Return to Transcripts main page
CNN Newsroom
FBI Gets Offer To Help Investigate Suspected Cyber Attack From North Korea
Aired December 20, 2014 - 15:00 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
MARTIN SAVIDGE, CNN HOST: You're in the CNN NEWSROOM. I'm Martin Savidge in New York. Thank you very much for joining me. It's great to be with you.
Let's get started. The FBI is getting an offer to help investigate a suspected cyber attack from North Korea. That offer is coming from, wait for it, North Korea. Here's the gist of the statement released today from Pyongyang.
We didn't do it. We want to help find out who did. We're being framed.
The statement wasn't all generous. It went on to threaten the U.S. with serious consequences if it turns down that offer of a mutual investigation, and continues to blame North Korea for the computer attack on Sony pictures. That attack resulted in the release of a private company's information and emails and led to the cancellation of the release of a movie about an assassination plot on North Korean leader Kim Jong-un.
Well, despite North Korea's formal denial, the FBI is fairly convinced that the Sony attack started there. So who in North Korea is savvy enough, well trained enough to set something so destructively loose or so destructive loose on the world. People who studied Kim Jong-un are pretty sure they know.
And CNN's Kyung Lah is in Seoul with that.
(BEGIN VIDEOTAPE)
KYUNG LAH, CNN CORRESPONDENT (voice-over): North Korean soldiers, a Technicolor parade in force against the west. On state-run television, a near ridiculous bravado of the military, but there are unseen soldiers in Kim Jong-un's cyber war versus the west. They have no face and only known by a number bureau 121.
What is bureau 121?
They conduct the cyber attacks against overseas and enemy states as Jong Se-yul. Jong is a North Korean defector, former Pyongyang military computer systems worker, now in South Korea independently attempting to crumble an agency nearly impossible to chase.
Bureau 121, a shadow agency with an unknown number of the regime's handpicked shadow agents placed in countries around the world. Jong believes there are approximately 1800 of them. Though he says the agents themselves don't know how many exist.
We can't verify Jong's claims about the shadow group. But he says he's obtained from a current operative hundreds of financial files hacked from south Korean banks complete with names and other bank account details.
Is this cyber war the real war for North Korea?
Raising cyber agents is fairly cheap, he says. The world has the wrong view of the North Korean state. But that incorrect world view, North Korea was able to increase its ability to launch cyber attacks.
South Korea learned the hard way. Banks across the country last year were paralyzed, ATMs frozen for days, media outlets went dark, servers jammed or wiped. North Korea denied it was the source of a hack. But in the wake of the attack, South Korea beefed up its own cyber forces declaring the online war as dangerous as Pyongyang's nuclear ambitions.
North Korea exists in the land of over the top propaganda while experts say it wages its parallel war in cyber space led by a young man of the internet age ushering in a new phase of the Korean conflict.
Kyung Lah, CNN, Seoul.
(END VIDEOTAPE)
SAVIDGE: We are going to dive into this story a little later in the hour talking about who else might be vulnerable. You'll also find out how far cheap it is to buy a hack like the one that hit Sony. The price is remarkable.
Meanwhile, elsewhere overseas today, the number of terror suspects held at Guantanamo Bay, Cuba continues to gets smaller. The Pentagon has confirmed that four men were cents back to their home country of Afghanistan. It is part of the Obama administration's plan to draw down the detention center. Six others were released earlier this month you'll remember. About 800 terror suspects in all have been held at Guantanamo connected to the U.S.-led war on terror, 132 people are still detained there.
President Obama didn't mention that Guantanamo release yesterday and he wasn't asked about it at his White House news conference. And now, the first family is on vacation in Hawaii.
So let's go live now to CNN's Michelle Kosinski who is in Honolulu.
Nice to see you, Michelle. Congress rejected a full closure of Guantanamo when they struck down or actually struck it from the defense policy bill. But 10 detainees have now been released this month. So how does it all fit in to the president's plan to close the place?
MICHELLE KOSINSKI, CNN CORRESPONDENT: Well, this is definitely part of them. It is just last week, the president said that keeping gitmo open under mines our national security and that it must be closed. This goes hand in what happened that.
I mean, the reason why it wasn't announced at the press conference it was announced by the Pentagon. So that's where the news comes from. And sometimes the White House doesn't want to announce something that officially needs to come from some other departments or agency. So we think that's probably why. It was also interesting that it wasn't asked about it. And we've been seeing these periodic releases.
I mean, in 2009, the president signed an executive order to close it down wind a year but it's proven extremely difficult to do so partly because Congress keeps these things in the spending bill to make transfers more difficult. But there are instance like this one where transfers are possible. These are considered for very low level detainees not charged not convicted of anything. So they were released to the Afghan government. And in fact the Afghan government asked for this release specifically.
