TIME Media

Sony Chief Says ‘We Have Not Caved’ on The Interview

"We have not given up," Michael Lynton said after his studio cancelled the movie under pressure

Sony Pictures Entertainment CEO Michael Lynton defended his company’s decision to cancel the release of The Interview on Friday, even as the company refused to rule out releasing the movie in other ways.

Lynton said Sony’s decision was prompted by movie theaters opting not to show the film after hackers, who U.S. officials believe are linked to North Korea and who have wreaked havoc on the studio by disclosing emails and other company information, threatened 9/11-style attacks. Moments earlier, President Barack Obama had called the move to cancel the Christmas Day release a “mistake.”

“The unfortunate part is in this instance the President, the press, and the public are mistaken as to what actually happened,” Lynton said on CNN. “When it came to the crucial moment… the movie theaters came to us one by one over the course of a very short period of time. We were completely surprised by it.”

Read more: You can’t see The Interview, but TIME’s film critic did

Sony said in a statement later Friday that its decision was only about the Christmas Day release.

“After that decision, we immediately began actively surveying alternatives to enable us to release the movie on a different platform,” the studio said. “It is still our hope that anyone who wants to see this movie will get the opportunity to do so.”

Obama told reporters he wished Sony had reached out to him before canceling the film’s Christmas day release. It depicts a fictional assassination attempt against North Korean leader Kim Jong Un.

“We cannot have a society where some dictator someplace can start imposing censorship here in the United States,” he said. “Imagine if producers and distributors and others start engaging in self-censorship because they don’t want to offend the sensibilities of someone who’s sensibilities probably need to be offended.”

Lynton denied the studio had given into the hackers’ threats.

“We have not caved. We have not given up,” he said. “We have always had every desire to have the American public see this movie.”

Read next: Obama Says Sony “Made a Mistake” Pulling ‘The Interview’

MONEY Odd Spending

‘The Interview’ Poster Now Listed at $1,000 on eBay

141219_EM_Interview
Would you pay $1,000 for this poster? © Columbia Pictures—courtesy Everett Collection

After Sony cancelled the release of the controversial Seth Rogen movie The Interview, some collectors are thinking posters of the film are worth big bucks.

The Interview may make no money whatsoever at the box office, and it could wind up costing Sony Pictures over $100 million after the decision was made this week to cancel all screenings amid widespread threats to theaters. Still, the film—a comedy that depicts the assassination of North Korea leader Kim Jon Un, and which appears to be the impetus for North Korea’s involvement in a devastating hack of Sony, the production company behind it—could wind up earning some folks a pretty penny.

The Huffington Post noticed on Thursday that posters from the canceled movie had begun surfacing for sale on eBay, with asking prices in the neighborhood of $500. Pop culture experts forecast that these posters will be worth “$15, maybe $20″ in a year, when, presumably, all the hubbub about The Interview and the Sony hack are old news.

Still, this hasn’t stopped entrepreneurs from trying to milk the movie’s moment in the spotlight for quick and easy profits. At last check on Friday, there were around 500 results on eBay for “The Interview Poster.” Some sellers are asking $1,000 or more for vinyl 5′ x 8′ posters of the controversial film.

The highest price paid on eBay for one of the posters appears to be $787 for a 27″ x 40″ double-sided theatrical print that received 59 bids in an auction that ended on Thursday. The market appears to cooling off significantly, however. As of Friday morning, very few posters listed at eBay auction had been bid up beyond $250, and dozens of new listings had no bids whatsoever.

TIME Business

Capitulating to Terrorists Will Only Make Things Worse

Sony Hack Theaters
A poster for the movie "The Interview" lays on the ground after being pulled from a display case by a worker at a Carmike Cinemas movie theater on Dec. 17, 2014, in Atlanta. David Goldman—AP

Professor Alan Dershowitz’s latest book is Taking the Stand: My Life in the Law.

There are steps that can be taken both by our government and by the private sector to confront these attacks on our liberty

If the North Korean government is in fact behind the hacking of Sony and the threats of violence directed against theaters that planned to show The Interview, then the United States has been a victim of warfare directed against our most basic right—free expression. Those who hacked and threatened violence succeeded in doing something the U.S. government could not do: namely censor a movie based on its content.

