An affordable price is probably the major benefit persuading people to buy drugs at www.americanbestpills.com. The cost of medications in Canadian drugstores is considerably lower than anywhere else simply because the medications here are oriented on international customers. In many cases, you will be able to cut your costs to a great extent and probably even save up a big fortune on your prescription drugs. What's more, pharmacies of Canada offer free-of-charge shipping, which is a convenient addition to all other benefits on offer. Cheap price is especially appealing to those users who are tight on a budget
Service Quality and Reputation
Although some believe that buying online is buying a pig in the poke, it is not. Canadian online pharmacies are excellent sources of information and are open for discussions. There one can read tons of users' feedback, where they share their experience of using a particular pharmacy, say what they like or do not like about the drugs and/or service. Reputable online pharmacy canadianrxon.com take this feedback into consideration and rely on it as a kind of expert advice, which helps them constantly improve they service and ensure that their clients buy safe and effective drugs. Last, but not least is their striving to attract professional doctors. As a result, users can directly contact a qualified doctor and ask whatever questions they have about a particular drug. Most likely, a doctor will ask several questions about the condition, for which the drug is going to be used. Based on this information, he or she will advise to use or not to use this medication.
If the whole truth bubbled to the surface on just how deep, far and wide cyber attacks hit America, they would truly be the most significant threats known to the West. Hackers hit targets in America so often daily that they cannot be measured for frequency or damage, but expert estimates are known and not revealed.
When it comes to the recent Sony hack and that of Xbox and PlayStation, black-hat types are brought in to investigate and opinions are set in motion. Even with all the attention paid to Sony, to date a culprit has not been fingered and certainly no punishment is forthcoming.
So, was the Sony hack really performed by North Korea? Was it at the hands of China as a proxy? Heck was it Russia or Iran? Was it an inside job working in collusion with both domestic and foreign entities? No one really knows or there is a refusal to explain. This is a major problem itself as blame may be misplaced for the sake of fouled diplomacy, fear of future retributions or the possibility of wide-spread panic across the country.
Update: On his last press conference of the year, Barack Obama said that Sony made a mistake by surrendering to the threats posed by the hacks and Barack said he wished that the leadership of Sony has spoken to him personally. Well the truth is, Sony DID call the White House and explained the matter in detail to Obama’s senior staff. Obama lied.
FBI Director James Comey gave an intense interview about cyber war and the risks to America. The single most important job of government is to keep the homeland safe and to ensure national defense and national security. You can bet that real events and the depth of the cyber damage to America is not being told. So how bad could it be? That answer is left up to us. Yet the FBI did publish a statement on the Sony investigation.
Cybercrime is one of the priorities for the FBI, which has 13,260 special agents across the country, according to the agency.
Comey said he sees a “tremendous amount of cyberespionage going on — the Chinese being prominent among them, looking to steal our intellectual property.”
“I see a whole lot of hacktivists, I see a whole lot of international criminal gangs, very sophisticated thieves,” he said. “I see people hurting kids, tons of pedophiles, an explosion of child pornography.”
Cybercrime is one of the priorities for the FBI, which has 13,260 special agents across the country, including on Oahu, Maui and Hawaii island, according to the agency. The FBI had an $8.3 billion budget in fiscal 2014.
On Friday, the FBIofficially named North Korea as the party responsible for a cyber attack and email theft against Sony Pictures. The Sony hack saw many studio executives’ sensitive and embarrassing emails leaked online. The hackers threatened to attack theaters on the opening day of the offending film, “The Interview,” and Sony pulled the plug on the movie, effectively censoring a major Hollywood studio.
The end of “The Interview” is not the end of the world. Technology journalists were quick to point out that, even though the cyber attack could be attributable to a nation state actor, it wasn’t particularly sophisticated. Ars Technica’s Sean Gallagher likened it to a “software pipe bomb.” The fallout, of course, was limited. And while President Barack Obama vowed to respond to the attack, he also said it was a mistake for Sony to back down.
“I think all of us have to anticipate occasionally there are going to be breaches like this. They’re going to be costly. They’re going to be serious. We take them with the utmost seriousness. But we can’t start changing our patterns of behavior any more than we stop going to a football game because there might be the possibility of a terrorist attack; any more than Boston didn’t run its marathon this year because of the possibility that somebody might try to cause harm. So, let’s not get into that — that way of doing business,” he said at a White House briefing on Friday.