But this isn't the only one we expect to see. In fact we've been hearing from thing Pentagon another officials that there will be more in coming weeks and more in unspecified number in the next months as well, Martin.
SAVIDGE: All right. And the president was also talking about that hacking incident with Sony. Let's listen to what he had to say here first.
(BEGIN VIDEO CLIP)
BARACK OBAMA, PRESIDENT OF THE UNITED STATES: They caused a lot of damage and we will respond. We will respond proportionately and we will respond in a place and time and manner that we choose. It's not something that it will announce here today at a press conference.
(END VIDEO CLIP)
SAVIDGE: Michele, you know that North Korea has offered to join this kind of mutual investigation. So what's the response to North Korea's offer to help?
KOSINSKI: Yes. I mean this all seems like another movie unto itself. It is pretty interesting. And the national Security Council this morning put out a statement about that saying listen to this, the government of North Korea has a long history of denying responsibility for destructive and provocative actions. If the North Korean government wants to help, they can admit their culpability and compensate Sony for the damages this attack caused. We'll see if that happens, Martin.
SAVIDGE: Yes. By the way, a movie probably that wouldn't be shown.
Michelle Kosinski in Honolulu. Thanks very much.
Well, the president of Cuba spoke to the people of his country today and had one main statement basically to the president, gratitude.
(BEGIN VIDEO CLIP) RAUL CASTRO, CUBAN PRESIDENT (through translator): Thank you people, we like to say thanks to this fair decision to the United States President Barack Obama. With this, an obstacle has been eliminated to the betterment of the relations between Cuba and the U.S. The whole world has reacted in a positive manner upon the announcements made last Wednesday.
(END VIDEO CLIP)
SAVIDGE: That was the say that both presidents announced historic changes in the Cuban-American relationship paving the way for future open travel between these two countries. More trade, more banking, diplomatic relations. And then, of course possibly, the lifting of that long economic embargo.
CNN's Patrick Oppmann is in Havana right now.
And Patrick, President Raul Castro also had demand that his political system has to be respected. So tell us how American capitalism and Cuban communism are going to work together?
PATRICK OPPMANN, CNN CORRESPONDENT: Well, you know, that's a very good question. At least in the short term they really won't because as you mentioned the embargo stays in place and that is going to prohibit a lot of American companies that would like to do business from doing business in Cuba. But Raul Castro said this was an important step forward.
But just really one step, Martin, he says that the U.S. shouldn't meddle in Cuban affairs, shouldn't expect Cuba to alter its internal or foreign policy decisions to curie favor with the U.S.. And that basically, the Cubans and U.S. officials will be talking more. He has really expects that U.S. embassy will be opened here. That the Cuban intersection in D.C. will become a Cuban embassy and it will be higher level contacts.
But there's still very many important differences. You know, we'll see if those differences can be worked out. Raul Castro certainly believes that the revolution will stay intact. The single party form of communism will stay here intact. But there will be more opportunities for him and President Barack Obama to discuss these things because Raul Castro today confirmed that he'll be traveling to a regional summit in Panama in April and President Barack Obama will be there as well. We'll see if they make more history there, Martin.
SAVIDGE: Yes. It will be very interesting. I spent a lot of time in Cuba and the people are wonderful despite their government. How are the people reacting to all of this news?
OPPMANN: This was totally unexpected. Just about every Cuban that I've talked to was born after the revolution which is, of course, the majority of the island. Said they never experienced a day like the day on Wednesday. When the seemingly out of the blue Cuba so long forgotten certainly the United States seemed to be the center of the world and you have both presidents talking live about Cuba talking about a better future for Cuba. A lot of differences certainly in Raul Castro and Barack Obama's minds about what that better future is, at least these two countries are talking. And almost all Cubans that I know are celebrating this break in the long standing diplomatic icy relations here, Martin.
SAVIDGE: Well, that's a remarkable change.
Patrick Oppmann, thanks very much. We will look forward in talking to you more. Thanks.
Would you know what to do if you were taken hostage? What if you see a way to escape? And what if you're staring down the barrel of a gun? What's your best move to survive? I'll tell you the five things you can do to make it through.
Plus, Sony still reeling from its cyber attack but it's not the only one vulnerable to cyber terrorism. And it's not the only target. More on that as well coming up.
(COMMERCIAL BREAK)
SAVIDGE: AAA says more than 98 million people will travel more than 50 miles from home for Christmas this year and yes, that's a record. But a massive brewing storm could make a travel mess for two-thirds of the nation especially along the i-95 corridor. And that will be beginning on Tuesday. Heavy rain and thunderstorms are expected in the southeast, Midwest and along the east coast. Christmas Eve travelers will see even more storms. Your best chance for a white Christmas Central Rockies, Wisconsin and Northern Michigan.
