By Jon Lindsay
Sony has just announced that it will not go ahead with its planned release of “The Interview” following a spate of major breaches and threats over the past three weeks: http://money.cnn.com/2014/12/17/media/the-interview-sony-theater-owners/index.html. Circumstantial signs point to DPRK but there is no smoking gun yet. While there have been numerous instances of cyber coercion on a small scale (such as “ransom ware” against individual users, or blackmail against marginal players), and cyber used to support a broader coercive effort (e.g., Stuxnet), this seems notable to me as the first major and successful use of cyber to alter the behavior of an actor in a very public way.
This has been a bizarre and surreal story, and I guess it will continue to get stranger. The initial breach prompted Sony to alter the movie, resulting in this weird series of emails: http://defamer.gawker.com/leaked-watch-the-kim-jong-un-death-scene-sony-is-terri-1671454669. Then Sony backed off from releasing the film in Asia and theaters in North America backed off from showing it in the US.
Two points pop out to me: (1) that this is—probably—a nation state attacker against a nonstate victim, which both inverts the conventional wisdom of how cyber attacks should play out (i.e., nonstate hackers vs. nation states) and exploits some considerable deterrent ambiguity regarding how and whether a state should protect its firms; and (2) this threat is made credible by promising actions beyond the cyber domain, notably attacks on movie theatres or other unspecified but rhetorically embellished acts of terrorism.