Can You Make Even the Slightest Sense Out of the Sony Hackers Story?

 

As you may have guessed from the headline, I sure can’t.

I mean, obviously, some very sophisticated hackers at work. Obviously, a complex operation. Not hard to see why someone might think it would be amusing, useful, or highly lucrative to hack that target.

But the idea that the North Koreans are behind this — and the point of this is to get Sony to pull a movie that sounds like a dumb-but-standard-fare Hollywood treatment of North Korea — does that make the slightest bit of sense to you?

I know I’ve offered to be your guide to all things foreign policy, but I can make no sense of this. Even if what I’m reading does seem to add up to “That could even, possibly, conceivably, be what’s going on.”

I mean, say you’re a North Korean lunatic. Wouldn’t you be just slightly more concerned at this point by the unlikely rise to power of Ashton Carter, America’s all-but-for-the-formalities Secretary of Defense? Of whom the most notable thing that may be said or — at least — the only interesting thing he’s ever said, is:

Therefore, if North Korea persists in its launch preparations, the United States should immediately make clear its intention to strike and destroy the North Korean Taepodong missile before it can be launched. This could be accomplished, for example, by a cruise missile launched from a submarine carrying a high-explosive warhead. The blast would be similar to the one that killed terrorist leader Abu Musab al-Zarqawi in Iraq. But the effect on the Taepodong would be devastating. The multi-story, thin-skinned missile filled with high-energy fuel is itself explosive — the U.S. airstrike would puncture the missile and probably cause it to explode. The carefully engineered test bed for North Korea’s nascent nuclear missile force would be destroyed, and its attempt to retrogress to Cold War threats thwarted.

I’m just trying to put myself in those shoes. I’m trying to figure out why the new Secretary of Defense of the United States — a country that can, actually, do precisely this — is not my bigger concern than making sure The Interview gets cancelled.

Can’t seem to do it.

The only thing I might conclude is that North Korean lunatics are, truly, lunatics and that no game theory — however conceived — applies here, as all such theories assume at least some degree of rationality in the actors involved. If so, Ash Carter is quite right about launching a preemptive strike.

Yesterday would have been better, for sure, but today is still better than tomorrow. Because if this is really what we’re dealing with, “not one second more” is the only conclusion I can logically reach.

Astrelok / Shutterstock.com

There are 58 comments.

Become a member to join the conversation. Or sign in if you're already a member.
  1. user_86050 Inactive
    user_86050
    @KCMulville

    The hacker mentality comes down to a simple reflex: they did it because they can.

    I won’t pretend to discuss the details of this story, for two reasons. First, I don’t know any of the details (other than what’s been reported, and I’m immediately skeptical of that).

    But second, there is someone else on Ricochet who (a) knows a lot more about the movie business than me; (b) knows a lot more about North Korea (he’s previously said he studies it almost as a hobby); and (c) is kind of a gadget-geek. I wonder what Rob Long has to say about it?

    • #1
  2. george.tobin@yahoo.com Moderator
    george.tobin@yahoo.com
    @OldBathos

    Bad publicity and perceptions of weakness are more of a threat to the nutball-in-chief than losing an ICBM in a preemptive strike.  I’m surprised he hasn’t ordered on hit on the makers of Team America: World Police (2004).

    I think if N.Korea attacks James Franco we should retaliate in force but if the target is Seth Rogen, perhaps we should be more conciliatory.

    • #2
  3. Valiuth Inactive
    Valiuth
    @Valiuth

    Really? Frankly this seems perfectly in line with what a crazy man-child dictator would prioritize. I think when it comes to North Korea keeping in mind that their leadership isn’t exactly all there in a cognitive sense is good to remember, heck even their average citizen can’t be all there mentally either. To me this isn’t a country so much as the worlds largest cult. Frankly I’m surprised they haven’t passed out the Kool-Aid yet, but maybe they are waiting for Hael-Bopp to make another pass by the Earth.

    • #3
  4. ctlaw Coolidge
    ctlaw
    @ctlaw

    The NorK hackers are an organized military branch. It’s not like a NorK civilian can have a computer and internet access and hack for private motive. Hacking Sony would be the pathway for some young major to quickly advance to general.

    This all begs the question of why are we giving control of the internet to the UN rather than keeping it ourselves and cutting off the NorKs.

