The Sony hack and freedom of information

An image of the message by the hacker group, Guardians of Peace to Sony.

The hacking of Sony Pictures has been all in the news. Reddit was one of the first places to talk about the hacking, spreading the picture which was on the computer screens of every computer screen worldwide. [1] Numerous media outlets declared that North Korea was behind the attack, citing government sources, “senior government officials,” “security experts,” and “U.S. officials,” playing into “Sony propaganda.” [2] Later, the FBI followed suit with their own information and declared that North Korea was behind the attack. Since then, numerous individuals have questioned if North Korea was responsible at all for this hack. This article aims to set the record straight about the Sony hack while also explaining why it is important for internet freedom and the freedom of information online.

Setting the stage

Before I discuss the debate about who was behind the hacking, setting the stage on the hacking is a good start. On Monday, November 24, hackers from a group called the Guardians of Peace or GOP, hacked the computers of Sony Pictures, saying they would “release sensitive corporate data taken from the network” by 11pm that day, data that includes “password hints, copies of the passports of some actors attached to Sony films, and maybe even some pirated movies.” These hackers, according to a Bloomberg News article, who were purportedly hacking from Thailand, had a goal to designed “to embarrass Sony, rather than to enrich the perpetrators,” with some saying the hackers may have been “hired contractors.” [3] Additionally, the attack by this hacking group “appears to be aimed at punishing Sony for its actions in the past,” with “an estimated 11,000 gigabytes of files” taken from Sony, with the hackers saying that sensitive data “would be released into the wild if their demands were not met.” TorrentFreak, in the same article, noted that the reports of the hack detail “pirated TV shows which may have been downloaded by Sony staff,” which is ironic. It is important to also note that the hackers who have “have been targeting Sony for years, including in the 2011 attack that took down the PlayStation Network, may have also played a role,” with a group called Lizard Squad possibly having ties to Guardians of Peace, which suggests that both groups may “have worked together on different parts of the Sony Pictures breach.” [4] One must also note that according to simulations run by Trend Micro, the hacker group “probably spent months collecting passwords and mapping the network before they committed a last act of vandalism, setting off a virus that wiped out data and crashed the system in 10 minutes,” a virus which can be used “without a high level of technical sophistication.” [5]

Risk Based Security (RBS) had the best article outlining the events surrounding the Sony hack from November 24th to December 21st. In their article, RBS noted that the hacked information showed a good amount of personal information along with “curious practices at Sony.” Additionally, the article noted that the hackers released “full security certificate information, internal and external account credentials, authentication credentials…for…the Sony YouTube page [and] UPS accounts,” among other things including “financial data of Sony Pictures” in November. That’s not all. By December 7th, the hacking group was threatening Sony employees and the next day the hackers connected their effort, for the first time, to taking down the movie, The Interview. In the following days, the FBI admitted that North Korea wasn’t to blame for the attacks, and the hackers threatened Sony, telling them that they have to receive financial compensation or else there would be “great damage.” Continuing on, the hackers released data showing Sony’s cooperation with “5 major Internet Service Providers (ISPs) to collect full data for monitoring illegal downloads,” and candid emails by Sony execs. Later, the hacking group purportedly called off their war against Sony and they also openly mocked the FBI, calling them idiots.

Who is responsible for the hack?

“Sony Pictures has canceled the release of a comedy on the fictional assassination of North Korea’s leader, in what appears to be an unprecedented victory for Pyongyang and its abilities to wage cyber-warfare.”- Ridiculous quote from Reuters that plays into the North Korea blame game [6]

Now onto the main part of this article. In a recent editorial, the New York Daily News declared that “for the first time since 9/11…America…has allowed the terrorists to win” and that “North Korea’s Kim must be having a rollicking laugh at easily cowing the U.S. into abandoning a comedy that culminates in his assassination.” The problem with this editorial is not its absurdist and ridiculous nature, but that its premise is wrong. North Korea was not involved in the hacking. In an article earlier this month in which the New York Times took what unnamed government sources said for granted about the hacking, admitted that it is unclear how the US linked North Korea to the hacking, and noted that the NSA has worked to penetrate the internet of North Korea:

“It is not clear how the United States determined that Mr. Kim’s government had played a central role in the Sony attacks. North Korea’s computer network has been notoriously difficult to infiltrate. But the National Security Agency began a major effort four years ago to penetrate the country’s computer operations, including its elite cyberteam, and to establish “implants” in the country’s networks that, like a radar system, would monitor the development of malware transmitted from the country. It is hardly a foolproof system. Much of North Korea’s hacking is done from China.” [7]

Following this, is a column by Juan Cole on Truthdig, which asks if the NSA is responsible for the hack of Sony Pictures. While Cole buys the line that North Korea is responsible, he notes that the NSA “has been for two decades a powerful behind-the-scenes lobby for weak internet encryption and privacy protocols” and that it is clear that “the US government is implicated in exposing millions of consumers to such invasions of privacy” which were exploited by hacking groups.