North Korea’s apparent victory over this film is but a coming attraction of things to come. If hacking and threats can shut down a poorly reviewed comedy, they can also shut down newspapers, magazines, television stations, and other media. This then was the Pearl Harbor of a war that is just beginning.

Like all wars, there were preludes. The prelude for this one came in an unlikely location: Yale University. Several years ago, the Yale University Press published a book on the controversy surrounding the cartoons of Mohammad that had appeared in several Scandinavian newspapers and provoked violent responses. Naturally, the book, as submitted, included the cartoons that were at the center of the dispute. But Yale University Press decided to censor these cartoons out of fear that their inclusion might endanger the lives of Yale students and faculty. Yale’s understandable decision set an unfortunate precedent that has now been followed by Sony and by the theaters that pressured Sony into canceling The Interview.

There is no simple solution to this dilemma. On the one hand, terrorists cannot be allowed to succeed in their censorial goals by hacking and threatening. On the other hand, responsible institutions must do everything in their power to protect their employees, their students, and the general public. It is precisely the object of the terrorists to create this dilemma, knowing that democracies will generally err on the sides of caution and protection.

In one sense, this dilemma is not unlike those faced by democracies that must decide whether to pay ransom to ISIS and other terrorists groups in order to prevent their citizens from being beheaded. There is no perfect solution to either dilemma. But there are steps that can be taken both by our government and by the private sector to confront these attacks on our liberty.

Our government must respond strongly, but it is constrained by North Korea’s possession of nuclear weapons. This should be an object lesson for how important it is to America, and to the rest of the world, to stop Iran from obtaining nuclear weapons. Iran too is a cyber-superpower, as well as the world’s leading sponsor of terrorism. A nuclear Iran would stop at nothing to censor anything it found offensive to its radical brand of Islam. It may be too late to stop North Korea from flexing its nuclear muscles, but it is not too late to stop Iran from becoming the world’s most powerful censor.

The response of the private sector can be much stronger as well. When Islamic extremists directed threats were made against Salman Rushdie, the author of The Satanic Verses, several leading publishing companies agreed to publish the book jointly in a show of solidarity against censorial threats. Although Rushdie had to live in hiding for several years, as the result fatwa issued against him by Iran’s supreme leader, freedom of speech prevailed and his book was published and widely read. In the Sony case, there was no such collective support. Nor did Sony itself do everything it could to strike a proper balance between caution and artistic freedom. It should have offered the film free on the Internet so that millions of people around the world could choose to see what North Korea didn’t want them to see. They can still do this, thus showing the North Korean’s leaders that private companies have ways to fight back. Such an action would not eliminate all risks, but it would remove movie theaters in malls as soft and highly visible targets.

None of these proposals offer perfect solutions to an intractable dilemma that will only get worse if we simply capitulate to the censorial terrorists.

Professor Alan Dershowitz’s latest book is Taking the Stand: My Life in the Law.

TIME Ideas hosts the world's leading voices, providing commentary and expertise on the most compelling events in news, society, and culture. We welcome outside contributions. To submit a piece, email ideas@time.com.

TIME movies

This Is How Much It’s Costing Sony to Cancel The Interview

A poster for the movie "The Interview" is carried away by a worker after being pulled from a display case at a Carmike Cinemas movie theater on Dec. 17, 2014, in Atlanta.
A poster for the movie The Interview is carried away by a worker after being pulled from a display case at a Carmike Cinemas movie theater on Dec. 17, 2014, in Atlanta David Goldman—AP

The Interview reportedly cost around $44 million to make

Sony announced Wednesday it would cancel The Interview‘s Dec. 25 release after numerous theaters decided not to screen the film in the wake of terrorist threats.

The Interview reportedly cost around $44 million to make, according to Fusion, who cited documents leaked by the hackers targeting Sony Pictures. Meanwhile, Sony has already spent “tens of millions” on advertising and promotion, Variety reports. Remaining TV ad campaigns have been slashed, which should allow Sony to cut costs.

Still, this means Sony needs to find a way to pay off between $60 to $70 million in costs — even if the company saved a few million by nixing the ad campaigns, Deadline estimated on Wednesday. (The Wrap estimated a much higher figure — $90 million in total, accounting for the high cost of domestic and international marketing.)

