The most closed country on earth — North Korea — is now denying its involvement in one of the biggest corporate hacks in history.
Someone attacked Sony Pictures Entertainment last week and made public troves of stolen data, including five unreleased films, medical records and salaries of nearly 7,000 global employees. But before a recent denial — another North Korean diplomat played coy about the country’s involvement.
That North Korea could be capable of a sophisticated hack may seem counterintuitive, since the nation known as the Hermit Kingdom is so cut off from the rest of the world. But North Korea watchers say its cyber-espionage skills are actually quite developed.
This recent tussle began when Kim Jong Un — the dictator of North Korea — wasn’t pleased about an upcoming Hollywood movie. Kim is going to be featured in The Interview, a slapstick comedy starring famous goofballs Seth Rogen and James Franco opening Christmas day.
In The Interview, Franco plays a famous television host named Dave Skylark invited to North Korea to interview Kim. But then — and this is the plot of the film — the CIA asks Franco and Rogen’s characters to assassinate the supreme leader.
“The North Korean state has been taking this really seriously,” says Katharine Moon. She is the chair in Korea studies at the Brookings Institution, a Washington think tank.
“North Koreans do not have an independent world of art and entertainment. And so they don’t separate propaganda from entertainment. So it’s very difficult for them to understand that the U.S. and many other countries have a completely independent world that’s called Hollywood,” Moon says.
The Hollywood studio releasing the film, Sony, shrugged off North Korea’s promise of “merciless counter-measures” until last week. That’s when hackers hit the studio where it hurts. They stole 40 gigs of sensitive data including the unreleased films, Social Security numbers and details on salary negotiations.
“It shut down the company. They had to use handwritten notes, fax machines, a lot of telephone conversations because they were fixing the issues on their servers,” says Amy Chang, a cybersecurity researcher at the Center for a New American Security.
Sony didn’t respond to requests for an interview but told The New York Times the company is working with the FBI to figure out whether North Korea — or maybe a former employee — is responsible. East Asia experts say if anyone’s questioning whether closed-off North Korea could pull off an attack, the answer is yes.
“North Korea is indeed capable of quite crippling hacks. It has a very effective, efficient, capable hacking machinery,” Moon says. While the general citizenry there may not have wide Internet access, she says, the latest counts show about two million North Korean elites and those who live along the Chinese border are connected to a 3G network. And the state supports training in cyber-espionage.
“Those who succeed in North Korea then are sent to China and Russia to get extra training,” Moon says.
Cybersecurity researchers and firms that have analyzed the technical traces of this hack point to a North Korean source of the attack, as North Korean spokesmen send conflicting messages. Sony will continue investigating and shoring up its security.
Curiously, one upcoming film the hackers didn’t release to the public is The Interview — the movie about assassinating Kim Jong Un.