(Bloomberg) -- The U.S. Justice Department blamed the North Korean government for the cyber-attack on Sony Pictures Entertainment computers that exposed Hollywood secrets, destroyed company data and caused the studio to cancel release of a movie that envisioned Kim Jong Un’s assassination.
“The FBI now has enough information to conclude that the North Korean government is responsible for these actions,” the Federal Bureau of Investigation said in a statement today.
“The FBI now has enough information to conclude that the North Korean government is responsible for these actions.”
Malicious software in the Sony attack revealed links to malware previously used by North Koreans, the FBI said. The tools used also were similar to a cyber-attack in March 2013 against South Korean banks and media organizations.
The FBI said it will “impose cost and consequences” on those found to carry out cyber-attacks, though it didn’t name any specific retaliatory actions for the Sony hack. The attack rendered thousands of computers inoperable and forced Sony to take its entire computer network offline, the FBI said.
“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves,” the FBI said in the statement. “Such acts of intimidation fall outside the bounds of acceptable state behavior.”
Proportional Response
An unidentified man who answered the phone today at North Korea’s office in the U.S. said the government had no comment. The state-run Korea Central News Agency on Dec. 7 cited an unnamed defense spokesman as saying North Korean supporters may have attacked Sony’s computers in “righteous” anger over the upcoming release of a comedy about a plot to kill Supreme Leader Kim.
Sony Corp.’s Culver City, California-based studio canceled the Dec. 25 release of the Seth Rogen comedy “The Interview” after major theater chains said they wouldn’t show the picture. A group claiming credit for the cyber-attack invoked the Sept. 11, 2001, terrorist attacks in threatening movie fans with violence if they went to see the film.
Yesterday, White House spokesman Josh Earnest said the Obama administration is weighing a “proportional response” to the cyber-attack and is wary that the intrusion may have been designed to provoke a large-scale U.S. reaction.
President Barack Obama is expected to address the matter at a previously scheduled press conference this afternoon.
‘Cyber Terrorists’
In late November, attackers crippled the movie studio’s computers and began releasing thousands of internal documents, including e-mails, salaries and medical histories of employees.
The Sony attack was carried out by “cyber terrorists, bent on wreaking havoc,” Chris Dodd, chairman and chief executive officer of the Motion Picture Association of America Inc., said in an e-mailed statement today.
“This situation is larger than a movie’s release or the contents of someone’s private e-mails,” Dodd said.
“The Internet is a powerful force for good and it is deplorable that it is being used as a weapon not just by common criminals, but also, sophisticated cyber terrorists,” Dodd said. “We cannot allow that front to be opened again on American corporations or the American people.”
Sony had no immediate comment.
Similar Code
The FBI found “there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” in the malware used to delete Sony’s data with other used by North Koreans.
The bureau also discovered that several Internet protocol addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the malware that deleted data in Sony attack.
The attack was “initiated by a sophisticated actor” and the U.S. investigation is making progress, Earnest said. The character of the intrusion makes it a national security matter, not just an economic one, he said.
“The cyber-attack against Sony Pictures Entertainment was not just an attack against a company and its employees,” Homeland Security Secretary Jeh Johnson. “It was also an attack on our freedom of expression and way of life.”
The cyber-attack may spur the U.S. government to define what -- if any -- responsibility and authority it has to protect private companies that control major parts of the nation’s financial, energy and communications infrastructure.
Responses Debated
One thing the Obama administration is unlikely to do is unleash a tit-for-tat cyber-attack, analysts said. Any eventual U.S. response also will likely be unannounced, in order to avoid feeding the North Koreans’ desire for a public showdown with the world’s sole superpower.
“What the North Koreans can’t stand is when no one pays attention to them,” said Joel Brenner, former head of U.S. counterintelligence. “What we do may not be publicly known, but the North Koreans will know who did it.”
The possible options include launching a covert operation against North Korea’s shadowy Unit 121, believed to be responsible for training new hackers. The unit in 2011 is believed to have launched “distributed denial of service” attacks against 40 South Korean government and military websites, according to an intelligence official.
Even so, the Obama administration may be reluctant to retaliate in kind by releasing U.S. cyber-attacks on North Korean computer networks -- particularly over the cancellation of a Hollywood comedy. Any such attack would involve showing the North Korean government what part of its network vulnerabilities the U.S. had identified, thus allowing defenses there to be strengthened, Brenner said.
To contact the editors responsible for this story: Jon Morgan at jmorgan97@bloomberg.net Elizabeth Wasserman, Romaine Bostick
Nenhum comentário:
Postar um comentário