Paying off those costs would have almost definitely been possible, as surveys tracking audience interest predicted The Interview would rake in $30 million in only its first four days, according to the New York Times. While $30 million is only about half of the estimated costs, if The Interview was like other successful comedy, that number would’ve risen in the successive months and years. Consider a similarly hyped film like 2009’s The Hangover: that film took in around $44 million during its opening weekend, a figure which has since risen to $277 million.

TIME Innovation

Five Best Ideas of the Day: December 18

The Aspen Institute is an educational and policy studies organization based in Washington, D.C.

1. By breaking with the Cuba lobby, President Obama could massively disrupt American interest group politics.

By Noah Feldman in the Salt Lake Tribune

2. Sony can take a stand against the hackers whose threats have forced them to pull “The Interview” by giving the movie away online.

By Bryan Bishop in the Verge

3. Could the West help save the ruble without throwing Putin a lifeline?

By Juliet Johnson in the Globe and Mail

4. By tracking rising global temperatures, satellites can predict cholera risk.

By Dr. Kiki Sanford in BoingBoing

5. After the Taliban’s shocking attack on a school in Pakistan, the military there understands “the Frankenstein that it helped to create must now be killed.”

By Peter Bergen at CNN

The Aspen Institute is an educational and policy studies organization based in Washington, D.C.

TIME Ideas hosts the world's leading voices, providing commentary and expertise on the most compelling events in news, society, and culture. We welcome outside contributions. To submit a piece, email ideas@time.com.

TIME North Korea

The Interview May Be Funny; North Korea and Kim Jong Un Are Not

North Korean leader Kim inspects the Artillery Company under the KPA Unit 963, in this undated photo released by North Korea's KCNA in Pyongyang
North Korean leader Kim Jong Un inspects the Artillery Company under the Korean People's Army Unit 963 in Pyongyang on Dec. 2, 2014 KCNA/Reuters

The Sony Pictures movie has been shelved because of alleged threats by North Korea — a country that should be taken seriously

If you were hoping to spend Dec. 25 at a movie theater watching a comedy about the violent death of a dictator, you are out of luck.

Sony Pictures on Wednesday announced it is pulling The Interview, the Seth Rogen and James Franco film linked to a massive hack and threats of violence on U.S. soil. The decision came as authorities investigate whether or not the threats are credible, and in advance of solid evidence about who is responsible for the attacks. U.S. intelligence officials believe it was North Korea; others (including the smart folks at Wired) say the links are tenuous at best.

I’ll leave the cyberforensics to the pros and steer clear of questions about the film itself. I have not seen it (though TIME’s esteemed critic, Richard Corliss, has), and though I suspect scholars will have a field day dissecting The Interview‘s handling gender and race, I defend the studio’s right to make movies about whatever they choose. The Interview may be, as Corliss writes, a “parade of ribald gags,” but Americans, unlike North Koreans, are free to watch such fare. Ribald is nothing.

As a Beijing-based correspondent who often writes about North Korea, the interesting bit is how the fury surrounding the film casts light on how we think about the Democratic People’s Republic of Korea (DPRK), as the country is officially known. Despite its axis-of-evil pedigree, its truly egregious human-rights record, and a nuclear weapons program, North Korea is more of a punch-line than a policy priority or topic for serious, sustained discussion. And that, I reckon, is what’s really dangerous.

It is not the jokes, exactly, but the fact that they play into a narrative that wildly underestimates, or willfully ignores, North Korea. Asked by the New York Times about the fallout from the film, Rogen, said the backlash was “surreal, “not something that we expected at all.” Few expected a hack of this magnitude, sure. And Kim Jong Un’s regime may not be directly responsible for this particular attack. But his country is indeed experienced in cyberespionage. And yet, Rogen could not fathom that they’d lash out?

In a roundabout way, Rogen’s quote reminded me of comments by Merrill Newman, the 85-year old veteran who spent two months as a detainee in Pyongyang before being released in December 2013. During the 1950–53 Korean War, Newman led South Korean fighters operating behind enemy lines. North Korea hated the unit. Yet, according to The Last P.O.W., a new Kindle Single written by longtime foreign correspondent Mike Chinoy, Newman entered as a tourist unconcerned that he could run into trouble with the regime, let alone be arrested and detained for war crimes.

