UPDATE 15 (2014-12-22): This morning I was having trouble loading some North Korean web pages. Looks like others were as well: Martyn Williams, Bloomberg, Vox, New York Times, Wall Street Journal, Washington Post.
UPDATE 14 (2014-12-22): Martyn Williams has some more information here.
UPDATE 13 (2014-12-21): KCNA has published a second statement on the Sony hacking–this time from the National Defense Commission (the initial statement was from the Ministry of Foreign Affairs):
U.S. Urged to Honestly Apologize to Mankind for Its Evil Doing before Groundlessly Pulling up Others
Pyongyang, December 21 (KCNA) — The Policy Department of the National Defence Commission of the DPRK issued the following statement Sunday:
Strange thing that happened in the heart of the U.S., the ill-famed cesspool of injustice, is now afloat in the world as shocking news.
The Sony Pictures Entertainment, the biggest movie producer in the U.S., which produced the undesirable reactionary film “The Interview” daring hurt the dignity of the supreme leadership of the DPRK and agitating even terrorism and had a plan to distribute it, was exposed to surprisingly sophisticated, destructive and threatening cyber warfare and has been thrown into a bottomless quagmire after suffering property losses worth hundreds of millions of dollars.
The public in the U.S. is now describing this case as “disgrace suffered by Sony Pictures Entertainment,” “very sorry thing caused by the U.S.,” “Sony Pictures Entertainment showing a white flag before hackers” and the “unprecedented disaster suffered by the U.S.”
Those who meted out a stern punishment of justice were reported to be cyber experts styling themselves “guardians of peace”.
Seized with terrible horror and threat in face of their merciless hacking attack in retaliation against unjust actions, many movie and drama distributors in North America including 41 states of the U.S. and Canada immediately canceled the screening of the reactionary movie. And it was reported that the Sony Pictures Entertainment which directly sponsored its production and distribution hastily issued a statement on Dec. 25 that it would suspend the screening of the undesirable movie which had been planned in 63 countries.
The NDC of the DPRK highly estimates the righteous action taken by the “guardians of peace,” though it is not aware of their residence.
It, at the same time, considers as fortunate the step taken by the Sony Pictures Entertainment to give up the overall distribution of the above-said movie due to the decision and strong pressure of the movie and drama distributors for stopping the screening of the reactionary movie, though belatedly.
This is an official stand of the army and the people of the DPRK on what happened in the heart of the U.S.
This stand is taken by the DPRK because the movie “The Interview” is an undesirable and reactionary one justifying and inciting terrorism which should not be allowed in any country and any region.
Another reason is that the movie is run through with a story agitating a vicious and dastardly method of assassinating a head of a legitimate sovereign state.
No wonder, even political and social circles of the U.S. commented that it is quite wrong to defame the head of the state for the mere reason that his politics is different from that of the U.S. and it is in the hostile relationship with the latter and, therefore, the Sony Pictures Entertainment got into a serious trouble and paid a due price.
For these reasons, the DPRK is more highly praising the “guardians of peace” for their righteous deed which prevented in advance the evil cycle of retaliation– terrorism sparks terrorism.
It is quite natural that the movie and drama producers should refrain from undesirable deeds contrary to the noble mission to lead morality and civilization.
But what matters is that the U.S. and its followers are groundlessly trumpeting that the recent cyber attack was made by the DPRK.
The FBI issued the results of the investigation into the hack at the Sony Pictures Entertainment on December 19.
According to them, it suffered tremendous losses.
One may say this is the due price incurred by wrong deed, the evil act of hurting others.
The U.S. released a statement asserting that this loss was caused by the DPRK.
No matter how big and disgraceful the loss may be, the U.S. should not pull up others for no reason.
The FBI presented a report on the results of technical analysis of hacking program used by the “guardians of peace” for this attack, citing it as the ground that the serious hacking was caused by the DPRK.
The report says the malignant code had access to north Korea’s IP already known several times and the hacking methods applied in the “March 20 hacking case” and during cyber warfare against media and various other computer networks in south Korea in recent years are similar to that applied against the Sony Pictures Entertainment this time, being another ground that “this was done by the north”.
The report, in particular, adds that the malignant code and algorithm applied during the attack are similar to what was used during the hacking attack on south Korea, citing it as a proof.
Not satisfied with those groundless “evidence”, the FBI is letting loose ambiguous remarks that it is hard to fully prove due to the “protection of sensitive information sources.”
This means self-acknowledgement that the “assertion about the north’s deed” came from an intentional allegation rather than scientific evidence.
It is a common sense that the method of cyber warfare is almost similar worldwide. Different sorts of hacking programs and codes are used in cyberspace.