    • #4
  5. user_157053 Member
    user_157053
    @DavidKnights

    I think we should offer both Franco and Rogen in exchange for the Norks ending their nuke weapons program and turning over all their weapons.  As Claire points out, they may be lunatics, and if so, then maybe they’ll go for the deal! :)

    Seriously, this most reminds me of the stories you get out of the middle ages where the idiot son or grandson or great-grandson of the King has inherited the throne starts doing things like commanding the sun to stop in the sky.  Everyone in the kingdom is standing around looking at each other, but no one wants to be the guy to say the ruler is a nutbag and take a shot at killing the King.

    I do think that sooner or later, someone inside N. Korea will off the little bugger.

    • #5
  6. Devereaux Inactive
    Devereaux
    @Devereaux

    I fully agree none of this makes any sense. I suspect part of the put-up of NK as the source of this is just that – that it makes no sense. Someone with more moxy than the dude who thought up the movie excuse for Benghazi is finally working for this White House.

    As to the real purpose and the real culprit, feel free to speculate all you want. What we know is a singular dearth of information. WHY we are being treated as mushrooms is also not at all clear. But clearly someone doesn’t want us to know something.

    Because this 1+1 does not equal 2,3,4,5,6,7, or 8. So no matter what you think taxes are, it doesn’t add up. (Since you’re younger than I by a good bit, it’s an old joke about what does 1+1=. It’s 6; used to be 4 but taxes went up again.)

    • #6
  7. Spin Inactive
    Spin
    @Spin

    I attended a cyber security conference a few months ago.  The speakers ranged from IT leaders to FBI Agents.  One of the speakers is an expert in international cyber crime.  He explained that cyber crime coming out of China, Japan, and the Koreas is as aimed at one thing:  stealing corporate secrets.  He said that while these countries may be great at manufacturing electronics cheaply (Caucasians are just too damn tall!), they aren’t great at inventing the technology.  So they steal it.  There are two kinds of companies in the US, he said.  “Those that have been hacked by China, and those that don’t know they’ve been hacked.”  I am inclined to think that this Sony business is just us catching them with their fingers in the pie.

    • #7
  8. The Reticulator Member
    The Reticulator
    @TheReticulator

    The mp4 file is mightier than the sword. Also mightier than the missile.

    • #8
  9. user_82762 Thatcher
    user_82762
    @JamesGawron

    Claire,

    Evidence suggests the attackers routed their attack through infected computers in Thailand, Italy, Singapore, Poland, Bolivia and Cyprus, but the code was written on computers that used the Korean language settings by default. The attacks also bear remarkable similarity to a series of destructive attacks last year on banks and broadcasters in South Korea.

    North Korea has denied involvement in the Sony attacks, but released a statement Sunday acknowledging that the attack might be a “righteous deed” of hackers sympathetic with North Korea.

    Assuming this isn’t a wonderfully creative CIA disinformation campaign this is rather damning evidence. We need to realize what a totalitarian mind is like. We are used to a liberal society in which for want of a better description, you’d better learn to have a sense of humor. Totalitarians have total control. The thought of a movie which even suggests the idea of assassination and in general mocks the state is way beyond what a real totalitarian can stand.

    Kim Jong-un can’t take a joke.

    Regards,

    Jim

    • #9
  10. Yeah...ok. Inactive
    Yeah...ok.
    @Yeahok

    You wont think they’re such lunatics when they steal the cat lady manuscript.

    • #10
  11. Son of Spengler Contributor
    Son of Spengler
    @SonofSpengler

    Valiuth: Frankly this seems perfectly in line with what a crazy man-child dictator would prioritize.

    This particular man-child dictator is known for his obsession with pop culture — sports, movies, TV. So this particular injury from Sony probably hits him where he is hypersensitive. He’s behaving like the head of a crime syndicate, trying to teach a lesson to the gang that showed him disrespect.

    • #11
  12. ParisParamus Member
    ParisParamus
    @ParisParamus

    It’s just a publicity stunt to promote the film.

    • #12
  13. user_645 Editor
    user_645
    @Claire

    Well, since every one of the above comments sounded at least plausible to me–even though many are also incompatible–I’m left where I started. I can make no sense of this.

    • #13
  14. user_645 Editor
    user_645
    @Claire

    But hats off if this is the most amazing PR campaign ever for a (basically insipid-sounding) movie. Because if that’s the explanation, we want to find the guy who came up with that idea and make him our new SecDef.