Some DPRK basics: for North Korea, the Korean War, also known as the Fatherland Liberation War, never ended. There was an armistice agreement, but it was meant to be temporary; a peace treaty was not signed. North Koreans are taught that the country’s founder, Kim Il Sung, was a masterful general who repelled two waves of foreign invaders, the Japanese, and then the Americans and South Koreans. His son, the late dictator Kim Jong Il, and his grandson, current leader Kim Jong Un, stayed in power in part because they’ve convinced their people that the U.S. military and its South Korean allies could return at any moment, and only a strong leader — a veritable God among men — can keep them safe.

As much as he’s revered at home, Kim Jong Un is infantalized by outsiders. When he came on the scene in late 2011, biographical details were scarce. We knew that he was probably in his late 20s, that he spent part of his adolescence at a boarding school in Switzerland, and that he might like basketball. From these clues were cobbled a narrative that felt credible: he was young, malleable, and maybe more open to the West. TIME put him on the cover under the tagline “Lil Kim.”

It’s worth considering how wrong we were to dismiss him. There is no question that Kim Jong Un is younger than your average autocrat. But he did not emerge, baby-faced and bumbling, from nowhere. He was raised by dictator Dad in a family where shooting is the preferred pastime. At some point after his stint in Switzerland, he attended his country’s most prestigious university, the Kim Il Sung Military Academy. After purging his uncle, touring sad-looking factories, or disappearing for a while, people were quick to count him out. Each time, he proved us wrong. His long-suffering country is still in a tenuous position: the economy is weak, and thanks to the porous border with China, ordinary people have more access than ever to foreign goods and ideas. Hunger persists, health care and education are rudimentary or absent, especially in rural areas, and people have almost no political or civil rights. These are serious and enduring problems. But from a North Korean perspective, the leader is strong.

If you need to crack a Kim Jong Un joke this holiday season, I get it. We tend to joke about things that are strange, things that scare us, and things that we don’t quite understand. But do so with an eye to what’s really going on north of the 38th parallel. The Interview may be funny. North Korea definitely is not.

Read next: Everything We Know About Sony, ‘The Interview’ and North Korea

TIME Security

Everything We Know About Sony, The Interview and North Korea

What we know, what we don't know, and how a movie got pulled

Sony Pictures Entertainment said late Wednesday that it’s pulling The Interview, a comedy about two journalists tasked with killing North Korean ruler Kim Jong Un. Sony’s move came a day after a cryptic message appeared online threatening attacks against theaters that played the film, and several weeks after hackers first breached Sony’s system and posted troves of private emails and other data online.

Shortly after Sony decided to scrub The Interview, a U.S. official confirmed to TIME that American intelligence officials have determined North Korea was behind the Sony hack, though no evidence has been disclosed.

Here’s everything we know for sure about the Sony hack, up until now.

What happened?

On Nov. 24, Sony employees came to work in Culver City, Calif., to find images of grinning red skulls on computer screens. The hackers identified themselves as #GOP, or the Guardians of Peace. They made off with a vast amount of data (reports suggest up to 100 terabytes), wiped company hard drives and began dumping sensitive documents on the Internet.

Among the sensitive information the hackers divulged: salary and personnel records for tens of thousands of employees as well as Hollywood stars; embarrassing email traffic between executives and movie moguls; and several of the studio’s unreleased feature films. More is likely to come, as Sony Pictures Co-Chair Amy Pascal said the hackers got away with every employees’ emails “from the last 10 years.”

MORE: The 7 most outrageous things we learned from the Sony hack

And the attack has already affected other companies: Secret acquisitions by photo-sharing app Snapchat, for instance, have been made public thanks to leaked emails from Sony Pictures CEO Michael Lynton, who sits on Snapchat’s board.

Who did it?

That’s the million-dollar question. For a few reasons, suspicion has zeroed in on the North Korean government or a band of allied hacktivists. The hermit kingdom is apoplectic over The Interview, in which Seth Rogen and James Franco play journalists who land a face-to-face with Supreme Leader Kim Jong Un, only to be asked by the CIA to assassinate the reclusive leader. The comedy features graphic footage of the dictator’s death, which didn’t go over well in a country built on a hereditary personality cult.

