The plot thickens in the ongoing saga of the Sony hack. As recently reported, Sony announced its decision to pull its film The Interview from theaters amid specific and targeted terrorist threats. The devastating, sophisticated cyber-attack that leaked all manner of details about the multinational entertainment company was viewed as retaliation for the fictional murder of Kim Jong-Un in The Interview. 

However, while much of what has been released in the subsequent leak has amounted to salacious gossip, the focus moved quickly to the serious safety and security concerns that saw the hacking story take a much more ominous turn. This turn came Tuesday when hackers told theaters to recall Sept. 11, 2001. This threat was apparently seen as credible enough by Sony that they gave theaters the go-ahead to halt The Interview‘s planned Dec. 25 premiere date.

That brings the story to up to date when it became an ever more complicated one. All along, it has seemed obvious North Korea would be the prime suspect in the vengeful attack to Sony’s systems. The blatant provocation built into the plot of The Interview seemed a likely enough motive. Interestingly enough, however, the digital evidence points to possible accomplices in Iran, China, or Russia.

Sources in the intelligence community suggest the attack was simply too sophisticated to be North Korea working alone. That is, the possibility that North Korea is the sole perpetrator becomes much less likely when the FBI’s current understanding of their skills is taken into account.

The FBI does not deny it still sees North Korea’s digital fingerprints all over the hack. Yet, the highly refined and thoroughly destructive malware programs used have been cited as evidence they did not act alone. The level of sophistication, the kind of malware both are more characteristic of Iran, China or Russia, and each of these countries have a complicated diplomatic relationships with the United States.

Thus, it is not beyond comprehension that in an attack on a U.S. firm one or more of these countries would lend their support for North Korea’s terrorist methods. Their support, by the very nature of a cyber-attack, is clandestine and indirect. That way, plausible deniability is created for the supporting country (or countries) as a buffer against any serious damage to diplomatic ties.

Intelligence sources claim even North Korea created its own buffer. It seems the final stages of the attack were set off somewhere outside of that country’s borders.

And yet, to complicate the matter further, preventing a confident ID of the attackers, there is also evidence to suggest an inside job. First, there is the fact that Sony’s systems show no indication of a forced entry. Second, the earliest emails claiming responsibility for the attack never mention The Interview. Both facts prevent authorities from drawing any definitive conclusions.

Whoever orchestrated and executed the attack, whether it was one actor or many, it is the severity and the implications of the attack that guarantee the authorities are not taking this matter lightly. The FBI is telling other firms to beware of similar attacks, emphasizing how destructive the malware is, and noting how so much of Sony’s data was irretrievably lost.

They go on to warn that, in this instance, data-recovery efforts would be simply too expensive to make it worth the price. This seems to advocate the need for more resources dedicated to prevention.

Sources confirm this as the first known purely destructive, malware-based attack on a U.S company. That fact is troubling enough on its own but the problem is compounded by Sony’s response. Many agree Sony was forced to allow theaters to halt the release of The Interview in order to avoid even the chance terrorists would act on their threats. The Aurora theater shooting in 2012 taught theater-owners to be very cautious. Yet, there is already the perception this is simply successful blackmail and sets a very dangerous precedent.

North Korea, many fear, will now see the United States as vulnerable to such attacks and as willing to cave in to terrorist demands. It is also difficult to ignore the rest of the world watching as this saga unfolds. If China, Iran, or Russia are involved, undoubtedly the implications of U.S. vulnerability are of great interest. In fact, this could very well be a test of the U.S. security apparatus, its strengths, and its weaknesses.

With each development it seems the scope of this story grows. It now goes far beyond the long-term effects on Sony’s business,  and on into questions about the very future of America’s national security.