And if you're traveling abroad this holiday season you may want to be a little extra cautious. The state department has issue ad worldwide travel alert for U.S. citizens traveling to other countries. That is in the wake of the recent hostage siege in Sydney, Australia. The state department says an analysis of past attacks and threat reporting strongly suggest as focus by terrorists not only on the targeting of U.S. government facilities but also on hotels, shopping areas, places of worship and schools. The travel warning extends until March.
Now, your chances, though, of being taken hostage in a terrorist situation are very small. But there are some specific things you can do to help improve your chance of a positive outcome.
I spent some time in a training facility for police and civilians as well as the military and got five crucial tips to keep in mind if you are ever taken hostage.
(BEGIN VIDEOTAPE)
SAVIDGE: First of all you should know your chances of really being caught up directly in a terrorism act are extremely low. That said it can happen at the most unexpected times in the most unexpected places.
Number one, the moment you realize that a terror hostage situation is developing, if there is a door or an exit nearby use it and get away fast. But let's say you don't get away and now you are a hostage. The experts say be compliant. No matter how uncomfortable it may seem to be. After all, bad guys have the guns. You don't. You should do what they say. Three, don't stand out. Don't be argumentative. Don't be combative. But at the same time don't be cowering and crying in the corner because that too can make you stand out and make you appear to be weak. Four, when a rescue does come, it is likely to be violent. Get down if you're not already on the floor. And once you're down cover your eyes and ears for protection. If possible get behind some kind of cover. But remain on the ground. Don't jump up and attempt to run because even the rescuers have been trained to track a moving object. It could be disastrous. Wait until you here the all clear.
And finally number five than one could surprise you most. After all you've been through as a hostage, expect to be detained. History has shown sometimes the terrorists try to escape with the innocents. So, you'll be taken to a place of safety, marshaled through and then eventually investigated to figure out who is good and who is bad. You'll have that opportunity to eventually deliver that hand shake or hug of gratitude. It just might have to wait a bit.
(END VIDEOTAPE)
SAVIDGE: We've seen how vulnerable a big company like Sony is to hackers. What about you or me? Could someone get their hands on our private emails or pictures? Of course. We're talking about that next hour but first a primer on the deep web.
(BEGIN VIDEO CLIP)
UNIDENTIFIED MALE REPORTER: When you surf online you're really skimming the surface. Beneath the websites we all know and love there's actually a vast mostly unexplored zone called deep web. It's mostly boring stuff. Government data and research papers buried in databases beyond the reach of search engines. And just like the ocean the deeper you go in the deep web, the darker it gets.
At the darkest depths of the deep web is something called Tor. Think of it as a web within the web. It's a secretive network developed by the U.S. Navy. Special software hides your location and lets you visit websites anonymously. That protects soy and political dissidents, but it also protects criminals. Because of that, it is an illicit marketplace where you can find everything from drugs to firearms, to stolen credit cards and child porn. The Silk Road, the infamous site know as the Amazon of drugs operate in the deep web until it was shut down. But it is a game of whack-a-mole. Once one market place shuts, another opens. The so-called 2.0 is up and running weeks later. In a world where every day seems to bring new massive hack --
UNIDENTIFIED FEMALE: Is my information for sale on the dark web right now?
UNIDENTIFIED MALE: This is where the loot is bought and sold. Chances are there's a little piece of your personal data somewhere in the deep web.
(END VIDEOTAPE) (COMMERCIAL BREAK)
SAVIDGE: Sony pictures went from a punch line to a rallying cry in just days. First there were the emails you know the ones we're talking about stolen by a shadowing group called guardians of peace mocking everybody from Angelina Jolie to President Obama. But it didn't take long to escalate from an online threat to a real life warning to Sony to pull the movie "the Interview" or face a possible terror stack. Sony backed down. The hackers called that decision quote "wise."
Some in Hollywood have called it something else such as cowardly and disgraceful. They've also asked what's next. President Obama talked about that yesterday and he called out Sony for what happened to "the Interview".
(BEGIN VIDEO CLIP)
OBAMA: Sony is a corporation. It suffered significant damage. There were threats against its employees. I am sympathetic to the concerns that they faced. Having said all that, yes, I think they made a mistake.
(END VIDEO CLIP)
SAVIDGE: So will Hollywood be scared to make ISIS say the villain in a movie? Can anyone threaten a terror attack to stop the release of a film? Will the studios be scared to make a movie that will offend someone?
