Whodunnit? Why North Korea Is Suspected in the Sony Hack

Tourists look toward North Korea from the Demilitarized Zone on the South Korean border Photograph by Ed Jones/AFP via Getty Images

Sony was warned. After learning of the company’s plans to release a James Franco-Seth Rogen comedy about a plot to assassinate Kim Jong Un, North Korea declared war in June. At the time, a Foreign Ministry spokesman said all North Koreans were determined “to mercilessly destroy anyone who dares hurt or attack the supreme leadership of the country, even a bit.”

Thanks to threats like that, North Korea is a prime suspect in the hacking attack that crippled Sony Pictures last week. The attackers made off with several new Sony movies, including Brad Pitt’s Fury and the remake of Annie, and they apparently made them available online. One movie that the hackers haven’t leaked is The Interview, the Franco and Rogen film that got the North Koreans so outraged with Sony in the first place.

An investigation is underway, with the FBI taking part, and it’s too early to say whether Kim’s regime had any role in the hack. But “the facts and the evidence really point to the East on this one,” Joe Loomis, CyberSponse chief executive officer and founder, told Bloomberg Television. The incident is an example of a “new type of warfare coming along now,” he added, “where you have a foreign country attacking a corporation.”

North Korea certainly has the resources to pull off such a heist. South Korean investigators suspected the North was behind attacks on South Korean banks and broadcasters last year. North Korea has “quite a strong force of professional hackers operating under the auspices of the Korean People’s Army,” says Leonid Petrov, a researcher at the Australian National University’s College of Asia and the Pacific.

One goal for North Korea is to let the world know what those hackers are capable of doing. Tobias Feakin, director of the International Cyber Policy Center at the Australian Strategic Policy Institute, estimates that some 1,500 people work for North Korea’s hacking hub, known as Unit 121. “The country’s leaders are “more than happy to use their cyber capabilities,” he says. “They don’t seem particularly shy in their use of cyber power.”

In part, that’s because state-backed hacking is hard to prove, and North Korea has already shown that it’s a country “that doesn’t play by the rules,” says Feakin. And while South Korea is one of the most connected places on earth, the North doesn’t have much of a presence in cyberspace. “It’s not an easy target to have some kind of repercussions, so in some ways it’s in a strong position,” he says. Hacking, therefore, “becomes an attractive medium for expressing your anger. There are very few consequences.”

North Korea may have a strong motive, but there’s no clear proof that it was behind the infiltration of Sony’s computers. Still, the credible suspicion that the government could orchestrate such a robbery represents a victory for Kim. “Even if North Korea didn’t do it,” says Petrov, “this helps them keep the promise of relentless revenge on anyone who tries to tarnish the image of the great leader.”

    Before it's here, it's on the Bloomberg Terminal.