Two Overlooked Lessons From the North Korea Sony Hack

As disturbing as the North Korean cyberattack against the computers of Sony Pictures is, many reporters and politicians are overlooking two important lessons from this incident.

First, although North Korea’s “Bureau 121” reportedly has 1,800 computer hackers devoted to waging cyberwar against the country’s enemies, the threat from this program is insignificant compared to the threat posed by the much larger offensive cyber warfare efforts of China and Russia. Several other nations such as Iran and Belarus also have state-sponsored cyber warfare programs that are probably larger than North Korea’s.

Russian and Chinese cyberwarfare programs allegedly have targeted U.S. infrastructure. According to an April 8, 2009 Wall Street Journal article, spies from Russia, China and other countries reportedly “have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system.”

ABC News reported last month that a destructive “Trojan horse” program has penetrated software that runs much of America’s critical infrastructure, including oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. According to the Department of Homeland Security, Russian hackers backed by the Russian government were behind this malware.

A 2013 report by the U.S. internet security firm Mandiant described massive Chinese cyber warfare efforts against U.S. government, business and infrastructure targets.

According to the report, these efforts had direct backing from the Chinese government and are headquartered in a PLA facility in Shanghai. (Unit 61398 of the 3rd Department of the Chinese People’s Liberation Army.) Chinese hackers reportedly have also stolen sensitive U.S. military technology, including technology incorporated into China’s new J-20 stealth fighter and the designs of more than two dozen major U.S. weapons systems.

Due to the growing threat from China’s cyberware efforts to the United States, the Center for Security Policy held a press conference last July to warn of the risks of the initial public offering of stock from Chinese internet giant Alibaba on the New York Stock Exchange. After a two month delay, the Alibaba NYSE IPO occurred on September 22, 2014.

Russian hackers reportedly were behind a December 2013 cyberattack that compromised the credit card numbers and other personal information of up to 110 million Target customers. Last week, Staples revealed that hackers stole personal data from 1.2 million customer credit cards.

Last October, the Heritage Foundation issued a report on 26 cyberattacks against U.S. companies that took place between January and October 2014. Click HERE to read. Russian or Chinese hackers are believed to have been behind many of these attacks.

Cylance, a U.S. cybersecurity company, said in a report issued this month that Iran was the source of coordinated cyber attacks against more than 50 targets in 16 countries, many of them corporate and government entities that manage critical energy, transportation and medical services. Some of the U.S. targets were a Navy-Marine computer network, a major airline, a medical university, an energy company that specializes in natural gas production, an automobile manufacturer, a military installation and a large military contractor.

If North Korea was able to easily conduct a crippling cyber attack against a major multinational company’s computer system, it is reasonable to assume that the cyber warfare programs of China, Russia and Iran have penetrated U.S. government and corporate computers on a much larger scale and are poised to launch cyberattacks that could do severe damage to the U.S. economy and infrastructure that may cost lives.

The second lesson is how the North Korean cyberattack on Sony indicates cybersecurity at many companies is woefully inadequate. U.S. intelligence agencies have been warning for years that American companies – especially small companies – have not taken cyberthreats seriously. Senator John McCain recently faulted Sony’s inadequate cybersecurity for the North Korean cyberattack on its computers and noted this has happened to many companies that tried to cut corners by using bare bones cybersecurity protections.

McCain also harshly criticized the Obama administration for Sony’s decision to cancel the movie “The Interview,” a comedy about the assassination of North Korean leader Kim Jong Un, in response to North Korean cyberattacks. McCain said in a statement, “But make no mistake. The need for Sony Pictures to make that decision ultimately arose from the Administration’s continuing failure to satisfactorily address the use of cyber weapons by our nation’s enemies.”

Some pundits have said the North Korean cyberattack on Sony indicates the United States is losing the cyberwar. I believe the U.S. is losing this war but that the Sony incident is only a small battle in a much larger war being waged by more dangerous state-sponsored cyberwarfare programs.

The best response to the Sony hack is not to look for ways to retaliate against North Korea which would probably prove pointless. U.S. officials should instead focus on winning the larger cyberwar by developing better offensive and defensive cyberwarfare capabilities. The government also could do much more to educate private industry on the importance of defending computer systems against cyberattacks and work with U.S. allies and technology companies to develop better defenses.

Originally published in Newsmax