Beyond Juan Cole and the New York Times, there is the fact that the North Koreans denied their role in the cyber-attack despite the fact they used it in their propaganda according to New York Daily News. [8] Additionally, BBC News noted at the end of an article on the hacking noted that “hacking a major corporation to make threatening demands is not a behaviour that has been linked to North Korea in the past, and the hashtag #GOP (Guardians of Peace) – used in the Sony attack – is not known to have been used by Pyongyang.” [9] This in and of itself should be a red flag that North Korea is not involved in the attack. Interestingly, the North Korean government has also proposed a joint inquiry with the United States to investigate the hacking, while chastising the US for accusing them for the hacking, and threatening them with consequences if they don’t comply (which is probably just playing into the “madman theory” [10] Later, the US government took an aggressive stand with humanitarian interventionist and US Ambassador to the UN, Samantha Power declaring that North Korea threatening the US if it didn’t help them in the investigation as “absurd” since she says that their state “carried out” the attack, as reported by Democracy Now!

Samantha Power’s assertion that North Korea was behind the hacking is wrong because not only did the FBI deny it before their statement to the contrary, but Sony itself said North Korea wasn’t the source of the hacking. An article in the New York Daily News in early December noted a statement by a representative of Sony Pictures to the Associated Press which said that “the investigation continues into this very sophisticated cyber-attack. The Re/code story is not accurate,” and that North Korea wasn’t responsible. Despite this denial, news outlets like Bloomberg interpreted this as Sony claiming that North Korea was responsible. [11] There are a number of other articles following this, saying that North Korea isn’t responsible, with Kim Zetter in Wired saying that the evidence is flimsy, Security researcher Ken Westin saying that it is irresponsible to blame North Korea, and Martyn Williams for North Korea Tech saying that North Korea isn’t involved. Additionally, security commentator Marc Rodgers said that Sony hack is unlikely to be the work of North Korea, and FBI snitch and former hacker, Sabu, even wasn’t convinced that North Korea had a role in the Sony attack. Then there’s Larry Wilkerson, a former Bush administration official who was chief of staff to Colin Powell, who recently told Paul Jay of the Real News Network that there is an agenda to blame North Korea, with the media making a “mountain out of a mole hill,” and that blaming them is “great for Sony.” To finish this up, there’s an article on a WordPress blog titled Fabius Maximus which lists articles questioning if North Korea is involved in the hack and a great storify by Tim Shorrock about how there is no solid evidence that North Korea is behind the hacking.

The best article that refutes North Korea’s role in the hacking is by Marc Rodgers, the Director of security operations for the world’s biggest hacker conference, DEF CON. Here are some of the highlights from that article:

“All the evidence leads me to believe that the great Sony Pictures hack of 2014 is far more likely to be the work of one disgruntled employee facing a pink slip….it is not remotely plausible evidence that this attack was therefore orchestrated by North Korea…Even if these prior attacks were co-ordinated by North Korea—and plenty of security experts including me doubt that—the fact that the same piece of malware appeared in the Sony hack is far from being convincing evidence that the same hackers were responsible…Just because a system with a particular IP address was used for cybercrime doesn’t mean that from now on every time you see that IP address you can link it to cybercrime. Plus, while sometimes IPs can be “permanent”, at other times IPs last just a few seconds. It isn’t the IP address that the FBI should be paying attention to. Rather it’s the server or service that’s behind it…This isn’t in the least bit surprising: in order to avoid attribution cybercriminals routinely use things like proxies to conceal their connections. No sign of any North Koreans, just lots of common, or garden, internet cybercriminals…If we turn the debate around, and look at some evidence that the North Koreans might NOT be behind the Sony hack, the picture looks significantly clearer. 1. First of all, there is the fact that the attackers only brought up the anti-North Korean bias of “The Interview” after the media did—the film was never mentioned by the hackers right at the start of their campaign…2. The hackers dumped the data…3. Blaming North Korea offers an easy way out for the many, many people who allowed this debacle to happen; from Sony Pictures management through to the security team that were defending Sony Picture’s network. 4. You don’t need to be a conspiracy theorist to see that blaming North Korea is quite convenient for the FBI and the current U.S. administration…5. Hard-coded paths and passwords in the malware make it clear that whoever wrote the code had extensive knowledge of Sony’s internal architecture and access to key passwords…I am no fan of the North Korean regime. However I believe that calling out a foreign nation over a cybercrime of this magnitude should never have been undertaken on such weak evidence.”

