Now that the Obama administration says North Korea had a hand in the hacking at Sony Pictures that resulted in Sony’s decision not to release a North Korea-themed comedy movie, attention is shifting to what steps the United States – and other upholders of freedom of expression – should take to counter the cyber attack.

On Friday, President Obama laid the blame for the attack on North Korea, but also said Sony should not have bowed to the threats.

"We can confirm North Korea engaged in this attack," Mr. Obama said at his end-of-the-year press conference. He also said that Sony "made a mistake," in pulling the film.

Even North Korea experts who say they still need to see proof of Pyongyang’s involvement are categorical about one thing: Whoever carried out the attack, the response must be so swift and punitive as to nip in the bud what many are calling a new type of warfare that threatens the global flow of ideas.

“President Obama likes to talk about teachable moments. I think he and all of us should want this to be a very teachable moment,” says Nick Eberstadt, an expert in North Korea and political economy at the American Enterprise Institute in Washington.

While he believes North Korea has the means to carry out a sophisticated cyberattack, Mr. Eberstadt says he still wants to see the evidence the US government has to be convinced Pyongyang was involved in this case.

But whoever attacked Sony and threatened mass violence over a planned movie release, he adds, “If we go down the path [of retaliation], we have to make sure the measures are so forceful and far-reaching that the perpetrator this time, or whoever might contemplate this kind of action, never ever thinks about doing this again.”

On Wednesday Sony canceled the scheduled Christmas Day release of “The Interview,” a comedy in which actors James Franco and Seth Rogen portray floundering TV journalists who are recruited by the CIA to assassinate North Korean Leader Kim Jong-un.

A murky group of hackers calling themselves “Guardians of Peace” had warned that viewers of “The Interview” risked a “bitter fate” reminiscent of the 9/11 attacks. Major theater chains said they would not show the film, and Sony said it had no choice but to take the “sad” step of canceling the release.

US officials began commenting anonymously after Sony’s decision that the attack had the hallmarks of North-Korean-directed activity. On Friday the FBI issued a statement saying it “now has enough information to conclude that the North Korean government is responsible for these actions.”

The FBI offered evidence it said led to its conclusion, including:

Data deletion malware used in the attack revealed links to other malware the FBI knows was developed by “North Korean actors.”

Several IP addresses known to be associated with North Korean infrastructure communicated with IP addresses hardcoded into the malware used in the Sony attack.

Tools used in the Sony attack “have similarities” to a cyberattack last year on South Korean banks that was carried out by North Korea.

The White House on Thursday declared the Sony attack “a serious national security matter,” with spokesman Josh Earnest saying that a response, once responsibility for the attack was determined, would be “proportional.”

"We will respond. We will respond proportionally and in a place and time and in a manner that we choose," Obama said, adding he wouldn't be laying out the details at a press conference. Action is necessary, he said, because "we cannot have a society where a dictator someplace can start imposing censorship here in the US."

But many cyberanalysts and North Korea experts said it was unclear what a “proportional response” would be, while others said the implications of the Sony attack are so grave that any response must go beyond some kind of equivalent measures.

“A disproportionate response is what would be called for,” says Eberstadt, author of “The End of North Korea,” a 1999 study of the systemic failures he believes will lead to the communist pariah state’s collapse.

Some administration officials have hinted that more sanctions could be in the offing, although the paltry North Korean economy is already heavily sanctioned.

Perhaps the most effective action would be to sanction the offshore banks, often Chinese, that the North Korean regime depends on, some North Korea experts say. US officials say Pyongyang uses the banks to launder the proceeds of illicit tobacco, pharmaceutical, and other drug trading.

US Treasury Department measures carried out against the Macao-based Banco Delta Asia in 2005 over its dealing with North Korea are often cited as the most successful punitive action dealt the Kim regime.

Whatever the US decides to do, it will have to be carried out in conjunction with others to be effective, some experts say. In particular, any measures designed to cut short a new global war on freedom of expression will have to include other proponents of universal rights, analysts say.

Get the Monitor Stories you care about delivered to your inbox. By signing up, you agree to our Privacy Policy

One tricky factor is that any effective effort aimed at curtailing North Korean cyberattacks should include China, Pyongyang’s principal backer, Eberstadt says. But China also stands accused by the US of engaging in hacking of US companies’ databases, and even of US government information systems.

“China would have to be part of any stop light assembled against North Korea,” says Eberstadt. “China is North Korea’s financial patron and its defense attorney internationally.”