We are going to take a look at all those questions for the rest of the hour. So let's talk about this right now with our panel. From "the Daily Beast" Michael Daly, also CNN money tech correspondent Laurie Segall and then from Los Angeles, national security analyst, Bob Baer.
And first, Michael to you, let me ask you, is the president right? Did Sony make a mistake here?
MICHAEL DALY, SPECIAL CORRESPONDENT, THE DAILY BEAST: I mean, I think so. You know, I think the mistake probably was making the movie with an ending like that. But given that mistake and you got the movie, I mean, I don't know how you let some bunch of hackers threaten you and commit you not to release a movie. I mean I just don't get it.
SAVIDGE: Although, I imagine that beyond just trying to stand up for a nation, for the right of freedom of speech there was a business decision made here.
And Laurie let me ask you, what's the reaction from Sony through all of this?
LAURIE SEGALL, CNN MONEY TECHNOLOGY REPORTER: You know, I think when you actually talk to sources inside Sony and also in Hollywood, there's this sense of vulnerability. I got off the phone with someone who said we're just waiting. We don't know what's out there. We don't know if something else is going to be leaked. We're all using our personal emails because we're scared to use our corporate emails. And I spoke to an insider earlier in Hollywood. He said will this have -- will this affect censorship? Will we be self-censoring ourselves in the future and her answer was 1,000 percent. She said no in Hollywood right now is using their emails. They are all getting on the phone and talking to each other. She said this is unprecedented and the whole community is very, very scared of the ramifications of this.
SAVIDGE: All right, it is such a quite little notion.
SEGALL: Imagine they are talking to each other --
SAVIDGE: Talking to somebody on the telephone.
Let me -- Bob, do you think that Sony here or the terrorists were finding or showing a new way to attack America? I think that many in the industry knew of this threat, but in the public we were not aware it could be so devastating.
ROBERT BAER, CNN NATIONAL SECURITY ANALYST: Well, I think in the industry nobody quite believed that they could simply, you know, empty Sony's computers like this, including films, personal emails, the chairman and do major, major damage to a studio. I think we all sort of knew that could happen but it never had. Stealing a credit card number from a company is one thing. But the damage to Sony is unprecedented. I don't remember anything like this. And it is certainly is a wakeup call for the rest of the industry and for the rest of the United States that all these computers are vulnerable if they are on the internet you can get in them especially when a state is behind it, probably North Korea.
SAVIDGE: You know, we talk about how this was, you know, a cyber attack. But, Michael, the ramifications are very real. So, should the response on the part of the U.S. be real? In other words should there be some sort of military strike?
DALY: They are going hack you so you are going to bomb them?
SAVIDGE: Well, this has been the debate, though, because each one is considered an attack on a nation.
DALY: First of all, Hollywood is going to win. I mean there's a reason why the North Koreans are so worried about movies and all this because, you know, all people have to do is get a glimpse of the world outside Korea through a movie and it changes everything. There's a North Korean defector who speaks about the transformative moment for her when she saw a bootleg copy of "Titanic." And you know, there are people now in North Korea who risk their lives to look at one of the big things is "Desperate Housewives." So, they are risking third lives to see what's going on wisteria lane. And if that is going on, then you know who is going to win. And so, whatever we do in the moment, ultimately, I think Hollywood is going to win.
SAVIDGE: Laurie, we talked to or they talked about a Christmas surprise, further developments presumably to come Christmas day or thereabouts. What do we know? SEGALL: You know, what that looks like is the same group just posted
online this morning and said they are making fun of the FBI and they were also talking about a Christmas gift. So we just don't know.
And, you know, they might have pulled back because they decided not release the movie on Christmas day. But what Sony said to me is it's a waiting game. We just have no idea. And I can tell you, Martin, from the information that's come out, the trove of data that came out, it released unprecedented the fact that Sony Pictures' CEO had his whole inbox on the Internet for anyone to see. We are talking thousands of emails over the last year. You better bet that these people are very, very concerned right now.
SAVIDGE: Yes. Well, Sony has been hacked before and we are going to talk about that in a little bit, just to say why worth lessons learned.
If a cyber terrorist really wanted to do some damage, Hollywood probably would not necessarily be the top target. So, what do you think would be? How about say the White House? Wall Street? Ahead we'll tell you how they are trying to hit those very targets.
(COMMERCIAL BREAK)
SAVIDGE: Well, we saw how much chaos hackers caused by attacking Sony. Just imagine what it would be like if they found a way to get say in government servers or a bank and you better believe that's just what they are trying to do.
Here's CNN's Chris Frates.