Some have followed the viewpoint of Rodgers, writing about how the hack reveals a close bond between corporate and state interests, and an article in Hollywood Reporter where Hemanshu Nigam, a cybersecurity expert, is quoted as theorizing that “an employee or ex-employee with administrative access privileges is a more likely suspect” of the hacking, as they would have reason to engage in hacking. Then, there is an interesting article by David Seaton questioning if Russia committed the Sony hack and then blamed it on North Korea. In my view, there are some indications that Sony insiders were behind the attack, like messages describing the CEO of Sony as a “criminal.” However, while this explanation makes sense, I don’t want to jump to any wild speculations, it makes more sense to just say that its unknown who is actually behind the hack other than a group called Guardians of Peace.

The hack and Sony’s goals during the hacking debacle

“One reason I insist Sony hack ab[ou]t property, not speech, is b[e]c[ause] released files are ALSO ab[ou]t property: may provide better read on culprits.”- Investigative journalist Marcy Wheeler [12]

From November 24th, after which Sony threatened journalists for reporting on the leaked information and told Twitter to ban twitter users who link to the leaks, to now when Sony decided to release ‘The Interview’ next year, Sony’s goals seem a bit shady. Not only was Sony was “hacked and blackmailed” as some have called it, but as Bruce Schneider put it, this was a regular hack which is “phenomenally awesome hack [because] they completely owned this company” and they threatened violence “because it’s fun for them…for the lulz.”

Onto another related subject: responses to The Interview not been screened in theaters. There was an interesting article in Jacobin, a paramount socialist magazine of the Left, by Eileen Jones, who wrote that there is one effect of The Interview being stopped: “Seth Rogen and James Franco have been temporarily silenced” which means that “the smirks are wiped off their pampered man-baby faces.” Jones also wrote that Rogen and Franco got bodyguards, people who “have helped to poison American film comedy for a generation,” and that the hack showed that the “grotesque idiocy” in American culture. This mention of idiocy was similar to to Peter Singer’s article in Vice in which he wrote that “we are in the realm of beyond stupid” with responses to the Sony hack and that the threats of violence by the hacking group couldn’t have even been carried out anyway. There was also an article declaring that the hack was “Hollywood’s Snowden Moment,” an article declaring that Sony was right for nixing ‘The Interview’ and President Obama’s comment that Sony made a mistake for canceling the movie.

One must look beyond ‘The Interview.’ One could argue that Sony would have an interest to release the movie because there has almost been free advertising for it with discussion about in the media since November 24th. In fact, they could follow the hilarious lead of a video on liveleak and make the Sony Pictures hack to be a film in and of itself. Still, as Binoy Kampmark wrote in CounterPunch the hack revealed how films get made, caught the “small army of Sony employees…in [the]…crossfire,” that Sony tactically “caved” by suggesting “alternative platforms for releasing the film” and that there was a “political stake in the film” while the “empire has been ambushed.” This doesn’t tell the full reason behind Sony’s actions, which is concerned about their property, as noted by quotes from articles in the New York Daily News [13]:

“The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it.”- Sony spokeswoman

“We are writing to ensure that you [the media?] are aware that (Sony) does not consent to your possession, review copying, dissemination, publication, uploading, downloading or making any use of stolen information, and to request your cooperation in destroying the stolen information.”- David Boies, an antitrust lawyer in the Clinton administration who now works for Sony

EON productions and MGM Studios, which co-own the ‘Bond brand’ said that they would “take all necessary steps to protect their rights against the persons who stole the screenplay, and against anyone who makes infringing uses of it or attempts to take commercial advantage of confidential property [the script to the next James Bond movie] it knows to be stolen.”

Who wins and loses from the Sony hack?

There is something more to note: the winners and losers of the Sony hack. There is one group that is rarely mentioned that would lose out: major movie chains. As noted in a recent article in the New York Times, major “multiplex operators” like Regal, AMC, Cinemark and Carmike haven’t agreed to show ‘The Interview’ due to hyped “security concerns” and as a result Sony is releasing the movie to “2,000 North American screens,” which includes “200 smaller theaters” and many of “America’s 500 or so art houses.” [14] In addition, Sony announced that it would release the movie online for rent for $6.00 or purchased for $15.000 “on Google Play, YouTube Movies, Microsoft’s Xbox Video, and the [movie’s] website.” This move could set a trend for other movie studios to avoid the major movie chains in the US (AMC, Regal, and Cinemark), releasing their movies online and to smaller theaters. This already happens to some extent, especially with independent filmmakers, but this Sony hack could lead more studios to do this with their movies, which would undercut the big movie chains.