From a forensic perspective, the hack had hallmarks of North Korean influence. The attackers breached Sony’s network with malware that had been compiled on a Korean-language computer. And the effort bore similarities to attacks by a hacking group with suspected ties to North Korea that has carried out attacks on South Korean targets, including a breach of South Korean banks in 2013. That group, which is alternately known in the cybersecurity community as DarkSeoul (after its frequent target) or Silent Chollima (after a mythical winged horse), often uses spear-phishing—a cyber-attack that targets a specific vulnerable user or department on a larger network.

MORE: U.S. sees North Korea as culprit in Sony attack

That does not necessarily mean the North Korean government, or even the same hacker collective, is responsible. In the world of cyberwarfare, hackers will often dissect and imitate successful techniques.

Even the clues that point toward Pyongyang could be diversions to deflect investigators. For example, the perpetrators could’ve manipulated the code or set the computer language to throw suspicion on a convenient culprit. Pyongyang has denied involvement.

Why did Sony scrub The Interview?

People who may or may not have been tied to the hackers posted a vague message Tuesday threatening 9/11-style attacks against theaters that chose to play the film. The U.S. Department of Homeland Security said there wasn’t any evidence of a credible threat against American movie theaters, but several major chains, including AMC and Regal, decided to play it safe—all told, chains that control about half of the country’s movie screens decided against playing The Interview. Sony then followed suit, pulling the movie entirely.

Were theaters really in danger?

It’s tough to say for sure. North Korea has made lots of bloviating threats toward the U.S. before, so anything that comes out of Pyongyang should be taken with a grain of salt. But again, no concrete proof has been made public yet that these attacks or the threat came from North Korea—or even that they came from the same person or group.

Will we ever get to see The Interview?

Probably. The movie cost about $44 million to make, according to documents leaked by the hackers. The ad campaign so far has cost tens of millions on top of that, although Sony has pulled the plug on further TV spots. A total loss on that investment would be a tough pill for Sony to swallow.

MORE: You can’t see The Interview, but TIME’s movie critic did

What will most likely happen is some limited release in the future when everything calms down, perhaps bypassing theaters and going right to Blu-Ray/DVD and on-demand services. There’s also a chance Sony could release the film online. That would eliminate pretty much any safety risk to viewers, but could further enrage whoever hacked Sony—assuming they actually care about The Interview and it’s not just a red herring. It would also let Sony capitalize on all the sudden interest in the film generated by the hack and threats. Don’t expect to see it soon: Sony said late Wednesday it’s not planning any kind of release. But it could, of course, be leaked online.

In an interview with ABC News on Wednesday, President Barack Obama called the hack against Sony “very serious,” but suggested authorities have yet to find any credibility in the threat of attacks against theaters.

“For now, my recommendation would be that people go to the movies,” Obama said.

How did the hackers do it?

We don’t know exactly. Cyber-security experts say the initial breach could have occurred through a simple phishing or spearfishing attempt, in which the hackers find a soft spot in the company’s network defenses. That can be a coding error or an employee who clicks on an infected link. These breaches occur all the time. FireEye, the parent company of the cybersecurity firm Sony hired to probe the hack, studied the network security of more than 1,200 banks, government agencies and manufacturers over a six-month period ending in 2014, and found that 97% had their last line of defense breached at some point by hackers.

“Breaches are inevitable,” says Dmitri Alperovitch, co-founder of the cybersecurity firm CrowdStrike. “But that just means they’ve gotten in the door. It doesn’t mean they’ll be able to walk out with the crown jewels or set fire to the building.”

Once inside, hackers will try to gain elevated security privileges to spread across the network. What made the Sony hack different was the fact that it wasn’t detected until large quantities of data had been swiped. And what stood out, several analysts say, was not the sophistication of the breach but the havoc the culprits sought to wreak. “The attack was very targeted, very well thought out,” says Mike Fey of the network-security firm Blue Coat Systems, who believes the hackers “planned and orchestrated” the attack for months.

What are investigators doing to find out who’s responsible?

Sony has brought in experts at Mandiant, a top security firm, to lead the probe of the hack. Their investigation, outside security experts say, will be similar in some ways to the forensic analysis that follow a murder: studying data logs, reviewing network communications, poring over code, matching clues to potential motives. It may involve probing bulletin boards on the Dark Web, where hackers sometimes go to seek advice on technical troubles.

“There’s a lot of detective work you can do,” says former Department of Justice cybercrime prosecutor Mark Rasch. “Are they native English speakers? What programming language do they use? The code will have styles, signatures and tells.”

