North Korea and the Sony Hack
The existence of valuable and confidential corporate information has always prompted hacking attempts by malicious and cunning individuals. Normally, when hackers intrude into a company’s information technology system, they are motivated by a multitude of reasons ranging from protest, profit, challenge, information gathering, recreation, challenge, to evaluation of system’s weaknesses. However, most hacking activities in the cyber-world are normally inspired by malicious or negative intent which spans from political to personal. Whether anarchy-themed security intrusions are performed by individual hackers or political groups, they always result in losses and compromise of crucial company or government data. The Sony hack is perhaps the most fitting example that showcases the pursuit of corporate information by ill-intentioned parties. The most recent is believed to be the Russian influence over the 2016 US presidential elections where Russia is said to have altered the vote outcome.
The theoretically-confirmed cyberattack on Sony Pictures Entertainment (SPE) by North Korean hackers in late 2014 remains one of the most significant cybersecurity infiltrations of the century. Soon after the death of Kim Jong II, North Korea’s power was transitioned to his son Kim Jon Un, who is said to be firmer in his rule than his predecessor. News outlets reported that Kim Jon Un’sgovernment-appointed hackers to, one way or another, threaten the western world and show that it was indeed to be reckoned with. Hence, the assumption is the hack on SPE was politically motivated and was aimed at interfering with the release of the film “The Interview,” a parody plot that featured the assassination of the North Korean Leader.
While one may think that a leader would invite the idea of such a fictional portrayal of themselves in a film, and a humorous interpretation for that matter, it is alleged that North Korea perceived it differently as a terrorist attack. In response, the North Korean government plotted a cyber-attack on SPE to destroy the movie and showcase its might. The result of the attack was the leakage of confidential data, including corporate financial and personal information comprising of emails and social security numbers.What supervened was a joint investigation by the National Security Agency, Federal Bureau of Investigations, and other unnamed organizations in an attempt to verify the culprits.In the course of the investigation, the investigating parties scanned through methods that had been executed in past attacks as well as the network signatures employed by other notorious hackers. Finally, the joint group confirmed that the signatures and techniques had originated from North Korea.
Given the scenario, one cannot be sure whether the outcome would have been altered by any influences. There are many probabilities that could have led to the occurrence of an attack of the same magnitude. In fact, the number of possible motivations is numerous. The current political status of the North Korean nation and its relationship with the rest of the world remains unstable. However, the involvement of the country’s government in cyber-attacks cannot be confirmed entirely. Even so, there are many strategies that companies and governments can implement in order to collect more information about such events in future. Technological innovations have boosted computing power immensely,and there is a need to utilize them effectively especially when it comes to cybersecurity. In particular, they should be used in monitoring information channels on both political and cyber fronts to guarantee the safety and security of vital information. Technology can also be embraced in the improvement of communication between the US and North Korea. It is important to remark that technology alone cannot protect a system against cyber-attacks. It needs to proper management and regular updating in order to fall in line with current standards.
SEP should continue with its normal operations of making and producing movies. Nevertheless, it should install proper and more stringent security mechanisms to avoid similar events in future. With regard to handling the North Korean dilemma, the US should ensure that its critical infrastructure, agencies, companies, and people are safe from data breaches by facilitating the creation of superior security standards and protocols. In general, SEP should proceed with caution in its future ventures, especially the ones that rely onare related to the cyber world. One of the most recommendable measures is continuous monitoring of traffic.
The prevention of successful cyber-attacks can only be executed by implementing and maintaining systems for monitoring, identifying, tracking, and localizing perpetrators. Therefore, the US along with corporate systems should invest in security measures. The US government should particularly seek resolutions to the feud with North Korea via diplomatic means. Once the hackers are identified, they should face punishment according to international law, such as through monetary policies and sanctions in case the government is involved. The final solution should be peaceful, stringent, and indefatigable with regard to the political arena. Personally, I believe the right solution should be to upgrade the current system beyond standards that hackers can infiltrate as well as seek solutions politically with North Korea. Priority should be given to peaceful means.