But according to cyber-security professionals, the Sony hack may be a prelude to a cyber attack on United States infrastructure that could occur in 2015, as a result of a very different, self-inflicted document dump from the Department of Homeland Security in July.
Here’s the background: On July 3, DHS, which plays “key role” in responding to cyber-attacks on the nation, replied to a Freedom of Information Act (FOIA) request on a malware attack on Google called “Operation Aurora.”
Unfortunately, as Threatpost writer Dennis Fisher reports, DHS officials made a grave error in their response. DHS released more than 800 pages of documents related not to Operation Aurora but rather the Aurora Project, a 2007 research effort led by Idaho National Laboratory demonstrating how easy it was to hack elements in power and water systems.
Oops.
The Aurora Project exposed a vulnerability common to many electrical generators, water pumps and other pieces of infrastructure, wherein an attacker remotely opens and closes key circuit breakers, throwing the machine’s rotating parts out of synchronization causing parts of the system to break down.
In 2007, in an effort to caste light on the vulnerability that was common to many electrical components, researchers from Idaho National Lab staged an Aurora attack live on CNN. The video is below.
“The Aurora vulnerability affects much more than rotating equipment inside power plants. It affects nearly every electricity system worldwide and potentially any rotating equipment—whether it generates power or is essential to an industrial or commercial facility.”
The article was written by Michael Swearingen, then manager for regulatory policy for Tri-County Electric Cooperative (now retired), Steven Brunasso, a technology operations manager for a municipal electric utility, Booz Allen Hamilton critical infrastructure specialist Dennis Huber and Joe Weiss, a managing partner for Applied Control Solutions.
Weiss today is a Defense Department subcontractor working with the Navy’s Mission Assurance Division. His specific focus is fixing Aurora vulnerabilities. He calls DHS’s error “breathtaking.”
The vast majority of the 800 or so pages are of no consequence, says Weiss, but a small number contain information that could be extremely useful to someone looking to perpetrate an attack. “Three of their slides constitute a hit list of critical infrastructure. They tell you by name which [Pacific Gas and Electric] substations you could use to destroy parts of grid. They give the name of all the large pumping stations in California.”
The publicly available documents that DHS released do indeed contain the names and physical locations of specific Pacific Gas and Electric Substations that may be vulnerable to attack.
Defense One shared the documents with Jeffrey Carr, CEO of the cyber-security firm Taia Global and the author of Inside Cyber Warfare: Mapping the Cyber Underworld. “I’d agree…This release certainly didn’t help make our critical infrastructure any safer and for certain types of attackers, this information could save them some time in their pre-attack planning,” he said.
Perpetrating an Aurora attack is not easy, but it becomes much easier the more knowledge a would-be attacker has on the specific equipment they may want to target.
How easy is it to launch an Aurora attack?
In this 2011 paper for the Protective Relay Engineers’ 64th Annual Conference, Mark Zeller, a service provider with Schweitzer Engineering Laborites lays out—broadly—the information an attacker would have to have to execute a successful Aurora attack. “The perpetrator must have knowledge of the local power system, know and understand the power system interconnections, initiate the attack under vulnerable system load and impedance conditions and select a breaker capable of opening and closing quickly enough to operate within the vulnerability window.”
“Assuming the attack is initiated via remote electronic access, the perpetrator needs to understand and violate the electronic media, find a communications link that is not encrypted or is unknown to the operator, ensure no access alarm is sent to the operators, know all passwords, or enter a system that has no authentication.”
That sounds like a lot of hurdles to jump over. But utilities commonly rely on publicly available equipment and common communication protocols (DNP, Modbus, IEC 60870-5-103, IEC 61850, Telnet, QUIC4/QUIN, and Cooper 2179) to handle links between different parts their systems. It makes equipment easier to run, maintain, repair and replace. But in that convenience lies vulnerability.
In their Power Magazine article, the authors point out that “compromising any of these protocols would allow the malicious party to control these systems outside utility operations.”