    • #14
  15. Misthiocracy Member
    Misthiocracy
    @Misthiocracy

    Claire Berlinski:Well, since every one of the above comments sounded at least plausible to me–even though many are also incompatible–I’m left where I started. I can make no sense of this.

    How about a very high benefit-to-cost ratio?

    What does it cost North Korea to employ these hackers? Relatively little.

    What does it benefit the North Korean establishment to show that even the mighty Sony is but a plaything for them to do with as their whims compel them? Plenty in terms of domestic PR value.

    Sony is a huge symbol of “Americo-Japanese Corporate Imperialism”, and it is powerless against Kim! POWERLESS!!!

    • #15
  16. user_385039 Inactive
    user_385039
    @donaldtodd
    ctlaw #4 “The NorK hackers are an organized military branch. It’s not like a NorK civilian can have a computer and internet access and hack for private motive. Hacking Sony would be the pathway for some young major to quickly advance to general.”

    I have, and have had for some time, the impression that no one shows a particular initiative in North Korea without some sort of support from much higher up.  It is not the major who hopes to become a general, it is the general who hopes to remain a general with his head on his neck who might pose a consideration to the dear leader.

    A mere major would be asked why he did what he did without permission.  Then he would be rewarded for doing it without permission.  Then a new major would appear who knows his place and adheres to it studiously.

    There is a lockstep mentality in North Korea which is tightly maintained.

    I had read of a highly placed individual who surrendered his life (and the lives of his family?) for making a phone call outside of North Korea (to China I believe).  He assumed more authority than he actually had and paid for that assumption.

    Might one also assume that a failure in such an endeavor as hacking Sony might not lead to a promotion?  The deity in North Korea does not share his throne with others.
    • #16
  17. Tim H. Member
    Tim H.
    @TimH

    I was about to jokingly suggest a clever marketing campaign by Sony, too, but the security risks to their employees and stars would be too much bad publicity, so I reckon not.

    • #17
  18. St. Salieri Member
    St. Salieri
    @

    I think irrationality is a part of it – by our lights, but not by theirs.  Reading Goebbels diaries were instructive on this point.  The head of a far more “rational” fascistic state’s propaganda department showed amazing insight at times and complete bizarro thoughts on others.  However, there was a consistent logic to it all, and Goebbels was a brilliant man in many respects, and utterly loathsome.  The diary becomes more surreal as the war goes south.  So, if there is any analogous comparison, leaving in a society as totalitarian and isolated must produce all manner of “rational” decisions.

    Imagine being in the aquarium that is North Korea.

    I’m sure to them it made perfect sense, how it plays out on the rest of the world stage, not so much.

    My knowledge of Korea ends about 1950, and that is precious little, so take it all with a huge grain of salt.  Just thinking aloud.

    • #18
  19. user_44643 Inactive
    user_44643
    @MikeLaRoche

    Kim Jong Un is just ronery:

    • #19
  20. user_123768 Inactive
    user_123768
    @edwarddentzelcom

    I guess I take a somewhat contrarian view on this.

    First, why would North Korea try to block a movie that none of its citizens will see anyway? Furthermore, Kim Jong Un is FULLY aware of what most of the world thinks of his country and him. One more movie that will be here today, gone tomorrow isn’t going to damage his reputation much.

    Second, even if the Nork citizens somehow get their hands on pirated copies, the contents will only reinforce what they believe about the rest of the world anyway: That we’re a bunch of idiots who aren’t smart enough to love their Dear Leader.

    Third, the affluent Norks and Chinese already get these movies on the black market before they’re in the theaters any way. Why hack into the USA when you can steal it within the boundaries of your own country?

    It’s for these very reasons I’ve convinced myself the Sony hack was an inside job. Lots of film companies cutting back these days, sending a lot of disgruntled ex-employees back to the job lines. A lot of former workers who know all the usernames and passwords. In fact, the threat that came out a couple days ago–“We’ll go after your families” or whatever–only convinces me more that a foreign nation had nothing to do with it. Yeah, like the Norks/China or whoever is gonna send Agents to the USA to kill employees of a movie company.

    Hmmmm . . . that’s not a bad plot.

    • #20
  21. user_385039 Inactive
    user_385039
    @donaldtodd

    Edward Dentzel: #20 “Kim Jong Un is FULLY aware of what most of the world thinks of his country and him.”