If somebody used U.S.-made hacking programs and codes and applied their instruction or encoding method, perhaps, the “wise” FBI, too, could not but admit that it would be hard to decisively assert that the attack was done by the U.S.
Moreover, the DPRK has never attempted nor made a “cyber-attack” on south Korea. The rumor about “cyber-attack” by the DPRK was a concoction made by the south Korean puppet regime and its plot.
After all, the grounds cited by the FBI in its announcement were all based on obscure sci-tech data and false story and, accordingly, the announcement itself is another fabrication. This is the DPRK’s stand on the U.S. gangster-like behavior against it.
What is grave is that U.S. President Obama is recklessly making the rumor about “DPRK’s cyber-attack on Sony Pictures” a fait accompli while crying out for symmetric counteraction, strict calculation and additionally retaliatory sanctions.
This is like beating air after being hit hard. A saying goes every sin brings its punishment with it. It is best for the guilty to repent of its evil doings and draw a lesson when forced to pay dearly for them.
The DPRK has clear evidence that the U.S. administration was deeply involved in the making of such dishonest reactionary movie.
It is said that the movie was conceived and produced according to the “guidelines” of the U.S. authorities who contended that such movies hurting the dignity of the DPRK supreme leadership and inciting terrorism against it would be used in an effective way as “propaganda against north Korea”.
The U.S. Department of State’s special human rights envoy went the lengths of urging the movie makers to keep all scenes insulting the dignity of the DPRK supreme leadership in the movie, saying it is needed to “vex the north Korean government”.
The facts glaringly show that the U.S. is the chief culprit of terrorism as it has loudly called for combating terrorism everywhere in the world but schemed behind the scene to produce and distribute movies inciting it in various countries of the world.
It is not exaggeration to say in the light of the prevailing situation that the U.S. administration and President Obama looking after the overall state affairs of the U.S. have been behind the case.
Can he really cover up the crimes he has committed by trying so hard to falsify the truth and turn white to black.
So we watched with unusual attention what had been done by the “guardians of peace” to avert terrorism and defend justice.
Yet, we do not know who or where they are but we can surely say that they are supporters and sympathizers with the DPRK.
The army and people of the DPRK who aspire after justice and truth and value conscience have hundreds of millions of supporters and sympathizers, known or unknown, who have turned out in the sacred war against terrorism and the U.S. imperialists, the chieftain of aggression, to accomplish the just cause.
Obama personally declared in public the “symmetric counteraction”, a disgraceful behavior.
There is no need to guess what kind of thing the “symmetric counteraction” is like but the army and people of the DPRK will never be browbeaten by such a thing.
The DPRK has already launched the toughest counteraction. Nothing is more serious miscalculation than guessing that just a single movie production company is the target of this counteraction. Our target is all the citadels of the U.S. imperialists who earned the bitterest grudge of all Koreans.
The army and people of the DPRK are fully ready to stand in confrontation with the U.S. in all war spaces including cyber warfare space to blow up those citadels.
Our toughest counteraction will be boldly taken against the White House, the Pentagon and the whole U.S. mainland, the cesspool of terrorism, by far surpassing the “symmetric counteraction” declared by Obama.
This is the invariable toughest stand of the army and people of the DPRK.
Fighters for justice including “guardians of peace” who turned out in the sacred drive for cooperation in the fight against the U.S. to defend human justice and conscience and to dismember the U.S. imperialists, the root cause of all sorts of evils and kingpin of injustice, are sharpening bayonets not only in the U.S. mainland but in all other parts of the world.
The just struggle to be waged by them across the world will bring achievements thousands of times greater than the hacking attack on the Sony Pictures Entertainment.
It is the truth and inevitability of the historical development that justice prevails over injustice.
Whoever challenges justice by toeing the line of the biggest criminal U.S. will never be able to escape merciless punishment as it is the target of the sacred drive for cooperation in the fight against the U.S.
The U.S. should reflect on its evil doings that put itself in such a trouble, apologize to the Koreans and other people of the world and should not dare pull up others.
UPDATE 12 (2014-12-21): Obama states he will consider adding the DPRK back to the list of state sponsors of terror. According to the New York Times:
As the United States moves closer to taking Cuba off the list of state sponsors of terrorism, President Obama said he would “review” whether to return North Korea to the list, part of a broader government response to a damaging cyberattack on Sony’s Hollywood studio.
“We have got very clear criteria as to what it means for a state to sponsor terrorism, and we don’t make those judgments just based on the news of the day,” Mr. Obama told CNN in an interview broadcast Sunday. “We look systematically at what’s been done.”