(BEGIN VIDEOTAPE)
CHRIS FRATES, CNN CORRESPONDENT (voice-over): Every day the government is under attack, cyber attack. There were 61,000 hacks and security breaches throughout the U.S. government last year.
TONY COLE, VICE PRESIDENT, FIREEYE: There's an adversary out there whose job, you know, it is to break into our systems. So, you know, somebody is trying 24/7, its going to get much worse than it is today.
FRATES: The White House and state department networks were recently targeted. Cyber incidents involving U.S. government agencies are skyrocketing. That number hit more than 46,000 last year.
UNIDENTIFIED FEMALE: Cyber espionage is increasing at unprecedented rates.
FRATES: In January 2013, hackers hit the army corps of engineers grabbing sensitive information. They allegedly stole data on nation's 85,000 dams including their location, and the potential for fatalities is they were breached.
COLE: People were stealing hard copies of paper work, you know, and passing it off to our adversaries when we had spies. Today, they can actually do it digitally and take, you know, magnitude more data than occur in the past.
FRATES: In July of 2013, hackers infiltrated the energy department taking the personal data of more than 100,000 people. They lifted information including birthdays, Social Security and bank account numbers.
UNIDENTIFIED FEMALE: Government and industry are in a difficult battle against cyber adversaries. They are always very sophisticated actors out there and for them we have to assume an attack could occur. Organizations need to be prepared.
FRATES: The government spent $10 billion on cybersecurity last year but that can't defend against an employee who is duped on clicking on malicious link. As one expert told me, there is no good defense against a stupid user.
Chris Frates, CNN, Washington.
(END VIDEOTAPE)
SAVIDGE: Now, there is a disconcerting phrase.
All right. Well, the hackers aren't about to give up which means that we certainly can't let our guard down for a second.
Michael Daly, Laurie Segall and Bob Baer, they join me again.
And Laurie, you know, I got to ask you. Is the government up to protecting its websites, up to protecting its infrastructure?
SEGALL: I think the government is certainly understanding the power of this cyber warfare and the fact that hackers are constantly trying to get into our infrastructure that they actually have the ability to do real damage. But that number Chris mentioned in his report, 61,000 cyber attacks on the entire federal government over the last year, you better bet they are putting a lot of money into this. But that doesn't mean that they are unhackable. As we know they have been hacked quite a bit over the last year. This is something they are going to have to look into.
SAVIDGE: It's almost as if there's no way to stop it.
But Michael, let me ask you this. Have we been slow either as a government or maybe as corporations to realize how much of a threat this is?
DALY: You know, Sony, I don't seem to have been on top of their game. I mean, if nothing else, they didn't tell their executives that hey by the way, guys, it's the real world and anything you write, any email you send, any numbers you put out there, assume that they can be hacked. I mean, if nothing else, I think all companies ought to tell people that send button is like sending to it Yankee stadium and that delete button means nothing. And I think you got to start with that.
And then you got start saying OK, you have to look at all the attacks and what they have in common. Are there ways we can combat them? And then, you know, there's a lot of smart hackers, but a lot of really matter good guys out there too.
SAVIDGE: it is almost like the attitude would be that, you know, just be mindful that it's likely to get out there so careful on how you say it or what you imply in your message.
DALY: Right. I mean, you don't want to make comment about the president of the United States if you don't want the whole world to read it. I mean, I think, if nothing else, every company in America ought to tell their employees that.
SAVIDGE: Yes.
Bob, let me bring you back into the conversation here. We do this. When I say we I don't mean me, I mean, as a government, the United States, we have used the Internet to attack other nations haven't we?
BAER: Absolutely. We use the Internet. We know the vulnerabilities.
Let me put it this way. Let me get right to it. The CIA, I mean, it has an important intelligence report, it put somebody at a typewriter. Does anybody remember what a typewriter is? Shield the typewriter. They write the report. They type it out, one copy. They hand deliver to it the president of the United States. No intermediaries. He gets to read it. He doesn't get the get, but it sent back.
The CIA operates that, you know, it's on the defensive all the time. It's not complacent and lazy like the rest of America. It has to keep secrets. And the way -- another way to do is no thumb drive in computers. Put things on paper. Stand alone. And no computer in the director of operations is connected to the Internet or any outside system. And even then, it's not considered secure and like I said we go back to typewriters.
Now, I realize that Sony is not the CIA, but you just have to assume if you write an earn mail it's a public document.
(CROSSTALK)
SAVIDGE: I've seen attacks that were allegedly launched against Iran and its nuclear program by the United States against its program there.
