by Dish Staff
Given how little trade most of the world does with North Korea, further economic sanctions aren’t really an option:
Peter Singer, mercifully, rules out war:
We didn’t go to war with North Korea when they murdered American soldiers in the 1970s with axes. We didn’t go to war with North Korea when they fired missiles over our allies. We didn’t go to war with North Korea when one of their ships torpedoed an alliance partner and killed some of their sailors. You’re going to tell me we’re now going to go to war because a Sony exec described Angelina Jolie as a diva? It’s not happening.
I wondered online if Sony could argue somehow that it is too big to fail — that if the attack is tied to a country, then perhaps the company can be indemnified from lawsuits arising from its own alleged neglect. The answer is no.
Going forward, Congress might consider some sort of risk pool for companies that meet strict standards and still find themselves the victim of state-sponsored hacking. Sony does not seem to have met those standards. It was low-hanging fruit. Sony will have to eat its losses, because saving Sony from embarrassment is not in our national interest. But securing open access to the internet for American companies is now considered to be a critical national security issue.
Bloomberg View’s editors think “Sony and other corporations can’t expect the U.S. government to respond to every attack on their behalf”:
However embarrassing and costly to the studio, the hacking represents a cybercrime, not an act of cyberterrorism directed at civilians or vital national infrastructure. (By the same token, threats against theaters showing a Hollywood comedy that mocks Kim Jong Un hardly compare with the vows of annihilation that constantly pour out of North Korean state media.) Companies need to improve their own defenses.
They ask, “What level of attack would prompt a U.S. counterstrike?”
There’s no need for any new red line to be drawn here. It would only help the Kim regime calculate the risk-reward ratio for its cybermischief. Ambiguity can help deter North Korea from attempting anything more serious, such as an attack on the U.S.’s critical infrastructure.
It’s worth keeping in mind that certain individuals, like Kim Zetter, still have doubts that North Korea is responsible for the attack:
Nation-state attacks aren’t generally as noisy, or announce themselves with an image of a blazing skeleton posted to infected computers, as occurred in the Sony hack. Nor do they use a catchy nom-de-hack like Guardians of Peace to identify themselves. Nation-state attackers also generally don’t chastise their victims for having poor security, as purported members of GOP have done in media interviews. Nor do such attacks involve posts of stolen data to Pastebin—the unofficial cloud repository of hackers—where sensitive company files belonging to Sony have been leaked. These are all hallmarks of hacktivists—groups like Anonymous and LulzSec, who thrive on targeting large corporations for ideological reasons or just the lulz, or by hackers sympathetic to a political cause.
Barbara Demick listens to another skeptic:
“There is such a level of vindictiveness toward Sony that it feels more like an ex-employee or a business dispute,” Martyn Williams, a long-time North Korea watcher, who has taken a contrarian view on the attack, said. Williams believes that the hackers could be using North Korean software, or possibly imitating North Korean tactics, to cover their own tracks. He notes that the Guardians of Peace hackers didn’t mention “The Interview” before this week. He also believes that a recent message on a text-sharing Web site that threatened moviegoers and invoked 9/11 was unlikely to have come from North Korea. “North Korea is definitely capable of annoying its neighbors, but to make these kind of threats, saying ‘Remember 9/11,’ I don’t think North Korea is so stupid,’’ Williams said.
On the other hand, today the FBI officially blamed North Korea for the hack.