US pretty darned sure North Korea is behind Sony hack -- but may not say so

To no one’s great surprise, US security officials believe now that the government of North Korea masterminded the hack on Sony Pictures, a conclusion that’s more or less a consensus by now. The New York Times reports that the Obama administration has not yet decided whether to announce that conclusion, and indeed whether it’s fully supportable — and whether it would be worth it to do so in any case:

American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North’s leader that is believed to have led to the cyberattack.

Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was debating whether to publicly accuse North Korea of what amounts to a cyberterrorism attack. Sony capitulated after the hackers threatened additional attacks, perhaps on theaters themselves, if the movie, “The Interview,” was released.

Officials said it was not clear how the White House would respond. Some within the Obama administration argue that the government of Kim Jong-un must be confronted directly. But that raises questions of what actions the administration could credibly threaten, or how much evidence to make public without revealing details of how it determined North Korea’s culpability, including the possible penetration of the North’s computer networks.

Other administration officials said a direct confrontation with the North would provide North Korea with the kind of dispute it covets. Japan, where Sony is an iconic corporate name, has argued that a public accusation could interfere with delicate diplomatic negotiations for the return of Japanese citizens kidnapped years ago.

Part of the problem with a direct accusation is that it would require the US to lay out all of that evidence. David Sanger and Nicole Perlroth’s report suggests that much if it isn’t entirely conclusive. Read past the jump, and the explanations of the tools used in the hack make it clear that there are actually a few potential suspects, at least by the tools involved. Most of these could be eliminated on the basis of motive; for instance, Iran and Saudi Arabia have produced hacks that used these tools, but neither would have a motive to attack Sony. In fact, no one really has a motive to go this hard after Sony except for its competitors (highly unlikely) and Pyongyang, whose motives go beyond a movie and encompass a hatred for Japan.

So let’s say that we’re pretty darned sure that it’s North Korea, if only because it’s impossible to grasp why anyone else would go to so much trouble over a hipster comedy like The Interview, and some of the forensics support that conclusion. In this case, when it might disrupt Japan’s efforts to get its kidnapped citizens returned and military action could potentially result, “pretty darned sure” probably isn’t a great standard for a public accusation. If conclusive evidence has been found, it may not be worth it to expose our capabilities just to accuse North Korea of hacking Sony Pictures, either. Those kinds of capabilities are best kept quiet and used for better purposes.

As far as the theater cancellations, attorneys took to Twitter last night to offer a semi-defense of the chains that pulled out of their distribution deals for The Interview. My friend Kurt Schlichter was among them, and argued that the fault is amongst ourselves and not our stars:

That’s pretty sad, but unfortunately true. If a tinpot dictator used violence to stop a theater from showing a film seventy or eighty years ago, we would have applied American might to send the tinpot dictator into oblivion. Now we would likely blame the theater owner for showing the film and use legal might to sue him into oblivion. So yes, perhaps that lets theater owners off the hook. But then how do you explain this?

Sony executives briefly considered alternative options, including releasing it only via video-on-demand or on television, said a person at the studio. As of Wednesday evening, Sony Pictures had “no further release plans for the film,” said a spokesman.

Comcast Corp. , the nation’s largest cable provider, doesn’t want to offer the movie on-demand due to its political sensitivity, said a person familiar with the company’s thinking.

Can’t blame the lawyers for that decision.  That’s straight-up pusillanimity, bean-counter style.

Finally, it’s still amazing to me that a bad-taste comedy like The Interview has become the testicular test of our age. If we can’t defend that, good luck defending any speech or art that is truly provocative. We have given extremists a playbook to silence us and cow us into submission at will. Don’t be surprised if extremists from Pyongyang to Tehran and the sands of ISIS use it as often as they can manage it.

Update: With that said, the Obama administration doesn’t mind leaking it all over the place:

U.S. officials have concluded that the North Korean government ordered the hacking attack on Sony Pictures Entertainment — a breach that led to the studio cancelling the planned release of “The Interview”. One U.S. official told NBC News that the country “can’t let this go unanswered.”

The officials told NBC News the hacking attack originated outside North Korea, but they believe the individuals behind it were acting on orders from the North Koreans.

Time for a covert op?