12/19/2014 11:24 EST | Updated 02/18/2015 05:59 EST

Sony 'made a mistake' axing The Interview, Obama says

Sony Pictures "made a mistake" when it pulled its comedy The Interview from theatres, following a cyberattack that investigators have blamed on North Korea, according to U.S. President Barack Obama. 

"We cannot have a society in which some dictator someplace can start imposing censorship here in the United States," Obama said, during his year-end news conference. 

"If somebody is able to intimidate folks out of releasing a movie, imagine what they start to do when they see a documentary they don’t like, or news reports they don’t like," he said. 

The FBI earlier in the day concluded that North Korea was behind the cyberattack on Sony Pictures — which led the studio to cancel the release of its upcoming comedy The Interview — and other malicious online activity that has been linked to the isolated state. 

The FBI said it is "deeply concerned" about the "destructive nature" of the attack on Sony, which also saw sensitive and embarrassing internal emails released on the internet. 

Earlier in the day the hackers on Friday praised the company's "very wise" decision to cancel The Interview, and said the studio's data would be secure if it continues to comply, CNN reported today, quoting the message.

"We ensure the security of your data unless you make additional trouble," the message said, according to CNN. 

The Interview is a comedy about a fictional, and eventually successful, plot by the CIA to assassinate North Korean leader Kim Jong-un. It stars James Franco and Seth Rogen, and was due in theatres on Dec. 25. 

The FBI said the malicious code used in the attack is similar to malware previously linked to North Korea.

"There were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks," the agency said in a statement. 

Tools used in the attack also resemble those seen in a cyberattack launched last year against South Korean banks and media outlets that was blamed on North Korea, investigators said. 

Practice run?

The attack may have been a practice run for North Korea's elite cyberarmy in a long-term goal of being able to cripple telecoms and energy grids in rival nations, defectors from the isolated state said.

​Non-conventional capabilities like cyberwarfare and nuclear technology are the weapons of choice for the impoverished North to match its main enemies, according to defectors.

Obsessed by fears that it will be overrun by South Korea and the United States, North Korea has been working for years on the ability to disrupt or destroy computer systems that control vital public services such as telecoms and energy utilities, according to one defector.

"North Korea's ultimate goal in cyberstrategy is to be able to attack national infrastructure of South Korea and the United States," said Kim Heung-kwang, a defector from the North who was a computer science professor and says he maintains links with the community in his home country.

"The hacking of Sony Pictures is similar to previous attacks that were blamed on North Korea and is a result of training and efforts made with the goal of destroying infrastructure," said Kim, who came to the South in 2004.

The attack looks to be North Korea's most successful to date. 

Elite cyberwar unit

"They have trained themselves by launching attacks related to electronic networks," said JangSe-yul, a defector from North Korea who studied at the military college for computer sciences before escaping to the South six years ago, referring to the North's cyberwarfare unit.

For years, North Korea has been pouring resources into a sophisticated cyberwarfare cell called Bureau 121, run by the military's spy agency and staffed by some of the most talented computer experts in the country, he and other defectors have said.

Most of the hackers in the unit are drawn from the military computer school.

"The ultimate target that they have been aiming at for long is infrastructure," Jang said.

Attacks on the South

In 2013, South Korea blamed the North for crippling cyberattacks that froze the computer systems of its banks and broadcasters for days.

More than 30,000 computers at South Korean banks and broadcast companies were hit in March that year, followed by an attack on the South Korean government's web sites.

An official at Seoul's defence ministry, which set up a Cyber Command four years ago, said the North's potential to disrupt the South's infrastructure with cyberattacks is an emerging threat but declined to give details.

An official for Korea Gas Corp., the world's largest corporate buyer of liquefied natural gas, said it has been working with the National Intelligence Service against potential cyber-threats.

But highlighting the vulnerability to hacking, the network of Korea Hydro & Nuclear Power was recently compromised, resulting in the leak of personal information of employees, the blueprints of some nuclear plant equipment, electricity flow charts and estimates of radiation exposure on local residents.

Preliminary investigations have found no evidence that the nuclear reactor control system was hacked but an added layer of alert against cyber-infiltration has been ordered for major energy installations, the Industry and Energy Ministry said on Friday.

Next-generation capabilities

Although North Korea diverts much of its scarce resources to the military, its outdated Soviet-era tanks, planes and small arms are at a stark disadvantage to next-generation capabilities of its adversaries.

It has, however, invested significant time and money in its asymmetric warfare capabilities, which include a vast fleet of mini-submarines and thousands of state-sponsored hackers.

"When you look at military capabilities, there are various aspects like nuclear and conventional. But with the economic environment and difficulties [the North] faces, there is bound to be limitation in raising nuclear capabilities or submarines or conventional power," said Lim Jong-in, dean of the Korea University Graduate School of Information Security in Seoul.

"But cyber-capability is all about people … I believe it is the most effective path to strengthening the North's military power."