WASHINGTON — — President Barack Obama said Friday that Sony Pictures Entertainment “made a mistake” in deciding to shelve a film about a plot to assassinate North Korean Leader Kim Jong Un even though the studio suffered significant damage in a hack attack the FBI blames on the secretive Communist regime.
“I wish they had spoken to me first,” Obama said of Sony executives at a year-end news conference in which he said, “we cannot have a society in which some dictatorship someplace can start imposing censorship …”
Envisioning other potential flashpoints, he summoned situations in which dictators “start seeing a documentary that they don’t like or news reports that they don’t like.”
“We will respond” to the attack,’ he added, although he offered no details.
The president spoke a few hours after the FBI formally accused the North Korean government of being responsible for the devastating hacking attack against Sony, providing the most detailed accounting to date of a hugely expensive break-in that could lead to a U.S. response.
The FBI said in a statement it that it now has enough evidence to conclude that North Korea was behind the punishing breach, which resulted in the disclosure of tens of thousands of leaked emails and other materials.
“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behaviour,” the statement said.
The FBI’s statement cited, among other factors, technical similarities between the Sony break-in and past “malicious cyber activity” linked directly to North Korea, including a prior cyberattack against South Korean banks and media.
A group identifying itself as Guardians of Peace has taken responsibility for the Sony breach, which was reported in late November and involved the use of destructive malware that caused the studio to take its entire computer network offline left thousands of computers inoperable and “significantly disrupted the company’s business operations,” the FBI said.
The break-in has had wide-ranging ramifications for the studio, spilling into public view candid and confidential discussions among executives and leading to lawsuits from those who say their personal and financial data was exposed online. This week, the cyber-attack escalated with terrorist threats against movie theatres that planned to show the movie “The Interview,” a comedy starring James Franco and Seth Rogen that for months has been condemned by the North Korean government.
In response to the threats, Sony cancelled the Christmas Day release of the film — a comedy about a plot to assassinate Kim Jong Un and said it had no further plans to distribute it.
After Sony shelved the film’s release, hackers sent a new email praising the studio’s decision as “very wise” and saying its data would be safe “as long as you make no more trouble.” The message warned the studio to “never” release the film “in any form,” including on DVD. The email was confirmed Friday by a person close to the studio who wasn’t authorized to speak publicly about the matter and requested anonymity. An FBI spokesman said authorities were aware of the email and were investigating.
The Motion Picture Association of America called the Sony attack a “despicable, criminal act” that threatened the lives of thousands of people in the film and television industries.
North Korea has denied responsibility but earlier this month referred to the cyberattack as a “righteous deed.” A North Korean diplomat to the United Nations, Kim Un Chol, declined to comment Friday about the FBI’s accusations.
Obama administration officials had until Friday declined to openly blame North Korea but had said they were weighing various options for a response. The statement Friday did not reveal what options were being considered but did say the government would look to “impose costs and consequences.”
At first glance, the options for a U.S. response seem limited. Bringing the shadowy hackers to justice appears a distant prospect. A U.S. cyberretaliation against North Korea would risk a dangerous escalation. And North Korea is already targeted by a raft of sanctions over its nuclear weapons program.
The FBI did not indicate whether it has identified any individual hackers who might be culpable. In May, the Justice Department announced indictments against five Chinese military officers accused of vast cyberespionage against American corporate interests, but none of those defendants has yet to set foot in an American courtroom.