BAER: Exactly. We got in. That's a closed country, by the way, too. So it is pretty fantastic that we got in their nuclear system and completely, you know, messed it up. But, you know, I used to be involved in getting into bank documents in Europe and we just completely emptied their databases. And I got to tell you, it was very easy to do. And this is the kind of mentality we have to have if we want to protect our data.
And, you know, this is going to have to happen a bunch of times before corporate America and the government really catches on about the threat out there.
SAVIDGE: And we mention ad couple of times for Sony here. why didn't they learn their lesson 2011 was another example? SEGALL: In 2011, there were something like 77 million user accounts
that were stolen. So you would have thought that. And I actually spoke to a security analyst and what they are saying is because they should have learned. Here is the direct quote to use "they are idiots. They should have learned by then."
But you know, what's interesting about this attack, we talk about how sophisticated the attack was on Sony. But really, if you look at it, what was sophisticated to think of it like a robbery, right? You go into a home and you could do a little damage. You can take a pencil, right? Well, they didn't going and do one thing. They took everything and burned the place town. The sophistication was how much data they were able to take. I mean, just simply the idea that Sony never estimated that kind of damage could be done internally.
SAVIDGE: Well, they always say when it's a big company and they take a sophisticated attack because it makes the company look better.
Bob, let me ask you this. What about the retaliation? And I mentioned this to Michael. I ask you, could it turn to where the United States decides that a military strike is the appropriate way to respond to a cyber attack?
BAER: Well, Martin, I agree with Mike. We can't bomb North Korea. This is an irrational regime. They will set off a nuclear bomb somewhere. Who know where? They can get to Los Angeles, for all we know.
They are not really on the Internet. Their banks aren't connected with the rest of the world. What we have to do is get a protocol with Russia and China to get this stuff because they can do a lot to control this and the Chinese are affected by this as well. So we have to have some sort of new trade diplomatic -- and they tighten up the embargo as much as we're able to. But there's not a whole lot you can do about a rogue state. They just sort of do what they want to do and one that's insane worries me.
SAVIDGE: That's the definition of a rogue state.
Alright, but say with me because the Sony hack could cost the company, as we know, hundreds of millions of dollars. But what if I told you the equipment to carry out an attack like that costs about $500? Scared yet? Well plenty of companies are. That's ahead.
(COMMERCIAL BREAK)
SAVIDGE: You can buy anything on the web even a hack and it might seem incredible but hackers are looking for work on the web. Ready to put their skills to any evil use and I want doesn't even cost that much, just hundreds of dollars to create millions of dollars of chaos.
And Laurie, you found out how easy it is for all of this to happen. We are going to take a look in respond and come back and talk about it.
(BEGIN VIDEOTAPE) UNIDENTIFIED MALE: You want us to kill the leader of North Korea.
UNIDENTIFIED FEMALE: Yes.
UNIDENTIFIED MALE: What?
SEGALL (voice-over): The next Sony hack is for sale in the dark corners of the web to bring down a webpage for an hour depending on the Web site only $2 to $60 on the Russian underground page. To redirect people to a fake site, that is going for $750. And what about an attack like the one on Sony?
UNIDENTIFIED MALE: Out of pocket, you probably are looking at maybe $500 to $1,000 of coding time, to get something like that it seems.
SEGALL: All of these services available for purchase on an illegal form on the dark web in the deep corner of the internet, often accessed through encrypted browsers. The FBI may have traced the Sony attack to North Korea. But in the Wild West of the Internet, you don't have to be a sophisticated criminal to launch a devastating cyber attack. You just need an Internet connection.
UNIDENTIFIED MALE: You don't need to learn how to build a gun anymore. You don't need to be a coder in order to purchase a cyber (INAUDIBLE) and adequate naval launcher to it in these forums.
SEGALL: Many of these forums based in Russia, Brazil and China are making billions but not just anyone can enter.
UNIDENTIFIED MALE: Those people think that right now that they want to go visit these forums and try to buy these capabilities usually well-aware that the second you enter the forum you probably have been hacked.
SEGALL: As these online communities thrive, more cyber criminals can get their hands on the keys to major corporations. What makes the Sony hack different it wasn't about money.
UNIDENTIFIED MALE: The fact most hack attacks have a financial motivation behind them, and this one didn't, is significant which really speaks to the fact that geopolitics are now serving as a harbinger for attacks.
SEGALL: And just may level the playing field for smaller enemies everywhere who want something.
(END VIDEOTAPE)
SAVIDGE: Well, if they want something how do we stop them? Can we stop them? So let's talk about that with our panel. That's Michael Daly, Laurie Segall and Bob Baer.
And Laurie, I mean, is there a way to stop anybody or will there always be an opening and they will find a way in?
SEGALL: It's an offense/defense game, right? You have got -- even if you are a company, you need to constantly be trying to break your system all the time. That's how you figure out if there are flaws in your system.