North Korea was removed from the list six years ago, but the government has again prompted the ire of the United States after the F.B.I. said it had extensive evidence that linked the North Korean government to a cyberattack on Sony Pictures.
UPDATE 11 (2014-12-21): Media reports indicate the US will seek Chinese support to resolve North Korean hacks. According to the New York Times:
The Obama administration has sought China’s help in recent days in blocking North Korea’s ability to launch cyberattacks, the first steps toward the “proportional response” President Obama vowed to make the North pay for the assault on Sony Pictures — and as part of a campaign to issue a broader warning against future hacking, according to senior administration officials.
“What we are looking for is a blocking action, something that would cripple their efforts to carry out attacks,” one official said.
So far, the Chinese have not responded. Their cooperation would be critical, since virtually all of North Korea’s telecommunications run through Chinese-operated networks.
It is unclear that China would choose to help, given tensions over computer security between Washington and Beijing since the Justice Department in May indicted five hackers working for the Chinese military on charges of stealing sensitive information from American companies.
The secret approach to China comes as American officials, convening a half-dozen meetings in the White House Situation Room last week, including one of the top national security team on Thursday night, have been developing options to give to the president during his vacation in Hawaii. They include new economic sanctions, mirroring those recently placed on Russian oligarchs and officials close to President Vladimir V. Putin, which would cut off their access to cash — the one perk that allows the elite surrounding Kim Jong-un, the North Korean leader, to live lifestyles their starving countrymen can barely imagine.
The sessions also included discussions of “information operations” directed at the North Korean people, officials said, but similar efforts by South Korea to sway opinion in the North have often created a furious backlash.
This was also covered by the Wall Street Journal.
Although China has made no public response to the request, a separate report in the New York Times indicates that frustration with the DPRK among China’s leadership is as an all time high.
UPDATE 10 (2014-12-20): The DPRK denies involvement and makes an offer:
DPRK Foreign Ministry Rejects U.S. Accusation against Pyongyang over Cyber Attack
Pyongyang, December 20 (KCNA) — A spokesman for the Foreign Ministry of the DPRK gave the following answer to a question put by KCNA Saturday as regards the U.S. accusation against the DPRK over a cyber attack on a movie company in the U.S.:
Obama, Kerry and other high-ranking authorities of the U.S. cried out for sort of counter-measure Friday, claiming that the results of the investigation into the cyber-attack on the Sony Pictures Entertainment proved that the DPRK was behind it.
They, without presenting any specific evidence, are asserting they can not open it to public as it is “sensitive information.”
Clear evidence is needed to charge a sovereign state with a crime.
Reference to the past cyber-attacks quite irrelevant with the DPRK and a string of presumptive assertions such as “similarity” and “repetition” can convince no one.
The U.S. act of daring charge the DPRK with a crime based on absurd “investigation results” reveals its inveterate bitterness toward the DPRK.
This is proven, as in the recent cyber-attack, by the recent urge made by a man called a “human rights special envoy” of the U.S. State Department to movie-makers that they should harass the north Korean government and keep alive scenes hurting the dignity of the its supreme leadership.
The U.S. ruling quarters are working hard to divert the criticism of its administration to the DPRK as the plan of putting on show the anti-DPRK film on Christmas Day canceled due to the controversial cyber-attack, causing an uproar in the U.S.
We will never pardon those undesirable elements keen on hurting the dignity of the supreme leadership of the DPRK. In case we retaliate against them, we will target with legitimacy those responsible for the anti-DPRK acts and their bases, not engaging in terrorist attack aimed at the innocent audience in cinemas.
The army of the DPRK has the will and ability to do so.
The U.S. State Secretary is going to justify the production of the movie hurting the dignity of the supreme leadership of a sovereign state while trumpeting about the freedom of expression. He should know that there is punishment of libel in enforcement of international law.
We propose the U.S. side conducting a joint investigation into the case, given that Washington is slandering Pyongyang by spreading unfounded rumor.
We have a way to prove that we have nothing to do with the case without resorting to torture as what the CIA does.
The U.S. should bear in mind that it will face serious consequences in case it rejects our proposal for joint investigation and presses for what it called countermeasure while finding fault with the DPRK.
UPDATE 9 (2014-12-19): Some technology writers still believe the the DPRK was not behind the attack. And here. And here.
UPDATE 8 (2014-12-19): US Department of State on the hacking.
UPDATE 6 (2014-12-19): There is the official FBI press release on the matter.
UPDATE 5 (2014-12-19): The New York Times has published information from the FBI that implicates the DPRK in the Sony hack:
The F.B.I. on Friday said it had extensive evidence that the North Korean government organized the cyberattack that debilitated Sony Pictures computers, marking the first time the United States has explicitly accused the leaders of a foreign nation of hacking American targets.
