Before Sony hacking, 'Interview' co-directors knew of N. Korea risk

Was the cyberattack on Sony a retaliation for 'The Interview'? 'Wait and see,' a N. Korea official says

The upcoming comedy from Sony Pictures Entertainment, "The Interview," was expected to draw the ire of the North Korean government, with a plot that depicts a fictional assassination attempt on leader Kim Jong Un.

It's still unclear whether the film played a role in the crippling cyberattack against Sony Pictures that became public last week, but actor Seth Rogen and co-director Evan Goldberg said they were warned by private consultants to be prepared for retaliation.

"They were like, 'You might want to change your bank passwords. We're not joking,'" Goldberg told The Times in an interview about a week before the attack.

Goldberg and Rogen, who co-directed the film, said that "The Interview" is clearly intended as a broad satire — one that lampoons American celebrity culture as much as it does North Korea. However, they knew the North Korean government could be unhappy and might have the ability to carry out some sort of digital infiltration.

The R-rated comedy stars James Franco and Rogen as a vapid celebrity talk show host and producer who are recruited by the CIA to try to kill Kim, a scheme that goes terribly awry. This summer, a spokesman for North Korea's Ministry of Foreign Affairs said the movie was tantamount to "an act of war" and promised "a decisive and merciless countermeasure" if the U.S. government allowed it to be released.

"They subcontract Chinese hackers," Rogen said Nov. 19. "We've been told that there's a good chance that even before that statement came out [condemning 'The Interview'], they had seen the movie."

The attack on Sony's computer systems has resulted in the leaking of several of the Culver City-based studio's films, along with other sensitive corporate information, including employees' salaries and Social Security numbers.

In a Tuesday interview with the BBC, a North Korean official did not deny the country was behind the digital assault. When asked if it was involved, a spokesman for the North Korean government replied, "Wait and see." Also, several cybersecurity experts have said that some of the elements of the attack are consistent with aspects of other hacks believed to have been carried out by North Korea or those working on its behalf.

Ralph Echemendia, chief executive of digital security for Red-e Digital, said that code used in the strike on Sony is "consistent with the attack done against South Korean television companies" in March 2013. The breach wreaked havoc on broadcasters there, and South Korea accused the rogue state of carrying out that attack. However, Echemendia cautioned that hackers are known to repurpose malicious code created by others once it has proved effective.

Sony Pictures, a unit of Tokyo-based Sony Corp., declined to comment. This week the studio, which has 6,600 employees worldwide, said it had restored part of its computer system and was working with law enforcement to probe the attack.

The FBI is investigating the matter. The agency also released a bulletin to the private sector on Monday that flagged companies to be on alert for cyberthreats.

Various theories on who is behind the Sony hacking have been floated. Some observers have speculated that the attack — claimed to have been carried out by a group calling itself Guardians of Peace — may have been an inside job perpetrated with the help of disgruntled current or former Sony employees.

The hacking incident caps an up-and-down 18 months for the studio, which has weathered a call by activist shareholder Dan Loeb for it to be spun off from its parent company, and undergone several rounds of layoffs aimed at trimming overhead by at least $250 million.

The hacking saga has driven morale to a new low, according to people at Sony.

"It's a difficult time," a person close to the studio said. "I don't think there has been a studio that has weathered this kind of sustained attack for this long."

And the cybersecurity breach appears to be an ongoing problem. On Monday, online news outlet and cable channel Fusion published portions of a spreadsheet that is purported to contain several Sony executives' salaries and the Social Security numbers of 3,803 workers. In response, Sony is providing identity theft protection to employees free of charge.

Sony also has enlisted Mandiant, a cyberforensics unit of the security firm FireEye, to assist in the search for the hackers.

Still, the studio will have to work hard to repair and enhance its computer systems.

"It's not a matter of plugging one hole or another because there's likely so many back holes inserted that it needs to be brought back from scratch," said Clifford Neuman, director of the USC Center for Computer Systems Security.

Additionally, the controversy over "The Interview" makes it trickier for Sony to market the roughly $35-million film, which will be released on Christmas Day.

On one hand, North Korea's protests represent a gold mine of free advertising. Similar protests from the nation of Kazakhstan over 20th Century Fox's 2006 comedy "Borat" dovetailed with that film's marketing campaign. But there's a risk that too much controversy could make "The Interview" seem overly provocative to audiences, which probably explains why Sony has cast it more as an outrageous comedy than any kind of political statement.

After North Korea's condemnation of the film, Rogen, Goldberg and Sony decided to start screening the movie more widely to help defuse the emerging firestorm.

"Our fear was that it was being viewed so much as a controversial movie that people were losing sight of the fact that it's also hopefully a really enjoyable movie," Rogen said. "We were like, maybe we should start showing it to people so they realize it's funny and it's not this thing that was meant to incite another country."

Twitter: @joshrottenberg

Twitter: @DanielNMiller

Times staff writers Paresh Dave and Saba Hamedy contributed to this report.

Copyright © 2016, Los Angeles Times