And investigators are tracking the IP addresses from which the attack was launched, which in the case of the Sony hack included infected computers in locations ranging from Thailand to Italy.

What happens if it was North Korea?

It’s tough to say. It’s unprecedented for a state actor to conduct a cyberattack of this scale against a U.S. corporation. If that turns out to be the case, however the U.S. decides to respond will set the tone for a whole new kind of cyberwar.

Could the Sony hack happen to other companies?

It’s increasingly likely. Sony is unusual in large part because the attackers appear to have been driven by a desire to cause destruction, rather than financial motives. And the strange geopolitical overtones of the hack add a dollop of intrigue. “It’s a milestone because it’s such a large-scale destructive attack that is rooted in this bizarre political messaging,” says security researcher Kurt Baumgartner of Kaspersky Lab.

But cyber-warfare is a growing threat for which most companies are ill-prepared. Joseph Demarest, assistant director in the FBI’s cyber division, testified to a Senate panel earlier this month that the malware used in the Sony hack “probably [would have] gotten past 90% of the net defenses that are out there today in private industry.” Banks and government agencies tend to have better security, but in recent months major retailers like Target and Home Depot have been hit. When targeted by competent and persistent hackers, corporate defenses will often be outmatched. “This is a great wakeup call,” says Kevin Haley, a director at Symantec Security Response. “We need to get better at securing our organizations.”

-Additional reporting by Sam Frizell

Read next: You Can’t See ‘The Interview,’ but I Did

TIME Media

Sony Pulls The Interview After Threats

A poster for the movie "The Interview" is carried away by a worker after being pulled from a display case at a Carmike Cinemas movie theater on Dec. 17, 2014, in Atlanta.
A poster for the movie The Interview is carried away by a worker after being pulled from a display case at a Carmike Cinemas movie theater on Dec. 17, 2014, in Atlanta David Goldman—AP

Movie won't be released after an unknown group threatened 9/11-style attacks over the film

Sony Pictures Entertainment canceled the planned Christmas Day release of The Interview on Wednesday after an unknown person or group threatened to attack theaters that played the film. Sony’s decision comes after several major theater chains backed out of showing the film in light of the threats.

“We are deeply saddened by this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees and the American public,” Sony said in a statement. “We stand by our filmmakers and their right to free expression and are extremely disappointed by this outcome.”

MORE: 3 Reasons People Think North Korea Hacked Sony

The threats, which warned of 9/11-style attacks against theaters showing The Interview, may have come from the same people responsible for hacking Sony Pictures late last month. Thousands of Sony employees’ emails and personal data have been posted online as a result of the hack, and Sony is still reeling from its effects.

It isn’t yet clear who hacked Sony or threatened the theaters, though some analysts have pointed fingers at North Korea. Pyongyang is furious over The Interview, a comedy starring Seth Rogen and James Franco about TV journalists asked to kill North Korean leader Kim Jong Un. But no clear link to North Korea has been established, and the government has denied responsibility for the hack.

TIME Security

3 Reasons People Think North Korea Hacked Sony

And 4 reasons it might have been somebody else

It’s been more than three weeks since Sony Pictures employees arrived in their offices to find threatening messages accompanied by glowing skulls placed by hackers on their computer screens, but the embattled studio is still dealing with the fallout. Terabytes of Sony’s internal data has been leaked online. Sony’s been hit with multiple ex-employee lawsuits. Ominous warnings have been issued about attacks on movie theaters that play Sony’s upcoming The Interview.

But we still don’t know a basic question: Who hacked Sony?

The person or people claiming responsibility call themselves the “Guardians of Peace,” or GOP. Early reports suggested North Korea was behind the GOP, and there’s been some evidence of that. But North Korea has denied responsibility for the hack, and it’s equally possible the assailants planted clues leading to North Korea as a distraction.

Here’s why people think North Korea was involved:

The attack looks similar to hacks previously linked to North Korea, according to cybersecurity analysts. In a hack like the one against Sony, the attackers most likely found a way to infect Sony’s systems with malware, probably through an email. Once Sony’s system was infected, the hackers could use what’s called a command-and-control server to steal data. And, as it turns out, the malware being used against Sony communicates with at least one of the same command-and-control servers used in previous attacks attributed to North Korea.

