North Korea Attacks Major US Company: Our Response? Crickets.
It is a no-win situation when you have to ask, "Where's the outrage?" The North Korean hack into Sony and Sony's rapid capitulation is something new and different for the age of the internet. To be sure, the attackers are benefitting from the low esteem held for their victims. Indeed, most of us chuckled as we heard about the release of embarassing private email exchanges between Sony execs that highlighted actual hypocrisy that was already perceived by millions.
Gossip about Angelina Jolie was the focus of newsstories rather than the hundreds, if not thousands, of employees with stolen personal data. The coup de grace was Sony pulling the release of the comedy "The Interview" because of unspecified threats to theaters if the movie was shown on Christmas Day. Let's be clear, this was no big loss. People were not lining up to see another Seth Rogen comedy, as much as they may have enjoyed some of his others (I thought Neighbors was pretty funny).
I wonder if people would be so blase about it if the hackers had targeted the Superbowl? What if the target of the hacking attack was a power company that supplied power to the Eastern half of the United States, rather than a company that makes movies?
What would be our government's response? Heck, what would the American people be doing?
I cannot help but think that we just flunked a big test. When I say "we," I mean our government and the American people, not just Sony and the Hollywood-types. I can't believe I am going to say this, but I think George Clooney is right when he says: "We cannot be told we can’t see something by Kim Jong-un, of all f*cking people." Amen, George.
So, what would an appropriate response look like? Disrupting the next release of "OUR DEAR LEADER'S POWERFUL DANCE MOVES" or locking up Dennis Rodman probably will not do the trick. The government needs to get its response plan together. Not looking weak and feckless all the time would be a good place to start. How about helping to identify the source of the attack much much earlier?
To be sure, it is going to be the responsibility of companies to take even further steps to make their systems more secure. This may not be possible against a state-supported cyber attack like this one. I do not believe Sony was any weaker on cybersecurity than any other company. There is probably a limit to what you can do to be secure and still have a functioning and efficient system. I wonder if we need to come up with redundancies that can be activated in the case of a cyber attack just like we have hurricane contingency plans.