In threat assessment, the 'who' matters

Knowing who could come after you helps you prepare the appropriate defenses and response

We’re a bit perplexed by the attention being given to the hack of Sony Pictures. It’s not that the hack doesn’t deserve attention; it was potentially devastating from a business and operations standpoint, and companies that are hacked should not try to bottle up that information.

What is perplexing is that so much of the attention has centered on the question of whether or not North Korea was behind the attack. This storyline seems to have arisen from the fact that the studio has an upcoming Christmas release, The Interview, in which two journalists who have snagged an interview with Kim Jong Un are recruited by the CIA to assassinate the North Korean leader. That scenario isn’t impossible, but it is highly unlikely. Giving it credence is counterproductive, because who is behind any particular hack — and who is likely to attack your enterprise — is of utmost importance.

Here’s why North Korea is an unlikely culprit. The damage done by a North Korean attack would be different, because of what that nation would want to accomplish by attacking Sony Pictures. It would likely want to impose maximum damage, while potentially extorting the studio into agreeing not to release the film.

What was actually done, however, fits the profile of a hacktivist group: complete destruction of systems, and embarrassment of the targeted organization.

To continue reading this article register now

How to choose a low-code development platform