Then there’s what Krypt3ia, a WordPress blogger, argued where the winners and losers of the hack. For winners the blogger said that these groups include Sony itself, cyber war experts, “cyber chicken hawks,” anyone who has an agenda against North Korea, the hacker group Guardians of Peace, lawyers and many more. Krypt3ia goes on to argue that losers of the Sony hack are sane people, any people who “have a clue about hacking and the world of network security,” America’s national reputation, freedom of expression, those companies that offer “cyber insurance” and so on.

These words are right on when one considers the declaration by Newt Gingrich, the former speaker of the House of Representatives, that “with the Sony collapse, America has lost its first cyber war. This is a very dangerous precedent.” [6] I’m not sure what Gingrich is talking about, as there was no “cyber war,” and he is acting like an expert in what countries the US is at war with, which he is not. Then there’s Richard Haass, the President of the Council of Foreign Relations (CFR) [15], who declared recently in the Wall Street Journal the following:

“Ideas range from a cyberattack to weaken North Korean political and military assets to relisting the country as a state sponsor of terrorism, presumably accompanied by new sanctions. These ideas are fine as far as they go, but they don’t go far enough. The serious threat posed by North Korea far transcends cyberspace. Only one approach is commensurate with the challenge: ending North Korea’s existence as an independent entity and reunifying the Korean Peninsula..The priority must be to persuade China that the demise of North Korea need not be something to fear…the U.S. needs to work with South Korea (and, if possible, Japan) to try to undermine North Korea from within…Such an outcome is surely ambitious and working to bring it about is not without risks—but no one should underestimate for a moment the costs and dangers of the alternative we have been living with for all too long.” [16]

This opinion piece basically justifies the US and its allies going in with military force to “end” North Korea, along with secret CIA covert operations to undermine the North Korean government. This never should be acceptable by any stretch of the imagination and a completely absurd proposal since the North Korea is NOT responsible for the hacking. The United States government has no right to engage in such operations not only because they would violate international (and likely domestic) law, but they are highly unethical. Just because the CIA and US government as a whole has followed approaches similar to Haass throughout US history doesn’t make it right at all.

Haass’s opinion is important for another reason: the downing of North Korea’s internet recently. As a recent Reuters article noted, North Korea “experienced a complete Internet outage for hours before links were restored on Tuesday” and unnamed US officials (once again) denied the involvement of the US government. [17] On another note, the Chinese Foreign Ministry argued that “there was no proof that North Korea was responsible for the Sony hacking,” which the US promptly ignored. [17] Back to the downing of North Korea’s internet, there was an interesting comment by whistleblower Edward Snowden in August 2014 to Wired magazine in which he claimed that NSA hackers accidentally caused “Syria to suddenly lose all connection to the Internet” as they were trying to exploit information from the country’s internet servers, and that they tried to fix the internet connection but failed. If this is possible, then there is a possibility that the US government is behind it, as suggested by numerous twitter users and an analyst for Chatham House, Dr. John Swenson-Wright, even as other analysts debate if the US government is responsible. [18] Whether the US government is responsible or not is debatable, but if the US government does engage in cyberattacks of that caliber then they would be going into dangerous waters where there is no return. After all, as the Pentagon declared in 2011 in their first cyber strategy, “computer sabotage coming from another country can constitute an act of war” which opens the way to using “traditional military force” like ground troops, and bombing. [19]

My further comment on the “Sony saga”

The saga that has played out since November 29th in regards to Sony has been very informative. Its clear that ‘The Interview’ was never the real concern for Sony but it was rather their stolen information which is grandiosely called “intellectual property.” As for the US government, it has its own concerns which can be fulfilled by blaming North Korea. If there is enough of a threat, even of a manufactured enemy, as in this case, then there can be a justification for laws that are more internet-restrictive. Hence the government would work to clamp down on internet to further government interests. Such cybersecurity laws would also benefit the big movie studios who are still angry about the defeat of SOPA, PIPA, and CISPA in recent years. These reasons were mentioned by alternative journalist Luke Rudkowski who I have been wary of in the past for being conspiratorial but was pretty moderate in this video about the hacking.