Well then, (INAUDIBLE) one of those sites online where these underground forums makes $10 million a week. They actually have hacker hot lines, right, where you call-up and you're buying these hacks and you can actually get customer support because you get it if you pay for it.
So these are very sophisticated marketplaces. And it's so scary because you almost don't have to be that sophisticated of a criminal, cyber criminal anymore. You just have to be able to click buy, being able to put together some code and then put it out there. That's what's really scary about this.
SAVIDGE: It is like hiring a gun but you're hiring them for a virtual hit.
So Michael, is the time we wake up? Do you think, as a nation, we start go back to maybe I shouldn't send that memo, I should type it.
DALY: I hope so. I mean, we get horrible massacres enough that happens after a couple of months. So I'm not sure Sony getting hacked and Amy Pascal get embarrassed is going to change everything.
But I mean, I tell my kids, you know, there's no privacy online. And you know, I think everybody should tell their own kids and I think employees should tell their -- employers should tell employees and executives should tell themselves in the mirror. And you know, it is --
And the other thing is everybody talks about the great damage done to Sony. I mean, I guess financially maybe and they were embarrassed yet. But I mean, nobody got killed. Nobody lost their life. And I think to back down and act scared of these guys it only intoxicates someone, it only going to encourage them to do more.
And you know, come back and taunt people and all that. But I think, you just got to say to yourself we'll do our best to stop them. If they get in we'll be a little embarrassed and learn from it. But I think you have to got to be able a little hard back to them. It is like living in the Wild West.
SAVIDGE: Bob Baer, I want to bring you back in. You know, we're talking about the president, his daily brief. Apparently, he gets it delivered on some kind of tablet. You were talking about what the CIA does. Does it surprise you the president, you know, sits down there with his whatever device that is and gets his full brief?
BAER: Well, if it's encrypted, it's fine. But what I'm talking about is the really sensitive information that only the president should see. And you don't put that in digital form ever. And it's the same way with us. If you have any secrets -- I don't have any secrets myself, but if I did have any, I would simply go see somebody and tell them at the very least fax it. I mean, someone having a fax intercept on your phone is likely to be the government and that's it. But email and the rest of it, a couple of years ago I worked for the
United Nations against Hezbollah which murdered the former prime minister in Lebanon. And they used of what would have been considered a foolproof system, a closed-circuit of cell phones, prepaid all the rest of it, you know, simply by getting into the telephone system using data analytics we caught these guys and Hezbollah is the best on technical stuff.
So I mean, what it tells me is you just have to go back to carrier pigeons and that sort of it and forget cell phones. I have access to a software system that, Marty, can take your phone over and completely control it. That means send out fake emails if I want, listen to your calls, log on to illegal sites which would frame you for a crime. It's a catastrophe that in a digital age, if you want to keep a secret.
SAVIDGE: Well, it just shows you the people of a certain age now could be of great value to tell people how to use the telephone and the typewriter.
But were the people you talked to, Laurie, surprised at the extent and just how hard this seemed to hit Sony?
SEGALL: I was surprised how they were not surprised at all. I spoke to a guy who used to do security for Sony in 2006 and 2007 and he said, you know, they were gearing up for this. That that was his quote they stopped working with them later. But he said he just described how much work needed to be done.
And I'll tell you something, Martin, going to these hacker conferences and there are couple of them a year where you have these guys showing you, to Bob's points, how much of your information they are able to steal, how much how someone can sends you a link and you click on it and your whole compute certain over. We're entering this age because we're so much connected now than we were.
You know, this could have -- there could have capabilities like this a little while ago. But because we have these devices now, because we have connected homes, we are so much more at risk now, we have to encourage people to invest more on security in general. I think this is at least opening the nation's eyes because this was Hollywood and this was a popular community people.
SAVIDGE: It could have been a lot worse.
SEGALL: Sure.
SAVIDGE: Alright, Laurie Segall, Bob Baer, Michael Daly, thank you all very much for joining us.
After that one hack, one A-list celebrity really tried to rally support for Sony, George Clooney. He tried to persuade Hollywood to come to Sony's defense. And nobody wanted to join him. So is free speech dead in Hollywood? That's ahead.
(COMMERCIAL BREAK) SAVIDGE: North Korea's anger over "the Interview" is certainly not the first time that a country has been upset with Hollywood.
In 1979, communist countries, including Russia and East Germany, freaked out over the award-winning film "the Deer Hunter" when "Shinlder's List" was debuted, Muslim countries called it vial propaganda. And then in 2003, Iran called the release of "the 300" an act of war. But now that Sony and theater owners around the country have given apparently given in to the hackers demand, does Hollywood really change forever.
