U.S. officials plan to announce this week that North Korea is behind the cyber-attack that crippled Sony Pictures Entertainment computers and forced the studio to pull “The Interview,” a person briefed on the FBI probe said.
U.S. law enforcement and intelligence officials have gathered sufficient evidence to determine with high confidence that the North Korean government is responsible, said another person, who wasn’t authorized to speak publicly. It’s not entirely clear whether operatives from the country carried out the hack or sponsored it, said the person, a U.S. official with knowledge of the investigation.
An announcement could come as soon as Thursday, CNN reported earlier. Sony Corp. (6758)’s Culver City, California-based studio on Wednesday canceled the planned Dec. 25 release, after major theater chains said they wouldn’t show the picture.
The cyber-attack may spur the U.S. government to define what -- if any -- responsibility and authority it has to protect private companies that control major parts of the nation’s financial, energy and communications infrastructure, said another U.S. official who’s been involved in tracing the Sony attack.
“This will definitely put pressure on the U.S. government to do something,” said Jason Syversen, the founder and chief executive officer of Siege Technologies, which develops defenses against cyberweapons. “This is a statement that will demand action, and the question is what is that action going to be.”
The hacker group invoked Sept. 11 this week in threatening movie fans with violence if they went out to see the movie. The Seth Rogen comedy about a plot to assassinate North Korean leader Kim Jong Un drew condemnation from that country. In late November, attackers crippled the movie studio’s computers and began releasing thousands of internal documents, including e-mails, salaries and medical histories.
Officials reached their conclusion days ago, but have hesitated in making in public because the administration hasn’t determined how to respond.
The most obvious retaliatory tools, imposing economic sanctions or restricting trade and financial dealings, would have no effect on the isolated nation, which the United Nations has sanctioned for its nuclear weapons program.
“We can’t just cut them off economically, because what are we going to cut off,” Syversen said. “This is a very tough problem to solve.”
Further complicating the matter, said the U.S. official with knowledge of the investigation, are the tense relations with the two nations that could pressure North Korea -- China and Russia.
Another issue is whether the U.S. Cyber Command, co-located with the National Security Agency at Fort Meade, Maryland, should retaliate against attacks sponsored or carried out by foreign governments, in this case North Korea.
The first obstacle to retaliation, the official said, is identifying the source of cyber-attacks, which is much more difficult than determining to a certainty who launched a missile, dropped a bomb, shot someone or even carried out a terrorist attack.
A second and perhaps greater obstacle, the official said, is the danger of a retaliatory attack escalating into an uncontrollable cyberwar that some have suggested could threaten the U.S. economy and financial system.
Sony’s internal probe determined in early December that hackers were linked to a group known as DarkSeoul, which U.S. and South Korean officials have linked to North Korea. However, company executives, including Sony’s general counsel, decided in a meeting on Dec. 3 that the attribution would have to come from the FBI.