    This man is praised for his perspicuity no matter what he does.  Sycophants surround him.  He is a deity to the people of North Korea, and his deity is protected.  Even the Chinese mute their complaints and they have a powerful hold on North Korea.

    I am not sure that he realizes that he is merely human anymore, nor is he supposed to realize he is human.  There is no North Korean court jester to remind him that he has flaws.  Any that might have are dead or in a prison camp with their entire families pending death.

    Is he aware of other places where he is held in ill-repute?  Undoubtedly.  He threatens questionable practices all the time, and occasionally delivers on those threats, but it is the boast of someone with complete and total power to do what he wants when he wants for no knowable reason.  He doesn’t care about the US, or Japan, or South Korea (where the armistice lives on).

    • #21
  22. Gödel's Ghost Inactive
    Gödel's Ghost
    @GreatGhostofGodel
    1. Sony’s nowhere near stupid enough to do this to themselves. Think seriously about the legal hot water they’d be in for a fraudulent threat that got the FBI involved.
    2. The embedded server names, credentials, etc. point to personnel penetration of Sony by the attackers. This kind of industrial espionage is unusual neither in the entertainment industry nor in southeast Asia.
    3. As others have pointed out, megalomania is virtually one of the defining characteristics of totalitarian “leaders.” Nuts can be brilliant and entirely logically internally consistent (Hitler was, making things like Operation Mincemeat possible), but they’re nuts.

    So as much as I hate to say it, this is almost certainly the real deal.

    • #22
  23. user_645 Editor
    user_645
    @Claire

    nor in southeast Asia.

    Pretty sure this was just a typo, but otherwise–we’re talking about Northeast Asia, and I don’t usually think of Southeast Asia as “industrial espionage central” so much as East Asia. So first, I’m a bit puzzled, geographically, figured it’s worth asking. Wondering if there’s something important about Southeast Asia I might not be grasping. But also: If you meant Northeast Asia … surely you don’t mean North Korea, specifically? Because honestly, I would not have thought this would be their forte. South Korea, sure. Japan, China–of course.

    But what kind of collective intellectual power is required to pull such a thing off? How many highly skilled people would be required to do this? Does that much even exist in North Korea? It’s one thing to build a bomb–which obviously they do have the brainpower to do. But that’s a slightly different set of skills, isn’t it?

    I don’t quite know what set of skills you’d need to pull this one off. I don’t know how likely it is that a country I’d think of as “thoroughly unlikely to produce the kinds of people who are good at this” would have in fact produced enough people who are good at this to do it.

    Insight?

    • #23
  24. Tim H. Member
    Tim H.
    @TimH

    Here’s a poorly-thought-out idea, right off the top of my head:
    Running off of Claire’s comment about China (among others) being a hacking powerhouse, what if this is another Chinese hacking attack, designed to look like a North Korean job to throw people off the scent?

    Opportunity: the Chinese are pretty good at this thing, and they do it a lot. They’ve probably got the skill both to do it and to leave the clues that make it look Korean.

    Motive: “Industrial” espionage in the entertainment industry? Umm…probably not a deep-seated desire to get their pirated copies of Sony movies out before release, but maybe that’s just a distraction to cover the real motive…something like the financial data—Social Security numbers, bank accounts, and so on. Maybe there’s a way to get money out of this, or use the data for something down the road.

    Secondary motive: Why blame it on North Korea, their erstwhile ally? That wouldn’t be done without an order, of course. We know(?) they’re usually frustrated with North Korea. Maybe they’ve had enough for some reason, and this is a convenient way to weaken him.

    • #24
  25. user_645 Editor
    user_645
    @Claire

    Tim H.:Here’s a poorly-thought-out idea, right off the top of my head: Running off of Claire’s comment about China (among others) being a hacking powerhouse, what if this is another Chinese hacking attack, designed to look like a North Korean job to throw people off the scent?

    Opportunity:the Chinese are pretty good at this thing, and they do it a lot.They’ve probably got the skill both to do it and to leave the clues that make it look Korean.

    Motive:“Industrial” espionage in the entertainment industry?Umm…probably not a deep-seated desire to get their pirated copies of Sony movies out before release, but maybe that’s just a distraction to cover the real motive…something like the financial data—Social Security numbers, bank accounts, and so on.Maybe there’s a way to get money out of this, or use the data for something down the road.

