When they set out to make “The Interview,” a comedic movie about assassinating the leader of North Korea, actors Seth Rogen and James Franco likely did not realize they would spark a massive cyber attack, lead the White House to dub those attacks a national security problem or inadvertently trigger a First Amendment crisis in the United States. When Sony and theater owners bowed to hacker demands that they cancel the movie’s Christmas Day release, followed shortly by Paramount’s refusal to allow movie theaters to run “Team America: World Police”—another comedy made at North Korea’s expense—in its place, they highlighted a much bigger national security problem than many have realized: Not only can adversaries use cyberspace to steal and spy on a massive scale, or threaten critical infrastructure, they can also threaten the very freedoms that Americans take for granted.
Much of the subsequent commentary and analysis has focused on Sony’s alleged cowardice and the options available for responding. In truth, the federal government’s options are limited. In the past, Washington has complained publicly and indicted foreign government officials when faced with sustained cyber espionage campaigns from China. Not surprisingly, this strategy has failed. Complaints went ignored, and the indictment was laughable. The Chinese government is no more likely than the U.S. to turn over its personnel for executing state policy. China responded furiously, leveling similar accusations at the U.S.
The FBI’s announcement that it had convincing evidence pointing to the North Korean government’s responsibility for hacking Sony makes it tempting to speculate that the Obama administration would nonetheless seek indictments against North Korean government officials, or at least return Pyongyang to the list of state sponsors of terror. In his end-of-year press conference, U.S. President Barack Obama was more circumspect, announcing the U.S. would respond “proportionately . . . in a place and time and manner that we choose.”