Defense One reached out to DHS to ask them if they saw any risk in the accidental document dump. A DHS official wrote back with this response: “As part of a recent Freedom of Information Act (FOIA) request related to Operation Aurora, the Department of Homeland Security (DHS) National Programs and Protection Directorate provided several previously released documents to the requestor. It appears that those documents may not have been specifically what the requestor was seeking; however, the documents were thoroughly reviewed for sensitive or classified information prior to their release to ensure that critical infrastructure security would not be compromised.”
Weiss calls the response “nonsense.”
The risk posed by DHS accidental document release may be large, as Weiss argues, or nonexistent, as DHS would have you believe. But even if it’s the latter, Aurora vulnerabilities remain a key concern.
Perry Pederson, who was the director of Control Systems Security Program at DHS in 2007 when the Aurora vulnerability was first exposed, said as much in a blog post in July after the vulnerability was discovered. He doesn’t lay blame at the feet of DHS. But his words echo those of Weiss in their urgency.
“Fast forward to 2014. What have we learned about the protection of critical cyber-physical assets? Based on various open source media reports in just the first half of 2014, we don’t seem to be learning how to defend at the same rate as others are learning to breach.”
Aurora vs. the Sony Hack
In many ways the Aurora vulnerability is a much harder problem to defend against than the Sony hack, simply because there is no obvious incentive for any utility operator to take any of the relatively simple costs necessary to defend against it. And they are simple. Weiss says that a commonly available device installed on vulnerable equipment could effectively solve the problem, making it impossible to make the moving parts spin out of synchronization. There are two devices on the market iGR-933 rotating equipment isolation device (REID) and an SEL 751A, that purport to shield equipment from “out-of-phase” states.
To his knowledge, Weiss says, Pacific Gas and Electric has not installed any of them anywhere, even though the Defense Department will actually give them away to utility companies that want them, simply because DOD has an interest in making sure that bases don’t have to rely on backup power and water in the event of a blackout. “DOD bought several of the iGR-933, they bought them to give them away to utilities with critical substations,” Weiss said. “Even though DOD was trying to give them away, they couldn’t give them to any of the utilities because any facility they put them in would become a ‘critical facility’ and the facility would be open to NERC–CIP audits.”
Aurora is not a zero-day vulnerability, an attack that exploits an entirely new vector giving the victim “zero days” to figure out a patch. The problem is that there is no way to know that they are being implemented until someone, North Korea or someone else, chooses to exploit them.
Can North Korea pull of an Aurora vulnerability? Weiss says yes. “North Korea and Iran and are capable of doing things like this.”
Would such an attack constitute an act of cyber war? The answer is maybe. Speaking to reporters at the Pentagon on Friday, Pentagon Press Secretary Rear Adm. John Kirby said “I’m also not able to lay out in any specificity for you what would be or wouldn’t be an act of war in the cyber domain. It’s not like there’s a demarcation line that exists in some sort of fixed space on what is or isn’t. The cyber domain remains challenging, it remains very fluid. Part of the reason why it’s such a challenging domain for us is because there aren’t internationally accepted norms and protocols. And that’s something that we here in the Defense Department have been arguing for.”
Peter Singer, in conversation with Jason Koebler at Motherboard, says that the bar for actual military engagement against North Korea is a lot higher than hacking a major Hollywood movie studio.
“We didn’t go to war with North Korea when they murdered American soldiers in the 1970s with axes. We didn’t go to war with North Korea when they fired missiles over our allies. We didn’t go to war with North Korea when one of their ships torpedoed an alliance partner and killed some of their sailors. You’re going to tell me we’re now going to go to war because a Sony exec described Angelina Jolie as a diva? It’s not happening.”
Obama said Friday that there would be some sort of response to the hack, but declined to say what. “We have been working up a range of options. They will be presented to me. I will make a decision on those based on what I believe is proportional and appropriate to the nature of this crime,” he said.
Would infrastructure vandalism causing blackouts and water shutdowns constitute an act of war? The question may be moot. Before the United States can consider what sort of response is appropriate to cyber attacks, it must first be able to attribute them.
The FBI was able to finger North Korea for the hack after looking at the malware in the same way a forensics team looks for signs of a perpetrator at the scene of the crime. “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” according to the FBI statement.
An Aurora vulnerability attack, conversely, leaves no fingerprints except perhaps a single IP address. Unlike the Sony hack, it doesn’t require specially written malware to be uploaded into a system, Malware that could indicate the identity of the attacker, or at least his or her affiliation. Exploiting an Aurora attack is simply a matter of gaining access, remotely, possibly because equipment is still running on factory-installed passwords, and then turning off and on a switch.
“You’re using the substations against whatever’s connected to them. Aurora uses the substations as the attack vector. This is the electric grid being the attack vector,” said Weiss, who calls it “a very, very insidious” attack.
The degree to which we are safe from that eventuality depends entirely on how well utility companies have put in place safeguards. We may know the answer to that question in 2015.
It is not just North Korea, the cyber warriors are also in Ukraine, China, Syria, Russian and Iran. America has some defenses, but normal users and the business industry has few robust and intolerant choices against cyber attacks.
We need to challenge Congress to declare cyber attacks as an act of war given the heavy costs to theft, risk and attacks on harden targets including the power grid systems, transportation, food, banks, water, yet most of all intelligence and military secrets.
The most recent attack on Sony intranet system is pointing to North Korea as having the cyber-soldiers and that brigade is called Unit 121.
Defense News: Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.
The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn’t come as a surprise to anyone, but North Koreas intense effort stands out among the top ten nations developing cyber weapons.
Unit 121 Capabilities Assessment:
Force Size: Originally 1,000 — Current Estimate:17,000
Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Koreas military budget is estimated to be the 25th largest in the world.
Goal: To increase their military standing by advancing their asymmetric and cyber warfare.
Ambition: To dominate their enemys information infrastructure, create social unrest and inflict monetary damage.
Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.
Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.
Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.
Capabilities
Cyber Intelligence/Espionage: Basic to moderately advanced
weapons with significant ongoing development into cyber intelligence.
Offensive Cyber Weapons: Moderately advanced distributed
denial of service (DDoS) capabilities with moderate virus and malicious code capabilities.
North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.
In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.
For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.
The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.
Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.
Unit 121 is known to have two distinct functions: to carry out disruptive attacks against systems primarily in the United States and South Korea, both for purposes of sabotage and intelligence gathering, and to defend North Korea from incoming cyber attacks.
North Korea, however, has very little internet infrastructure, which analysts say actually gives the country an advantage. While North Korea can launch massive attacks against the West — the Sony attack being just the latest — outside nations can do little to damage North Korea’s own internal digital systems because they largely don’t exist.
Inside North Korea, use of the internet is strictly limited to government approved personnel. Ordinary citizens may utilize only an intranet run by Kim Jong Un regime, which allows access to government approved sites and state-operated media, but no access to what the rest of the world knows as the internet and the World Wide Web.
Instead, according to a report prepared in 2009 by a U.S. military intelligence analyst, Steve Sin, the Unit 121 hackers operate mostly from the luxurious Chilbosan in Shenyang, China, pictured below, a facility with amenities that would be unknown to all but the top level government elites inside North Korea, an impoverished country racked by famine.
The hotel is located in a military-controlled region of China just three hours from the border with North Korea. The central headquarters of Unit 121 is located in Pyongyang, in a district called Moonshin-dong, near the Taedong River
In fact, by North Korean standards, the cyber hackers of Unit 121 (also referred to as “Bureau 121″) are treated like superstars, afforded high-class lifestyles inconceivable to the vast majority of North Korean citizens.
In addition to Sin’s report, the Hewlett-Packard corporation conducted its own investigation into the threat posed by Unit 121 — which was created in 1998 and operates with a budget of more than $6 billion. Much of the information known about the highly-secretive unit comes from those reports, and from North Korean defectors who have passed information to U.S. and South Korean intelligence.
According to those accounts, the hackers who comprise the unit are the cream of North Korea’s academic crop in math and computer science, hand-picked from high schools around the country, who are then sent to study at Keumseong, the top high school in the North Korea capital of Pyongyang.
From there, the candidates who pass a rigorous series of tests and trials are sent to study at top universities — and then sent to Russia and China for an additional year of specialized training in computer hacking and cyberwar techniques.
Unit 121 is believed responsible for an attack on 30,000 computers inside South Korean banks and media companies in 2013, an attack that security experts say bore strong similarities to the Sony hack.
Against South Korea, North Korea allegedly has already carried out a series of disruptive and destructive operations in the past few years. Discounting previous distributed denial-of-service (DDoS) attacks on websites, the first major cyber-attack attributed to North Korea was on April 12, 2011, which paralyzed online banking and credit card services of Nonghyup Agricultural Bank for its 30 million customers. This is the first instance where North Korea used a disc wiping tool. While its ATMs were fixed within a couple days, some of the online services had taken more than two weeks to return to normal operating status, with 273 out of 587 servers destroyed. The second incident occurred in March 20, 2013, which used similar but improved tactics from April 2011. It was timed to simultaneously target multiple banks and broadcasting agencies with disc wiping tools and was preceded by an extensive advanced persistent threat campaign. The scale of the March 20 attack demonstrated that North Korea has at least one dedicated, permanent cyber unit directed against carefully selected targets and that they have the means to penetrate, exploit, and disrupt target systems and networks with sufficient secrecy.
There are countless militant terror organizations globally and there is a movement to re-look at designations such that enemies are being legitimized and are offered seats at negotiations and peace tables. Hamas has a deep history of terror and is very integrated with other nation states without consequence to the detriment of Europe, Israel and the United States.
The EU General Court has ordered that the Palestinian militant group Hamas be removed from the bloc’s terror blacklist. The move comes over four years after Hamas appealed its terror designation before the EU. The lawyer for Hamas, Liliane Glock, told AFP she was “satisfied with the decision.”
Hamas official Izzat al-Rishq lauded the decision, saying the court had righted an injustice done to the organization, which he said is a “national freedom movement,” and not a terrorist organization, the Jerusalem Post reports.
But a deputy from Israel’s major right-wing Likud party, Danny Danon, said, “The Europeans must believe that there blood is more sacred than the blood of the Jews which they see as unimportant. That is the only way to explain the EU court’s decision to remove Hamas from the terror blacklist.”
“In Europe they must have forgotten that Hamas kidnapped three boys and fired thousands of rockets last summer at Israeli citizens,” he added.
Shortly after the ruling, Israeli Prime Minister Benjamin Netanyahu called on the EU to keep Hamas on its list of terrorist organizations.
“We expect them to immediately put Hamas back on the list,” Reuters cites Netanyahu as saying in a statement. “Hamas is a murderous terrorist organization which in its charter states its goal is to destroy Israel.”
The EU and Israel have attempted to downplay the ruling, saying that groups standing within Europe as terror organizations will not change. Israeli and European officials say the court will be given a few months to rebuild its file against Hamas with evidence of the group’s activities, which will enable it to be placed back on the list of terror organizations, the Israeli news portal Ynet reports.
According to RT’s Paula Slier, Israeli politicians “across the political spectrum” have unanimously condemned what they call a “temporary” removal.
Hamas says it is a legitimate resistance movement and contested the European Union’s decision in 2001 to include it on the terrorist list. It welcomed Wednesday’s verdict.
“The decision is a correction of a historical mistake the European Union had made,” Deputy Hamas chief Moussa Abu Marzouk said. “Hamas is a resistance movement and it has a natural right according to all international laws and standards to resist the occupation.”
The EU court did not ponder the merits of whether Hamas should be classified as a terror group, but reviewed the original decision-making process. This, it said, did not include the considered opinion of competent authorities, but rather relied on media and Internet reports.
It said if an appeal was brought before the EU’s top court, the European Court of Justice, the freeze of Hamas funds should continue until the legal process was complete.
In a similar ruling, an EU court said in October the 2006 decision to place Sri Lanka’s Tamil Tigers on the EU list was procedurally flawed. As with Hamas, it also said the group’s assets should remain frozen pending further legal action and the European Union subsequently filed an appeal.
The European Parliament has approved a non-binding resolution supporting Palestinian statehood. The text was a compromise, representing divisions within the EU over how far to blame Israel for failing to agree peace terms.
On 17 December the European Union’s [General] Court cancelled the inclusion of Hamas on the European list of terrorist organizations, where it had been since 2001.
This cancellation is based on procedural reasons alone.
In no way does it imply any questioning of the European Union’s determination to combat all forms of terrorism.
It does not alter our appreciation of the basic fact: Hamas was described as a terrorist group by the Council of the European Union on 27 December 2001. The European Union [General] Court has also decided to maintain the effects of the inclusion, such as the freezing of Hamas funds.
France will act to ensure that Hamas is included on the list again as soon as possible
Sony Pictures canceled its planned release of “The Interview” marking the success of a brazen hacking attack against the studio and terrorist threats against theaters that played the film.
The Sony Corp. studio’s 11th-hour decision, unprecedented in the modern movie business, came after the nation’s largest theater chains all said they would not play the raunchy Seth Rogen farce set in North Korea.
Sony executives were considering alternative options, including releasing it only via video-on-demand or on television, said a person at the studio. But even those approaches could entail serious challenges. Given that the film already set off the worst corporate hack in history, chances were high that companies with major VOD businesses would regard the film as too radioactive to touch.
“We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees and the American public,” Sony said in a statement conceding defeat on Wednesday. “We stand by our filmmakers and their right to free expression and are extremely disappointed by this outcome.”
It sounds even more implausible than the plot of the lowbrow comedy itself, in which a pair of hapless television journalists is recruited by the Central Intelligence Agency to assassinate North Korean leader Kim Jong Un. As matters escalated this week, the film was thrust into the center of a nationwide debate over free speech, terrorism, international relations, journalistic ethics and cybersecurity.
The sight of the studio that released “Zero Dark Thirty” and “The Social Network” brought to its knees by hackers apparently affiliated with North Korea, one of the most isolated and impoverished nations on earth, set off alarm bells throughout Hollywood. On Wednesday, the production company New Regency canceled plans for a thriller set in North Korea, in which Steve Carell was to have starred, according to a person familiar with the matter. Production was to have begun in March. The cancellation was first reported by the Hollywood trade website Deadline.
Also in question is the status of several other scripts floating around Hollywood, including rights to the memoirs of North Korean defectors who spent years in the country’s notorious labor camps.
The reverberations will carry far beyond Hollywood, online security experts warned, saying that the episode could set a disturbing precedent. “This is now a case study that is signaling to attackers that you can get all that you want and even more,” said Pete Singer, a cybersecurity strategist and senior fellow at the New America Foundation.
Sony Corp. Chief Executive Kazuo Hirai retains confidence in Sony Entertainment CEO Michael Lynton and Sony Pictures head Amy Pascal, according to people familiar with the matter, and he doesn’t blame them for the attack.
The debacle’s roots stretch back at least to June of this year, when Sony executives deliberated over changes to the movie because of its political sensitivities. Though the studio never planned to release “The Interview” in Asia, Sony Corp. executives in Tokyo were concerned about the film because of Japan’s long and tense history with both North Korea and South Korea.
People claiming to be the hackers escalated their threats on Tuesday, warning of terrorist attacks on theaters that showed the film.
The Department of Homeland Security dismissed the terrorist threat as lacking credibility. But theater operators nonetheless asked Sony on Tuesday to delay the film’s opening, planned for Dec. 25, out of concern that the threats would depress box office sales across the industry during the critical holiday season. When Sony declined, the theaters decided Wednesday morning that they wouldn’t play the movie until the Federal Bureau of Investigation complete its probe of the matter, and maybe not even then.
Distribution executives at other studios worried that screening “The Interview” would depress ticket sales for other movies, and the concerns also threatened to keep business from surrounding stores and restaurants over the holiday season.
Sony executives had long been aware “The Interview” would be controversial and have attempted to make a number of changes to its content and release strategy as a result, according to emails leaked by the hackers.
In June, Sony Pictures President Doug Belgrad sent a message to Sony Entertainment’s Mr. Lynton, saying, “I understand this is a delicate issue and will do whatever I can to help address all of the issues and concerns.” He added that he was only aware of two other movies that depicted the killing of a living international leader: Charlie Chaplin’s “The Great Dictator,” which features a thinly veiled version of Adolf Hitler, and “Team America: World Police,” a 2004 musical comedy in which former North Korean leader Kim Jong Il is depicted as a puppet.
The next week, Mr. Belgrad got Mr. Lynton’s approval to spend $550,000 to digitally remove images of former North Korean leaders Kim Jong Il and Kim Il-sung from pins and murals in more than 500 shots.
By July 1, the studio’s Japanese parent became concerned. An executive at Sony Corp. who dealt with diversity and human rights wrote to Sony Corp. of America President Nicole Seligman, saying he was worried the movie could lead “to a great negative affect [sic] on the relationship between North Korea and Japan.”
To back up the studio’s case for the film, Mr. Lynton already had been in contact with a North Korean expert at think tank Rand Corp.
While Sony did go ahead with the film, executives decided to remove all references to the company from the film and not even host promotional materials on the SonyPictures.com website. The movie was instead branded only with the Sony label Columbia Pictures.
At the same time, Sony Pictures executives reached out to Comcast Corp. ’s Universal Pictures about handling distribution of the movie in all foreign countries save for Asia, where “The Interview” wasn’t ever planned to be released. Such a partnership would have cost Sony about $3.5 million, according to an email from a senior executive.
Sony was looking for a partner to help it back the movie in the case of potential political heat, said a person with knowledge of the talks. Universal passed, citing an already full release slate.
Later in the summer, the studio was in tense discussions with Mr. Rogen and his co-director Evan Goldberg over proposed changes to the scene in which Kim Jong Un is killed by a missile.
“As Amy can attest from Seth’s many emails to her, he’s pretty agitated,” Mr. Belgrad wrote in an email following an August report in the Hollywood Reporter that Sony was making changes to the movie. The comic actor was concerned that critics would focus on “whether or not the film was ‘censored’ rather than simply judging whether or not it’s funny.”
Executives all the way up to Mr. Hirai discussed minute details about the changes, such as how much fire would be in Mr. Kim’s hair, how many embers on his face, and the size of an explosion.
“There is no face melting” in the latest cut, Ms. Pascal assured Mr. Hirai in a September email. He urged her to push Messrs. Rogen and Goldberg to tone down the scene a bit further and remove it entirely from international versions.
It is unclear how many changes the directors ended up making to the final cut of the film that was to be released next week.
U.S. officials haven’t reached a final ruling on who was behind the breach. There are diplomatic concerns if North Korea was involved, U.S. officials and people involved in the investigation said. For instance, some officials worry publicly blaming North Korea for the attack could put Japan, a U.S. ally, in a bind. Tokyo, unlike America, has to deal with North Korea as a neighbor just across the Sea of Japan.
The FBI didn’t immediately respond to a request for comment.
An accusation also creates distinct problems for Washington, these people said. If the U.S. blames North Korea for the attack, it then feels pressured to respond. And the proportional response in this case isn’t clear, as North Korea already is sanctioned and cut off from much of the world.
Nations have yet to agree on what types of cyberattacks are acceptable without escalating tensions. Some experts believe that in cases like the Sony attack, the U.S. needs at least to make a public condemnation.
“We can set the norms by coming out and saying this is just too much,” said Jay Healey, an expert on cybersecurity and diplomacy at the Atlantic Council near Washington.
After hackers entered Sony’s systems more than a month ago, they installed malicious code that would eventually wipe hard drives on many corporate computers. This wiped away many of the digital clues and has made the investigation by the FBI and FireEye Inc., a cybersecurity company, very difficult. As of Wednesday, investigators still can’t say they have removed and blocked the hackers from Sony’s systems, people familiar with the investigation said.
The situation also remains tenuous for Sony Pictures’ parent company in Tokyo. After investigators at FireEye determined North Korea was likely linked to the attack, it proposed a public report that would offer an update on the breach and implicate Pyongyang hackers. Sony’s Japan headquarters nixed the idea, people familiar with the probe said.
Though hardly any North Koreans have access to the Internet, mobile phones or other modern technology, the nation is believed to maintain a robust hacker corps, many of them stationed in China or elsewhere outside the isolated nation.
Kim Kwan-jin, then-defense minister in Seoul, said last year that North Korea runs a dedicated cyberwarfare military unit composed of 3,000 people.
Chang Yong-Seok, a senior researcher at the Institute for Peace and Unification Studies at Seoul National University, said a film like “The Interview” would likely have provided an incentive for North Korean officials to prove their loyalty to the dictator as the film insults the leader’s dignity.
“An extreme response is a way to secure one’s position and professional success,” Mr. Chang said.