    Secondary motive:Why blame it on North Korea, their erstwhile ally?That wouldn’t be done without an order, of course.We know(?) they’re usually frustrated with North Korea.Maybe they’ve had enough for some reason, and this is a convenient way to weaken him.

    I like it, I like it. But the way we’re all just ginning up ideas like this and the way they all sound equally plausible tells me that I sure don’t understand it.

    • #25
  26. user_385039 Inactive
    user_385039
    @donaldtodd

     Claire Berlinski: #23 “But what kind of collective intellectual power is required to pull such a thing off? How many highly skilled people would be required to do this? Does that much even exist in North Korea? It’s one thing to build a bomb–which obviously they do have the brainpower to do. But that’s a slightly different set of skills, isn’t it?”

    These things are for sale.  They can be purchased for the right money.  Once they are purchased, locals with the right aptitudes can be trained and then put to work.  The old USSR, the new Russia, China, Iran, and North Korea are examples of the fact that while the creative juices might not flow, the copying juices are available.

    • #26
  27. user_86050 Inactive
    user_86050
    @KCMulville

    The thing about hacking is that discovery makes it less useful. The really good hackers are the ones you don’t know about.

    So why would a talented hacker advertise his intrusion? Unless it was a one-time thing that he/they didn’t think would last long? And if so, is it a long term threat?

    This could be one of those stories that has a few twists and turns. And as was said above … maybe this is itself the seed for an upcoming movie script.

    • #27
  28. Tim H. Member
    Tim H.
    @TimH

    Of course, it’s always possible this is just a private, non-ideological hacking job. Hackers like to do things for the challenge, to cause trouble, and to show off their skills. Getting financial information and putting Sony films on a torrent server fit in with that. It could be South Korean hackers, or it could be deliberate clues given to make it look Korean, just to mess with people.

    When I was a grad student at Space Telescope, where the Hubble is run, we were the #2 hacker target in America, after the CIA, I think. I was surprised—you can’t control the spacecraft except from inside the building (they’re careful about that vulnerability, with this multi-billion-dollar project), and our images are all publicly available in the archive. So what’s the point? “Because they like the challenge,” I was told.

    • #28
  29. user_645 Editor
    user_645
    @Claire

    Tim H.:So what’s the point? “Because they like the challenge,” I was told.

    I think that’s my point, too. Hacker culture is a very particular subculture. It is a global subculture, to be sure, but it doesn’t seem to me all that many North Koreans would be apt to be part of it. It is a hermit state, with all that implies, after all. It seems a bit different from bomb-building, in a way that until you wrote that I couldn’t quite put my finger on–and still can’t–but I think that’s the clue.

    • #29
  30. Gödel's Ghost Inactive
    Gödel's Ghost
    @GreatGhostofGodel

    Claire Berlinski:Pretty sure this was just a typo, but otherwise–we’re talking about Northeast Asia, and I don’t usually think of Southeast Asia as “industrial espionage central” so much as East Asia. So first, I’m a bit puzzled, geographically, figured it’s worth asking. Wondering if there’s something important about Southeast Asia I might not be grasping. But also: If you meant Northeast Asia … surely you don’t mean North Korea, specifically? Because honestly, I would not have thought this would be their forte. South Korea, sure. Japan, China–of course.

    Yeah, I was overly specific. I really just meant to exclude India, etc.

    But what kind of collective intellectual power is required to pull such a thing off? How many highly skilled people would be required to do this? Does that much even exist in North Korea?

    Most assuredly. Most assuredly at least some of them are State-sponsored. Black Hat and Defcon reached 9,000 and 16,000 attendees, respectively, this year. Especially if we assume infiltration of Sony, providing internal server names and user credentials, the rest doesn’t require much skill at all, especially with instant worm toolkits available for the download. Think a team of half a dozen people.

    The sad truth about software security is:

    1. To a first approximation, no one in the industry gives a [non-CoC compliant].
    2. Of the <1% who give a [non-CoC compliant], <1% are competent to address the issues.
    3. <1% of the users of software are informed/care enough to seek out the work of the <1% of the <1% of software developers who get it right.

    Now pardon me while I start my morning with a fifth of bourbon.

    • #30

Comments are closed because this post is more than six months old. Please write a new post if you would like to continue this conversation.