Like so many Hollywood movies, North Korea’s offensive against Sony Pictures Entertainment could end badly — which is why U.S. officials have to be careful not to overreact.
Theater companies have already succumbed to threats of terrorism by pulling the movie “The Interview” from their schedules. Sony then canceled the release of the film altogether. Now that unnamed U.S. officials have claimed North Korea is behind the cyberattack that crippled Sony’s computers, some are calling for the government to retaliate. That would be a mistake.
True enough, the North’s cyber-army is a growing threat. By some estimates, it has nearly doubled in size in the past two years. And the attack on Sony displayed a degree of sophistication that Pyongyang’s cyberwarriors were not previously known to possess. No doubt, the regime is eager to improve those capabilities further; hackers and malware are much cheaper (and easier to hide) than nuclear centrifuges and ballistic missiles. What’s more, the North’s perceived enemies — especially their militaries — are all far more dependent on Internet-based systems than it is, and the “air gap” between its Internet infrastructure and the rest of the world’s helps insulate against counterattacks.
Still, Sony and other corporations can’t expect the U.S. government to respond to every attack on their behalf. However embarrassing and costly to the studio, the hacking represents a cybercrime, not an act of cyberterrorism directed at civilians or vital national infrastructure. (By the same token, threats against theaters showing a Hollywood comedy that mocks Kim Jong Un hardly compare with the vows of annihilation that constantly pour out of North Korean state media.) Companies need to improve their own defenses. In the past, some have squabbled with the government over how much information they should have to share about cyber-attacks; they need to get over their reluctance.
What level of attack would prompt a U.S. counterstrike? There’s no need for any new red line to be drawn here. It would only help the Kim regime calculate the risk-reward ratio for its cybermischief. Ambiguity can help deter North Korea from attempting anything more serious, such as an attack on the U.S.’s critical infrastructure.
This doesn’t mean Washington’s hands are tied. Previous North Korean cyber-attacks have been directed at South Korean banks and airports. Under its existing security commitments, the U.S. should work with Japan and South Korea to bolster their own cyberdefenses. The three allies should join forces to monitor the North’s cyber-activities in an effort to slow them where possible and perhaps disrupt the next attack.
The one country that could be of the most help to such an effort is China. North Korea’s two largest cyberwarfare units are said to be based on the mainland, where they exploit China’s more advanced technological infrastructure. While the Chinese and U.S. governments have their differences on the issue of state-sponsored hacking, China has an overriding interest in stability on the Korean peninsula. Thus it may be open to reining in these rogue operations, which only raise the risk of conflict in the region.
In all likelihood, the North’s cyberprowess will keep growing, especially as its nuclear program comes under greater pressure. At the same time, however, the more wired the country becomes, the more avenues will be established for the outside world to penetrate the regime’s information blackout with e-books, downloaded videos, podcasts — the kind of cultural products that have already begun to challenge the state’s version of reality. Kim has shown himself to be an impassioned movie critic. He needs to know that the information superhighway runs both ways.
This article first appeared at: Don’t Overreact to North Korea’s Attack on Sony