This hacking is important for a reason beyond the interests of government of corporate elites. It relates to the fight for free information. This brings to mind what journalist Abby Martin recently reminded us about Aaron Swartz on Media Roots:

“The majority of the wealth of human knowledge is owned by a few publishing companies that hoard information and make billions off licensing fees, although most scholarly articles and journals are paid for by taxpayers through government grants. Aaron sought to change this. He wrote about his plans to release academic journals and expressed outrage about prosecutorial overreach…Aaron praised the internet’s ability to give everyone a license to speak, but noted how many of those voices won’t get heard, which is why he dedicated the last year of his life leading the charge against corporate monopolization of the web with legislation like SOPA and PIPA.”

This recent hack relates directly to information freedom because certain companies like Sony are aggressively trying to defend their data from behind “misused.” As netizens, we can’t let that happen. One could engage in what people such as Stefan Wray have called electronic civil disobedience (ECD), meaning that the “concepts of civil disobedience on the streets” would be applied to the “actions on the internet” with possibly the “downloading of content via file-sharing servers” considered as ECD. But even ECD is just a tactic and used wisely, not to leak personal information of corporate employees like passwords and phone numbers as numerous hacker groups like Guardians of Peace and Anonymous [20] have done. I am not exactly sure what can be done, but it is clear that there must be a movement online and offline not only to protect the freedom of the internet from government and corporate censorship, but from surveillance by governments and corporations along with a goal to demand that all information be free, not holed up and controlled by a few. That’s all I have to say.


[1] See reddit threads here, here, and here, among many others.

[2] When I say “numerous media outlets” I’m talking about are New York Times, Reuters, and NBC News. Other outlets used these officials as well. These sources, along with what the FBI said, caused some outlets such as Slate and Vox to conclude that North Korea was behind the attack.

[3] Bloomberg, December 7, 2014, “Sony’s Breach Stretched From Thai Hotel to Hollywood.” I don’t agree with the connection of North Korea to the hacking, but the article still shares some interesting details about the hacking itself.

[4] Bloomberg, December 23, 2014, “North Korea May Have Had Help From the Hackers Who Hit Sony in 2011.” While I don’t agree on North Korea being responsible for the attack, this article is good in connecting the dots between the Guardians of Peace and Lizard Squad, another hacking group.

[5] Bloomberg, December 22, 2014, “Sony Hackers Snooped for Months, Then Planted 10-Minute Time Bomb.” I don’t agree with the connection with North Korea, but the information about the Sony Hackers is informative.

[6] Reuters, December 18, 2014, “Sony cancels N. Korea movie in apparent win for Pyongyang hackers.”

[7] New York Times, December 17th 2014, “U.S. Said To Find North Korea Ordered Cyberattack on Sony”

[8] See articles here and here.

[9] BBC News, December 2, 2014, “North Korea refuses to deny Sony Pictures cyber-attack.”

[10] BBC News, December 20, 2014, “North Korea proposes joint Sony hack inquiry with US.”

[11] Bloomberg, December 4, 2014, “Sony Probe Said to Have Linked North Korea to Cyberattack.”

[12] See this tweet by Marcy Wheeler

[13] See articles here and here.

[14] New York Times, December 23, 2014, “Sony, in About-Face, Will Screen ‘The Interview’ in a Small Run.”

[15] The CFR is said by conspiracy theorists to the center of a conspiracy in the US, but as G. William Domhoff notes, it is “a mere policy discussion forum,” which is not as powerful as it once was. While CFR had a key part in shaping postwar foreign policy of the United States, it is, in Domhoff’s words “no longer the only game in town when it comes to foreign policy, because other policy-discussion groups and think tanks concerned with foreign policy have been created.”

[16] Wall Street Journal opinion, December 23, 2014, “Time to End the North Korean Threat.”

[17] Reuters, December 23, 2014, “North Korea’s Internet links restored amid U.S. hacking dispute.”

[18] ABC (Australian Broadcasting Corporation), December 23, 2014, “Sony hack: Internet reacts to North Korea web shutdown”; The Telegraph, December 23, 2014, “Analyst: US possibly behind North Korea’s Internet shutdown”; Politico, December 23, 2014, “No rules of cyber war”; Politico, December 22, 2014, “Were hackers behind North Korea outage?”

[19] Wall Street Journal, May 31, 2011, “Cyber Combat: Act of War.”

[20] While Anonymous fights for good causes for the most part, I’m not sure how much leaking personal information of people is always justified. If its information about a person who committed a hacker that’s one thing, but if its an innocent employee working at a mega-corporation like Sony who is caught in the crossfire, then that’s not acceptable.

Leave a comment