Senate.
President George W. Bush removed North Korea from the list of state sponsors of terrorism in 2008, a step that Obama is now being pressed to reverse.
“Through cyberattacks, North Korea was able to inflict significant economic damage on a major international company,” noted Sen. Robert Menendez, D-N.J., the outgoing chairman of the Senate Foreign Relations Committee.
Range of options
Obama, echoing Bush’s own post-9/11 comments, said only that “we have been working on a range of options” and “we would respond at a time and place of our choosing.”
Secretary of State John Kerry added that the “state-sponsored cyberattack” constituted “lawless acts of intimidation,” as well as “North Korea’s flagrant disregard for international norms.” The language emphasizing North Korea’s lawlessness, and the responsibility borne by its government rather than private hackers, all but sets the stage for U.S. retaliation of some kind.
The calls for action followed the FBI’s public declaration Friday morning that North Korea’s government was behind the hack into Sony Pictures Entertainment’s computer system. The cyberattack rendered thousands of Sony’s computers inoperable, forced the company to take its entire computer network offline and significantly disrupted the company’s business operations, law enforcement officials say.
The FBI cited “sensitive sources and methods” for its conclusion, as well as technical analysis of the malware and the similarities to prior attacks associated with North Korea. For example, investigators discovered that several Internet protocol addresses “associated with known North Korean infrastructure” communicated with IP addresses found in the malware used in the Sony attack.
“Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed,” the FBI said. “For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods and compromised networks.”
The FBI further noted that the attack has similarities with a cyberattack in March of last year against South Korean banks and media outlets that was carried out by North Korea.
“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves,” the FBI said. “Such acts of intimidation fall outside the bounds of acceptable state behavior.”
Homeland Security Secretary Jeh Johnson, in a statement that didn’t specifically mention North Korea, said Friday that “the cyberattack against Sony Pictures Entertainment was not just an attack against a company and its employees. It was also an attack on our freedom of expression and way of life.”
(E-mail: email@example.com, firstname.lastname@example.org; Twitter: @MichaelDoyle10, @lesleyclark.