Well, we want to talk about that with Michael Musto. He is the columnist for out.com.
And let's just start there. I mean, is freedom of speech dead in Hollywood when it comes to films?
MICHAEL MUSTO, COLUMNIST, OUT.COM: Well, through the years, movie studios have always sort of pulled their punches. Sometimes, they won't release something they may think is offensive. They'll cut something.
In this case we're just not talking about just about freedom of speech. We do have freedom of speech and American entertainment for the most part. We reserve the right to release movies and then we can boo them, protest them, picket them. I've written horrible things about movies I hated, but I never advocated not showing them. I just said give me the chance to get a free ticket because I don't want to pay and yell boo at the screen. In this case they were dealing with international very credible, terrorist threats.
SAVIDGE: Right.
MUSTO: So, of course, it gets more complicated now that North Korea said we had nothing to do with this. How dare you call us bullies? And by the way, if you don't cooperate with us on an investigation, we're going to do something to you.
SAVIDGE: Right. And let me just bring out that Fareed Zakaria of CNN had a chance to speak to the president of Sony. So let's play a little bit of that and we can talk about their response.
(BEGIN VIDEO CLIP)
FAREED ZAKARIA, CNN HOST, FAREED ZAKARIA GPS: Why not release it online in some form or the other, video on demand?
MICHAEL LYNTON, CEO, SONY ENTERTAINMENT: There are a number of options open to us and we have considered those and are considering them. As it stands right now, while there have been a number of suggestions that we go out there and deliver this movie digitally or through DOD, there has not been one major DOD video on demand distributor, one major e-commerce site that has stepped forward and said they are willing to distribute this movie for us. Again, we don't have that direct interface with the American public. So we need to go through an intermediary to do that. (END VIDEO CLIP)
SAVIDGE: Back with Michael Musto again.
Let me ask you this, Michael, do you think it is possible the studio will release that film in any way?
MUSTO: They say that they actually want to and making this more complicated than the plot of "the Interview" is the fact that Sony says we had every intention to releasing is and we want to. It's the theater chains that would not -- refuse to show it because they are -- .
SAVIDGE: That's true. The first theater chain said, no. They don't want to run that.
MUSTO: And you have another subplot going with President Obama says you people should have contacted the White House and Sony says we did. So this is going to make a great movie. I hope somebody releases it someday.
SAVIDGE: Well, George Clooney is involved. So he might be in that movie. Now, he says that he actually tried to start a petition and then got no traction from anyone to come to the defense of Sony.
MUSTO: And he's George Clooney. Everybody loves George Clooney.
I actually do feel sympathy for Sony. I would not like to be in their shoes to have to decide between whether you are going to reckless -- not recklessly, but bravely and boldly release this movie despite the threats or you're going to cower and try to do what you think is going to save lives or prevent violence. It's a very tough situation.
I'm actually all for freedom of speech and expression, so I hope this sees the light of day even though this movie is apparently not "citizen cane."
SAVIDGE: No, it's not. And that brings up an interesting point. Maybe if Sony said look, if it was (INAUDIBLE), we would have stood up and fought. But it's a relatively low budget and minor film for them. And if people were in anyway frightened from showing up at the movie theaters at what is the peak holiday viewing time, it would have a devastating impact on Hollywood which hasn't had a very good beginning to begin with.
MUSTO: Well, when I saw the trailer for the movie I called my friend immediately and said looks like we have a front-runner for the Golden Razzies, the worst of the year. However, I have to say, Seth Rogen and James Franco also did a movie called "this is the end" which was pop comedy a few years ago which was hilarious. And I'm all for hyperbolic, satirical, outrageous gross-out movies like this one. So Sony says they want to release it. I think we are actually going to see it in some form. Somebody out there has to be brave enough to say we'll show it and someone might be brave enough to show up and watch it.
SAVIDGE: I would love to go. I would love to go. And I think probably all the publicity has made it that way for me, so.
Michael Musto, thank you very for joining us.
MUSTO: Thank you.
SAVIDGE: And you can see the complete interview with the Sony Entertainment CEO, that is Michael Lynton, that will be tomorrow morning a "FAREED ZAKARIA GPS" at 10:00 eastern.
CNN NEWSROOM continues right after the break.
Don't forget tonight at 7:00 Eastern, "Blackfish," the story of a SeaWorld trainer that was killed by a 12,000 pound orca. That was in 2010. It gained international attention for the way that it challenged the concept of keeping killer whales for entertainment. That will be tonight at 7:00.
I'm Martin Savidge. I'll see you after the break.
(COMMERCIAL BREAK)
