WASHINGTON — The North Korean cyber hit on the network of Sony Entertainment in November is hardly the first state-sponsored bit of corporate hacking to strike the US or its allies, and experts say it is likely a harbinger of things to come.
"This is a whole new day in cyber for a host of reasons," Mike Rogers, former chairman of the House Permanent Select Committee on Intelligence, Mike Rogers told an audience at the Bipartisan Policy Center in Washington on Jan. 15. Not least of which is that the United States "is going to have to show nation states that it will not tolerate it."
But how to respond is the issue.
The US government has publicly blamed North Korea for the hack, which is assumed to have come in retaliation for the release of "The Interview," a Sony's movie in which two bumbling Americans assassinate the north's dictator, Kim Jong-un.
One of the biggest implications of the attack is that "we now know that a nation with 1,000th of the [gross domestic product] GDP of the United States has the sophistication to carry out such an attack," added Paul Stockton, former assistant defense secretary for of defense of homeland defense and Americas' security affairsDr. Paul Stockton. "The trend is one way and that is toward nations obtaining increasingly sophisticated cyber capabilities."
While Sony will likely surely eventually pay a large price for the hack from shareholders and industry partners, the breach has hardly been the most worrisome of corporate hacks.
In August 2012, it is widely suspected that Iran breached the internal network of the Saudi oil giant Aramco, an event that inserted a virus dubbed "Shamoon" into the system, which replaced the data on hard drives with an image of a burning American flag and erasing previously stored information.
The hackers called the erasing mechanism implanted on the network "Wiper," which was suspected as being a sly nod to a component contained in "Flame," a virus that struck Iranian oil companies that May, forcing them to cut the Internet connection to the Kharg Island oil terminal, a critical spigot through which about 80 percent of Iran's oil flows.
American officials have also blamed Iran for the September 2012 cyber attacks that took the websites of Bank of America, JPMorgan Chase, Citigroup, US Bank, Wells Fargo and PNC offline for several days, blocking access for customers.
More seriously, the German government recently reported that a spear phishing attack on an unnamed German factory last year caused massive physical damage. In a report released in January, the Bonn government admitted that one of the plant's blast furnaces could not be shut down, resulting in "massive damage to plant."
But hackers don't need to go after the Aramcos and Sonys of the world in order to cause disruption.
"All you have to do is go after the supply chain," said Rogers, pointing out that a nation-state could do damage to US defense prime contractors by targeting their smaller, more easily hackable suppliers, effectively shutting down programs or stealing information.
The Chinese government has already been extremely active in that regard, having hacked into US networks in order to pilfer information about a whole host of weapons systems from the Patriot missile system, the Terminal High Altitude Area Defense, or THAAD; and the Aegis ballistic-missile defense system.
A 2013 Pentagon report also identified the F/A-18 Hornet fighter jet, the V-22 Osprey, and the Littoral Combat Ship as programs compromised by Chinese hackers over the past several years.
In 2007, China even managed to penetrate Lockheed Martin's system, stealing critical design data about the F-35 program and then using the terabytes of information it extracted to design its own J-31 stealth fighter jet.
One of the most difficult questions to answer about this new method of warfare, analysts say, is how to respond.
President Barack Obama said that the United States would offer a "proportional response" to the Sony hack, and days later the handful of IP addresses active in the north went down.
But that doesn't strike some as nearly enough in terms of either rhetoric, or action.
"I probably would have tried to strike the word 'proportional' form the US response" former CIA and NSA chief General (Ret.) Michael Hayden said at the Bipartisan Policy Center event. "I don't think we should give them comfort … it gave them a little too much relief in terms of what we may or may not do."
He added that the problem is, the US has not we haven't yet worked out how to fight in this new realm.
"We have not yet worked out a taxomony" for action in the cyber domain like the US has we have for land, sea and air warfare, he said. "How do you categorize an event in the cyber domain that tells you what is or is not a proportional response?"
None of his fellow panelists had an answer.
Email: pmcleary@defensenews.com.
Twitter: @paulmcleary