The bureau said that there were significant “similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks” to previous attacks by the North Koreans. It also said that there were classified elements of the evidence against the North that it could not reveal.
“The F.B.I. also observed significant overlap between the infrastructure used in this attack and other malicious cyberactivity the U.S. government has previously linked directly to North Korea,” the bureau said. “For example, the F.B.I. discovered that several Internet protocol addresses associated with known North Korean infrastructure communicated with I.P. addresses that were hardcoded into the data deletion malware used in this attack.”
The F.B.I. said that some of the methods employed in the Sony attack were similar to ones that were used by the North Koreans against South Korean banks and news media outlets in 2013.
“We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there,” the F.B.I. said.
It added: “Though the F.B.I. has seen a wide variety and increasing number of cyberintrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior.”
North Korea has been under extraordinary economic sanctions for decades, and it has done nothing to curb either its nuclear program or these cyberattacks. A military response seems unlikely — the White House said on Thursday that it was examining options for a “proportional response,” and that would seem to rule out conventional military options.
Some of the evidence has been developed from “implants” that the National Security Agency has placed in networks around the world. But North Korea has proved to be a particularly hard target, because it has relatively low Internet connectivity to the rest of the world, and its best computer minds do not move out of the country often, where their machines and USB drives could be accessible targets.
“Suffice it to say,” one senior intelligence official said this week, “that we almost never name a suspect country. So when we do, it’s got to be based on something fairly strong.”
As the F.B.I. pointed out, the attacks at Sony share similarities with a similar series of destructive attacks last year on South Korean banks and broadcasters, and they used the same data-wiping tool that Iranian hackers used to destroy data on 30,000 computers at Saudi Aramco in 2012, according to forensics researchers.
In 2009, a similar campaign of coordinated cyberattacks over the Fourth of July holiday hit 27 American and South Korean websites, including those of South Korea’s presidential palace, called the Blue House, and its Defense Ministry, and sites belonging to the United States Treasury Department, the Secret Service and the Federal Trade Commission. North Korea was suspected, but a clear link was never established.
But those were all “distributed denial of service” attacks, in which attackers flood the sites with traffic until they fall offline. The Sony attack was far more sophisticated: It wiped data off Sony’s computer systems, rendering them inoperable.
“The cyberattack against Sony Pictures Entertainment was not just an attack against a company and its employees,” Jeh C. Johnson, the secretary of the Department of Homeland Security, said in a statement. “It was also an attack on our freedom of expression and way of life.”
Mr. Johnson said the attacks underscored the importance of taking measures “to rapidly detect cyberintrusions and promote resilience throughout all of our networks.”
“Every C.E.O. should take this opportunity to assess their company’s cybersecurity,” he added.
UPDATE 3 (2014-12-18): Christmas day screening of Team America at the Alamo Draft House is already sold out.
UPDATE 2 (2014-12-18): Maybe time for a Team America sequel?
UPDATE 1 (2014-12-18): Team America to the rescue! At least one American theatre will stick up for the first amendment. And let’s be honest, it is probably a much better movie.
Oh, and this.
Sony is dropping its planned Dec. 25 release of “‘The Interview,” the comedy starring Seth Rogen and James Franco that depicts the assassination of North Korean leader Kim Jong Un.
The decision comes after some of the nation’s largest movie theater chains, including Regal, Cinemark, Carmike and Cineplex, said they were holding back or dropping “The Interview” from screens in the aftermath of a hack that has ballooned from embarrassing disclosures for Sony Pictures executives to involve threats against theaters screening the film.
“Sony Pictures has been the victim of an unprecedented criminal assault against our employees, our customers, and our business,” Sony said in a statement Wednesday, saying that it reached the decision after the top cinema chains pulled out.
“Those who attacked us stole our intellectual property, private emails, and sensitive and proprietary material, and sought to destroy our spirit and our morale — all apparently to thwart the release of a movie they did not like. We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees, and the American public,” the company said.
At the same time, another North Korea themed film was also put on hold.
This seemed like a massive over-reaction in my opinion until a few minutes later when this story was published by the New York Times:
American intelligence officials have concluded that the North Korean government was “centrally involved” in the recent attacks on Sony Pictures’s computers, a determination reached just as Sony on Wednesday canceled its release of the comedy, which is based on a plot to assassinate Kim Jong-un, the North Korean leader.
Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was still debating whether to publicly accuse North Korea of what amounts to a cyberterrorism campaign. Sony’s decision to cancel release of “The Interview” amounted to a capitulation to the threats sent out by hackers this week that they would launch attacks, perhaps on theaters themselves, if the movie was released.