Media reports say U.S. authorities have linked last month's crippling cyber attack against Sony Pictures Entertainment to North Korea. The attack was made to pressure the studio into canceling the release of a film that parodies North Korean leader Kim Jong Un. The incident is familiar to companies in South Korea, which have a history of being targeted by the North.
Simon Choi, a cyber security researcher at an anti-virus company in Seoul called Hauri Incorporated, studied the malware codes used to hack into the Sony Corporation’s computer system. He said the codes are similar to the ones used in a cyber attack on South Korean media companies in 2012.
He said they confirmed that the malware used in the past was from an IP address from North Korea, and the malware found in the Sony Pictures case is the same, leading him to think North Korea had a hand in the Sony Pictures hacking.
Other security analysts have described the attack as "state-sponsored," and several sources said that North Korea was the government involved. A U.S. government official cited in media reports said that Washington has come to the same conclusion but is hesitant to officially accuse North Korea of launching a cyber terrorism attack.
The attack on Sony exposed tens of thousands of sensitive documents. The perpetrators have also threatened to release more unless Sony canceled the planned release of the movie, “The Interview,” a dark comedy about the assassination of Kim Jong Un. The studio and distributors gave in to the demand after the hackers who call themselves the Guardians of Peace appeared to threaten physical attacks on theaters that show the movie.
The North Korean government denied involvement in the cyber attack on Sony but called it a “righteous deed,” and conceded that it may have been done by North Korea’s supporters. Earlier this year Pyongyang called the movie itself an act of war.
Canceling the movie is estimated to have cost Sony more than $100 million in both costs incurred and anticipated revenue lost. But security analysts say cyber attacks can pose much bigger threats to national security, with the potential to shut down power utilities, aviation networks and financial companies.
Kim Hung-kwang, the president of a dissident group called North Korea Intellectuals Solidarity, said Pyongyang has been developing their cyber capabilities for over a decade.
He said from 2004 to 2009 the North was in a stage where they advanced their capability by building their own specific strategies and directly attacking South Korea. Since then, he said, North Korea has entered a stage of improvement and development.
It is hard and costly to prevent these attacks. Choi said South Korea has set up a kind of early warning cooperative network to alert companies of any attempts to penetrate cyber security.
If hacking incidents occur, he said, or malware from North Korea is found, the government will share the information with the companies to respond immediately.
The U.S. said it working to bring the perpetrators of this attack to justice, and is considering a range of options to respond. But this could prove difficult given that North Korea is already for the most part cut off from the global economy and under United Nations sanctions for pursuing its nuclear program.
VOA News Producer in Seoul Youmi Kim contributed to this report.