US Korea Institute

Thursday March 23rd 2017
Subscribe to Our RSS feed@38NorthNK on Twitter
38 North offers informed analysis of events in and around the DPRK.

Subscribe for latest



“Not Proven”

12 December 2014

Courts and juries in Scotland can find a person guilty or innocent, but they have a third verdict, “Not Proven” that falls in between. “Not proven” means, colloquially, we believe they did it but there isn’t enough evidence to conclusively find the suspect guilty or to find them to be innocent. Not proven is a good description of the role of North Korea in the Sony hack. Let’s review a sequence of events:

  • Sony produces a comedy about the assassination of North Korea’s leader. The North Koreans are displeased with this and in July, threaten a “resolute and merciless” response unless the film is banned.
  • North Korea complains to the United Nations about the film, calling it “terrorism,” (a term also used by the hackers). The DPRK letter to the Secretary General said: “To allow the production and distribution of such a film on the assassination of an incumbent head of a sovereign state should be regarded as the most undisguised sponsoring of terrorism as well as an act of war.”
  • Sony is hacked, with data erased, embarrassing emails and personal information of Sony employees posted online, and several unreleased Sony films made available on the internet for illegal downloads. The posting of personal data is suggestive. The norm is for personal data obtained through breaches to be sold by the hackers, but in this case, it was made public, suggesting that profit was not the primary objective of the hackers.
  • Some of the malicious code is written in Korean, suggesting that the programmers were Korean or, possibly, non-Korean programmers who learned Korean and wrote it into the code to confuse efforts at attribution.
  • The Sony incident is very similar to several earlier actions taken against South Korean banks and television stations, the latest being in April of 2013. While there is again no “conclusive” evidence, the attacks followed public threats by North Korea, erased data, released private information, and disrupted services.
  • Several days after an attack, an unnamed North Korean source denied that it was responsible for the Sony action. It is routine for nations to deny covert activities.
  • An unknown group makes unspecified financial demands on Sony, which could be a third party trying to exploit the situation, an effort to confuse matters, or a real extortion request.
  • A few days later, a spokesperson for North Korea’s National Defense Commission said he did not know the reason for the attack, but called it “a righteous deed” carried out by North Korean “supporters and sympathizers.”

This sequence of events is by no means conclusive, but it is suggestive. Looking at it, there are three possible explanations:

  1. This was an act of retribution by the North Korean government similar to previous acts of retribution against South Korean media outlets. The action against Sony is consistent with previous North Korean cyber “attacks.”
  2. Activist South Korean programmers enamored of Kim Jong Un were responsible.
  3. Activists outside Korea were responsible, learning enough Korean to confuse matters.

We know that North Korea, beginning under the previous leader Kim Jong Il, has invested in developing cyber capabilities and official South Korean sources say these capabilities, while not yet very advanced, have been used perhaps six times by the North against South Korean targets for political purposes.

In 2009, less sophisticated denial of service attacks were used against US and South Korean government agencies. The perpetrators have never been identified and no one has claimed responsibility, although both North Korea and South Korean activists were suspects. The attacks against Sony were more sophisticated, had a clear political motive, and are consistent with past North Korean activity. They are also similar to the attack against Saudi Aramco by Iran, and North Korea has some relationship or consultative nexus with Iran. Hacking Sony, if North Korea is responsible, shows consistent progress in cyber capabilities and a new willingness to use hacking against targets outside of North Korea.

Global norms on responsible state behavior in cyberspace are emerging, but as with nuclear weapons, there will be a few countries that ignore them. Iran has similarly used hacking to make a political point against US companies, as has the Syrian Electronic Army. Russia has also used cyber activities for political purposes. The list of countries—North Korea, Iran, Syria, and Russia—is telling. These countries largely lie outside the reach of jurisprudence and have demonstrated their disregard for international norms of behavior.

Sony is punished, North Korea is pleased, the film’s ending will likely change. Not proven is not the same as innocent, but everyone should draw their own conclusions.

Reader Feedback

4 Responses to ““Not Proven””

  1. John says:

    In response to Ross,
    I would just add that the “Not Proven” verdict will always
    carry a certain stigma that the accused may have done it,
    even though the defendant did not do it in fact.

    Under the two-verdict system,
    it is true that there is a chance that
    the accused may go free when he/she actually
    committed a crime. However, that seems to be
    an unavoidable price to pay to protect the innocent.

    Just look at what happened to the Sony hacking case!
    The author in this article insinuated that N. Korea
    probably did it. FBI also hastily accused the North likewise.
    But now many security experts have written that they
    have much doubts about the US charge.

  2. Ross says:

    >>I am glad that we did not adopt the Scottish rule.
    >>Our standard of proof in a criminal case seems far superior:
    >>the accused is presumed innocent
    >>until proven guilty beyond a reasonable doubt.

    lol, perhaps you should read the article again. Nowhere does it say our standard of proof is any different to yours; simply that we have an additional option when returning a verdict.

    To begin, we have the presumption of innocence and indeed, their guilt must be proven beyond a reasonable doubt. So we meet that standard exactly as much as you do.

    To take just one example, think about all the rape cases in which the jury genuinely believe the crime occurred and in which they do genuinely want to convict the suspect, yet they also feel that the standard of evidence doesn’t meet the criteria set, even if just by a narrow margin.

    Do you think it’s right that they should have to say “He definitely didn’t do it and we’re proclaiming him innocent”? Or do you think it’s fair that the jury can simply say “You haven’t proved sufficiently that this person committed this crime”.

    Nothing about the Not Proven verdict implies any less innocence; it simply serves to show that guilt was never proven, but innocence wasn’t either. If a person is innocent until proven guilty then by definition, the Not Proven verdict doesn’t make them any less innocent because they’re not proven guilty by a Not Proven verdict.

    Having only two options seems to imply that if you can’t prove something happened beyond reasonable doubt then it definitely didn’t happen. That’s just silly.

    I think if you think about it a little more John, you’ll see having a third option is far superior, even if just for the sake of vulnerable women :)

  3. Lucinator says:

    As a American I can tell you that the ending wont change based on past history of the directors, Sony is just a distributor and does not have the sway the production company does. Also if the response of the directors is any indication (high fiveing and congratulating each other after the news of the North’s actions), they will actually hype this action to promote the movie.

  4. John says:

    I am glad that we did not adopt the Scottish rule.

    Our standard of proof in a criminal case seems far superior:
    the accused is presumed innocent
    until proven guilty beyond a reasonable doubt.

Leave a Reply

Credit for photo of young North Korean girl: T.M. All rights reserved, used with permission.