It’s improbable that’s a coincidence, experts say. And the malware itself was developed and compiled on systems set to use the Korean language, another clue pointing to North Korea.

“It’s highly unlikely to see another piece of malware that carries strong similarity characteristics and uses the same command and control server,” Kaspersky Lab analyst Kurt Baumgartner says. “It’s a very unique indicator.”

North Korea has a motive. The leaders of the reclusive nation are furious about Sony’s upcoming release of Seth Rogen and James Franco comedy The Interview, which revolves around an assassination plot against North Korean leader Kim Jong-un. North Korea has called the movie an “act of war.”

The hackers are doing whatever they can to stop people from seeing The Interview. On Tuesday, the hackers or somebody claiming to be associated with them threatened to attack movie theaters that screen The Interview. At least one theater chain has already decided not to show the movie.

But there are reasons to doubt North Korea’s involvement:

North Korea has denied the hacks. The government officially claimed it wasn’t responsible, but praised it as a “righteous deed.” American law enforcement is investigating any possible North Korea links, but so far hasn’t found evidence of one.

It’s easy enough to buy and sell malware. There’s a big black market for malware, and a lot of it is simply traded, repackaged and used again. So the similarities between the Sony attack and earlier hacks linked to North Korea may not be so telling.

The North Korea clues and theater threats could be a red herring. North Korea was making vague threats over The Interview long before Sony was hacked. If random hackers attacked Sony because they found an exploitable weak point, they might have left clues pointing to North Korea and made threats to keep attention squarely on Pyongyang.

It could just be random hackers. Sony has long been a favorite target of hackers around the world. Its PlayStation Network, for instance, has repeatedly been hit by disabling attacks. That’s at least in part because back in the mid-2000s, Sony put software on millions of music CDs that, when put in a computer, would automatically install software meant to make it harder to illegally copy those albums. Sony’s software, however, installed itself without users’ knowledge and exposed users’ machines to security vulnerabilities. Many in the hacker community have not forgiven Sony for the practice, which it ended in 2007.

Read next: These Are the Theaters That Have Pulled ‘The Interview’ After Threat

TIME Media

These Are the Theaters That Have Pulled The Interview After Threat

Law enforcement says there's no credible threat

An increasing number of movie theaters and chains are deciding not to show Sony Pictures Entertainment’s The Interview, following a threat believed to come from the same group claiming responsibility for a devastating hack against Sony.

The Regal, AMC, Cinemark and Carmike theater chains won’t show The Interview until federal law enforcement groups finish their investigation of the threats made against the film, the Wall Street Journal reported citing anonymous sources Wednesday. Those chains control nearly half of the movie screens in the U.S., according to the Journal.

NBC News previously reported that Carmike had decided to pull the plug on The Interview. Deadline reported late Tuesday that California’s ArcLight Cinemas, which runs five theaters across the state, also won’t show the film, but a spokesperson later said no official decision had yet been made.

Meanwhile, Landmark Cinemas has cancelled The Interview’s New York City premiere, which was set for Thursday evening. That cancellation comes as the film’s co-stars, Seth Rogen and James Franco, already backed out of several media events around the films.

The threat, which may or may not have come from the same people who hacked Sony Pictures, intimated at the possibility of attacks on theaters that choose to show the movie, a completely fictional comedy about journalists recruited by the CIA to assassinate Kim Jong Un. “We recommend you to keep yourself distant from the places at that time,” read the message, with “the places” apparently referring to theaters showing the film. The message also invoked the attacks of Sept. 11, 2001.

While Sony is at this point going ahead with the film’s Christmas Day release, sources told NBC News that the company won’t punish theaters that back out. The Department of Homeland Security, meanwhile, has said there’s no “credible intelligence” regarding an attack on movie theaters in the U.S.

The threat also coincided with a new release of Sony employees’ emails, several weeks after hackers breached Sony Pictures’ systems and posted troves of company and employee confidential data online. Early reports linked the hacks to North Korea, which is reportedly furious over The Interview’s plot about killing the North Korean leader. However, North Korea denied conducting the attack, and the little evidence thus far tying the country to the incident is circumstantial.

The total fallout of the Sony attack is still incalculable, but it could amount to the most damaging corporate cyberattack in history.

Read next: 3 Reasons People Think North Korea Hacked Sony

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser