REUTERS/KCNA Samuel Visner is the Senior Vice President and General Manager of Cybersecurity at IFC
The Federal Bureau of Investigation has confirmed that North Korea was behind the cyberattack on Sony Pictures Entertainment. Now is the time to shift our focus from the capabilities demonstrated by the attackers to their motivation.
The first important point, the fact Sony was attacked is irrelevant. North Korea apparently capitalized on the company's reportedly weak cybersecurity to accomplish these goals:
- ? A live test of its cyber-attack capabilities,
- A demonstration to other countries that they are not beyond North Korea's reach
- Understanding and calibration of the response of other countries.
In other words, Sony is no more than a target of opportunity, one chosen cleverly. In the end, how much retaliation might North Korea expect from an attack on the US media subsidiary of a Japanese company?
No critical infrastructure has been damaged. Sony does not represent any of the sectors covered by the President's 2013 cybersecurity executive order nor the National Institute of Standards and Technology's 2014 Framework for Improving Critical Infrastructure Cybersecurity. For North Korea, attacking Sony was a low-risk endeavor.
Leigh Vogel/WireImage/GettyThis incident has important consequences. In attacking a company on US soil, North Korea has demonstrated its cyber capability to inflict damage without physical proximity.
And very importantly, this global reach has garnered widespread global attention.
The world has learned that the North Korean arsenal of weapons and state-craft can be potent at great distance and that countries engaged in confrontation or negotiation with North Korea must account for Pyongyang's cyber capabilities.
But North Korea must demonstrate to itself that this capability is potent. This incident also must be seen as a live weapons test, not dissimilar to North Korea's apparent sinking of a South Korean warship with a torpedo in 2010.
That incident verified to North Korea's leaders that its torpedoes work and demonstrated to potential adversaries another North Korean capability they cannot afford to overlook.
Lee Jae-Won/Reuters
With a live test of its cyberattack ability, North Korea proved to itself and an international audience that it can inflict damage in the real world. It gained assurance that in the future, a cyberattack could be a viable component of its integrated arsenal of weapons and other tools of state-craft.
As for Sony, this incident could have afflicted any other commercial enterprise, especially one that reportedly had chosen to deal with the fallout from a cyberattack rather than invest in the strategy and tools necessary to defend against it.
REUTERS/Toru Hanai
For US and other national security planners, at least one other lesson should be learned: Information sharing is a challenge that cannot be deferred any longer. Government and commercial entities are equally at risk in this world.
The private sector may be more likely to suffer attacks than the public sector. Thus, we must overcome the barriers that have held back the sharing of detailed threat information, and information relating to the tools and techniques needed to confront today's threat landscape.
The real lessons here are:
- ?Any organization, commercial or governmental, can find itself the target of a state sponsored weapons test.
- ? Cyberattack is clearly becoming a mainstream threat rather than a peripheral concern.
- The need to share information grows every day.
Samuel Visner is the Senior Vice President and General Manager of Cybersecurity at IFC International. He is also an adjunct professor at Georgetown University. This white paper is titled 'It's Not About Sony.'