HARI SREENIVASAN: Investigators are calling the recent cyber-attacks on Sony Pictures unprecedented, well-planned and possibly the most destructive corporate security breach reported on U.S. soil.
Sony happens to be releasing a comedy movie called "The Interview," which depicts a fictitious plot to assassination Kim Jong-un, pointing to North Korea's possible involvement in the attack. There's also speculation that China aided in the security breach.
Joining me now via Skype from Seoul, South Korea, is James Pearson, a reporter for Reuters and the co-author of "North Korea Confidential," due out in February.
Let's start with the attack on Sony. Does the evidence point to North Korea?
JAMES PEARSON, Reuters: Well, there's still no — there's still no evidence then that — that — at least there's no conclusive evidence that North Korea was behind the attacks on Sony Pictures.
What we do know are that there are — there are some hallmarks of this attack, which is similar to an earlier one. Since about 2009, there have been countless attacks on South Korea by a gang which security researchers have nicknamed the Dark Seoul Gang, which was a name for the malware which they were — they were found to use at the time.
And, later on, the researchers also found that these — these hackers were — on the surface looked like hacktivists. They were defacing Web sites. But the codes that they had written were actually specifically designed to steal North Korean — and military secrets, and also from U.S. bases, of course, which there are — of which there are many here in South Korea.
So, whilst there is still no conclusive evidence that North Korea is indeed behind this attack — and they have — they have also denied it — just today, they said that it was a righteous deed that perhaps some pro-North Korean activists carried out on their behalf.
The point is, is that, if they wanted to do that attack, they would have the capability to do so.
HARI SREENIVASAN: Tell us about the structure of what amounts to the North Korean cyber-unit.
JAMES PEARSON: Well, within — within North Korea, just like in — in fact, many countries, has its own military intelligence, which is specifically designed to target its — the militaries — the networks of the militaries of its enemies.
Now, within North Korea, there's an organization that's a slightly shadowy organization, like many of the wings of the government, called the General Reconnaissance Bureau. And within that, there's a further bureau called Bureau 121, which specializes in — in hacking, essentially.
HARI SREENIVASAN: You have spoken to North Korean defectors. They have told you that hackers are given incentives to be part of this team.
JAMES PEARSON: Well, the defectors that we spoke to in Seoul described hacking, as a member of the North Korean elite, as a white-collar job, essentially.
It's a highly sought-after profession. There are many people who do computer science in Pyongyang. In fact, you don't even have to be particularly elite. We spoke to some defectors who said that they studied alongside friends who came all the way from the countryside to Pyongyang to study at the University of Automation and learned — and learned their trades there.
Now, in terms of the incentives that they give these hackers, one thing you have got to remember is that, if you're in a highly controlled space like North Korea, and you are given access to information from the outside world, then, ideologically, it's quite threatening.
So, the one thing you can do as a state to sweeten the deal for these hackers is make sure that they live very, very comfortably. If you're a hacker, for example, you will be given quite a nice apartment. You may — you will have probably a computer in your own house, and you will live quite comfortably.
You will probably also be able to travel overseas as a part of a North Korean trading delegation and have access to things that most North Koreans simply would never even be aware of, let alone think of.
HARI SREENIVASAN: James Pearson via Skype from Seoul, South Korea, thanks so much.
JAMES PEARSON: Thank you.
n. 安全,防护措施,保证,抵押,债券,证券