Selling the Rope

There’s a wisecrack attributed to V. I. Ulyanov, “Lenin”, that a capitalist will sell you the rope you will use to hang him. The media are full of umbrage over the apparent North Korean hacking of Sony’s film division and the subsequent pulling of an offensive comedy by Seth Rogen and James Franco scheduled for release next week:

The U.S. will have to respond in some way, likely in concert with our ally Japan. (Sony is a Japanese company.) This isn’t just an economic loss for Sony, it’s a threat to all American corporations, businesses and individuals.
Was Sony lax about its cybersecurity? Probably. But the company doesn’t deserve all of the financial losses, class-action lawsuits, and humiliation with which it has been hit.
The truth is that there isn’t any kind of cybersecurity that could keep a company safe from each and every hack.
The Internet was designed for openness, and as the pitfalls of this design become more and more expensive, all Internet users will have to make choices balancing openness with security. Smart security design may be the next big Internet boom — not because consumers demand it, but because businesses do.
As for “The Interview,” we urge Sony to release it for home video, at least. The movie deserves a viewing — and North Korea doesn’t deserve to win this fight.

There appears to be evidence that North Korea was, indeed, behind the hacking and blackmail:

Washington (CNN) — U.S. investigators have evidence that hackers stole the computer credentials of a system administrator to get access to Sony’s computer system, allowing them broad access, U.S. officials briefed on the investigation tell CNN. The finding is one reason why U.S. investigators do not believe the attack on Sony was aided by someone on the inside, the officials tell CNN.
The revelation is part of what is behind the government’s conclusion that hackers operating on behalf of North Korea were responsible. The government is expected to publicly blame the reclusive regime as early as Friday. The hackers ability to gain access to the passwords of a top-level information technology employee allowed them to have “keys to the entire building,” one official said.

and there have been some vague threats of a proportional response. Pat Lang has some ideas on that subject. In fine Jacksonian form he declaims:

If it is established that the North Korean government and/or its agents attacked Sony then I say, let slip the dogs of cyberwar. Hacking? You like hacking and destructive cyberwar activity? Hah! We will burn your servers into piles of smoldering kimchi !!

My preference would be for the U. S. to offer bounties to people who can produce evidence that they’ve brought down North Korean servers. A sort of market-based system for cyberwarfare.

There’s an irony in the hacking. The U. S. did invent the Internet after all. North Korea’s Internet connections run through China and Russia. Germany hosts servers for North Korea. If we’re not carefully explaining the implications to North Korea’s patrons, we’re making a serious error.

2 comments… add one
  • ...

    It’s easy to imagine that others might pull this off hoping to implicate NK so as to distract the US from other places. Not China, but Russia & Iran especially. Or even Taiwan, hoping to draw China into conflict with the US on the Korean peninsula rather than near Taiwan.

    And I believe what you’re describing, Dave, are emails of marque.

  • ...

    Come on, people, email of marque is good stuff!

Leave a Comment