Breach, Threat Management, Data Security, Incident Response, TDR

White House calls Sony hack a “serious national security matter,” gov’t mulls proper response

Sony Pictures has scrapped the Christmas movie release of “The Interview,” a film that stirred threats from hackers believed to have stolen and leaked sensitive data belonging to the company – but the U.S. is reportedly mulling over its own response to the attack, now deemed a national security issue.

On Thursday, White House Press Secretary Josh Earnest told reporters that senior members of the intelligence community as well as law enforcement officials were following the Sony hack. NBC News posted a video of Earnest's media address.

“This is something that's being treated as a serious national security matter,” Earnest said of the Sony Pictures attack. “There is evidence to indicate that we have seen destructive activity with malicious intent that was initiated by a sophisticated actor. It is being treated by those investigative agencies, both at the FBI and the Department of Justice, as seriously as you would expect.”

Earnest added that the cyber attack has been the subject of daily meetings occurring at the White House.  

A month after attackers hacked into Sony Pictures Entertainment's network, sensitive, damaging and embarrassing information is still leaking out to the public. Now, new reports suggest that the Obama administration is considering taking action in response to the attacks, and hasn't ruled out cyber retaliation against believed perpetrators acting under North Korea's direction, or financial sanctions.

Earlier this week, hacker threats against Sony escalated, from promises of leaking more stolen information, to 9/11-style attacks on movie theaters showing “The Interview,” a comedy about a planned assassination on North Korean leader Kim Jong Un.

On Thursday, James A. Lewis, director and senior fellow of the strategic technologies program at the Center for Strategic and International Studies (CSIS) told SCMagazine.com that, as far as he was concerned, skepticism over attributing the attacks to North Korea is misplaced.

“It's something the North Koreans have done in the past – I don't know how much more people want,” Lewis said, referencing similar attacks on South Korean organizations (by the Dark Seoul cyber gang) last year. “What they've done in the past has been entirely directed at South Korea, the new thing here is targeting the U.S.”

Earlier this month, the FBI issued a confidential “flash” alert to businesses, warning that data-wiping malware had been used in a U.S. attack. The alert quickly led to speculation that Sony was the intended target of the attack, given the timing of the memo.

Jim Penrose, EVP of Cyber Intelligence at Darktrace, told SCMagazine.com in a Thursday interview that, beyond attribution, the bigger concern lies in what steps will be taken next to mitigate future breaches of similar scope.

“I think that's fundamentally the biggest challenge to companies and governments – how do you react in a decisive way that mitigates the threat…and not alienate your allies in the process?"

Penrose explained that cyber self-defense might entail making systems inoperable in locations indirectly involved in cyber attacks, as hackers often rely on infrastructure in various places to pull off malicious exploits.

It was reported this week, for instance, that hackers leveraged the network of a Bangkok hotel to leak Sony data.

Penrose added that the government should act to set policy “that holds people accountable without alienating allies around the world that might be willing to help.”

“That's the challenging policy issue for the government,” he noted later. “How do you actually establish these cyber norms we are trying to achieve?”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.