ShareThis Page

Sony Pictures hack redefines rules of online warfare

| Thursday, Feb. 12, 2015, 11:30 p.m.
A poster for 'The Interview'  is displayed on the marquee of the Los Feliz 3 cinema December 25, 2014 in Los Angeles, California.    Some two hundred US theaters are screening the Sony Pictures film starting Christmas Day, notwithstanding threats of terrorism and murmurings of an international cyberwar spawned by the farcical comedy about a plot to assassinate the leader of North Korea before it was even released.   AFP PHOTO / ROBYN BECKROBYN BECK/AFP/Getty Images
AFP/Getty Images
A poster for 'The Interview' is displayed on the marquee of the Los Feliz 3 cinema December 25, 2014 in Los Angeles, California. Some two hundred US theaters are screening the Sony Pictures film starting Christmas Day, notwithstanding threats of terrorism and murmurings of an international cyberwar spawned by the farcical comedy about a plot to assassinate the leader of North Korea before it was even released. AFP PHOTO / ROBYN BECKROBYN BECK/AFP/Getty Images

CARLISLE — Rarely has a raunchy movie done so much to change the world.

When hackers broke into computer systems at Sony Pictures Entertainment in a failed attempt to stop the release of “The Interview” late last year, the cyberattack changed the way top American military policymakers look at online warfare, experts say.

Electronic skirmishes that had played out quietly among computer technicians at a hacked company and a federal agency contacted for advice instead went all the way to the Oval Office, as President Obama blamed the Sony incident on a nation-state attack by North Korea.

“In the Sony case, it moved from the commander's inbox to the commander-in-chief's inbox, and that's the first time that's happened,” Navy Capt. Joel Doolin told cybersecurity experts gathered here at the U.S. Army War College. “That's why we're talking about it. It was extraordinary.”

In an interview with the Tribune-Review, Robert Clark, a cyber law fellow in the Army Cyber Institute at West Point, agreed: “The Sony hack showed how we work through a sliding scale. It moved from a criminal act to a terrorist threat attributed to a nation-state, and now the Department of Defense and the president have a role.”

As Obama made plans to host a cybersecurity summit Friday with industry leaders at Stanford University, more than three dozen military officers, Defense industry engineers and academics met here separately Tuesday through Thursday to discuss recommendations for military policies of cyber-warfare. The Trib was granted permission to attend the closed-door meetings.

The group's recommendations include requiring utilities and other critical infrastructure companies to share information about computer threats, and freeing up more government intelligence in return.

Policymakers suggested minimum cybersecurity requirements for Defense Department contractors, stronger capabilities for identifying hackers, and better deterrents against foreign online attacks.

They called for eliminating laws against companies that take offensive steps to thwart hackers. And they see a need for clearer lines when a criminal act becomes a cyberattack that triggers a military response.

When Obama called the Sony incident a cyberattack and blamed North Korea, that changed that vector for discussing online war policy, said Bill Waddell, director of the War College's Mission Command Cyber Division, who moderated the workshop.

Attacks among nation-states are easy to understand when they happen on the ground, at sea or in the air — but Internet intrusions can be hard to detect and harder still to defend, participants said. Private-sector companies control 80 percent of the Internet domain, questions of civil liberties must be considered, and enemies with limited resources can exact major damage.

“The fact that we have become so dependent on the use of (the Internet) creates that type of vulnerability,” Waddell said. “The Defense Department looks at its responsibility to protect, to fight the nation's wars, to keep enemies at bay, to provide deterrents — and is trying to figure out, ‘How does that fit in cyberspace?' ”

The discussion raises difficult questions. Workshop participants debated even how to define cyberspace and online warfare.

When members of one smaller group discussed top international cyber players besides the United States, debate arose about whether to identify specific countries before a majority decided to name Russia, China, North Korea and Iran.

Some ideas discussed at the War College are taking effect. When Obama appears at Stanford, he is expected to detail plans for a Cyber Threats Intelligence Center, focused on sharing government intelligence among agencies and with private companies.

“You have a spectrum of bad behaviors that can happen in cyberspace,” said Capt. Doolin, the primary legal adviser to the deputy chief of Naval Operations for Information Dominance. “What the Sony case proves is: ‘Hey, we the United States have a spectrum of responses we can take.' ”

Andrew Conte is a Trib Total Media staff writer. Contact him at 412-320-7835 or andrewconte@tribweb.com.

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.