The Sony hack…is North Korea guilty? I don’t believe it for one second. There is much more to this story than what we know. Behind the sc ens deals. Pulling the movie “The Interview” from public release? A movie that cost around $80 million to produce and market?
Nope…I wonder what else that the hackers found that they are holding over Sony Pictures and possibly the US government?
The Sony hack: What if it isn’t North Korea
Michael Hiltzik
LOS ANGELES TIMES
michael.hiltzik@latimes.comIs the world rushing to judgment by blaming North Korea for the Sony hack?
The received wisdom that North Korea is responsible for hacking Sony Pictures Entertainment has taken over discussion so thoroughly that the Obama administration already has been chided for not taking firm action against the insular regime. Until Friday, official sources’ attribution of blame to North Korea was off the record; the issued a formal accusation.Occam’s razor suggests the simpler explanation of an insider.
– Hacking expert Marc Rogers on doubts that North Korea is guilty in the Sony hackYet that makes it even more important to point out that in the hacker and anti-hacker community the conclusion is by no means unanimous. Much of the evidence provided against North Korea up to now has been circumstantial: The regime was mad about Sony’s assassination comedy “The Interview,” it has expressed approval of the hacking (though not explicitly taken credit), etc.
The FBI filled in some blanks Friday by noting that “technical analysis of the data-deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed,” including “similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.” The FBI also found Internet addresses linked to North Korea in the malware involved in the attack.
Still, it may be wise to stay cautious; some cybersecurity experts who were skeptical of the North Korean connection are still skeptical.
The North Korea/”Interview” narrative is comforting in several ways. It feeds into the tendency to attribute almost God-like capabilities to an adversary, especially a secretive one; that’s very much a scenario favored by Hollywood. (Think of the all-time definitive James Bond movie line, from “Dr. No”: “World domination–same old dream.”) And it helps Sony executives deflect blame — how could anyone expect them to defend against an attack by such a sinister, all-powerful enemy? You can expect to see more coverage, like this piece from CNN, about North Korea’s shadowy “Bureau 121,” purportedly its Cyberattack Central.
There are great dangers in mistaken attribution — it shifts attention from the real perpetrators, for one thing. A counterattack against North Korea could needlessly provoke the regime, wrecking the few diplomatic initiatives taking place.Here’s a rundown of the counter-narrative.
–“Whitehat” hacker and security expert Marc W. Rogers argues that the pattern of the attack implies that the attackers “had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time … Occam’s razor suggests the simpler explanation of an insider,” perhaps one out for workplace revenge. (N.B. “Occam’s razor” is the principle that the simplest explanation for something is often the best.)
–The assertion that the attack was uniquely sophisticated, which is an element of the accusation against North Korea, is both untrue and incompatible with the North Korea narrative. It presupposes that a nation-state without a native computer infrastructure could launch an unprecedented assault. More to the point, very similar hacking technology has been used in earlier hacks in Saudi Arabia and elsewhere. The consulting firm Risk Based Security has a discussion of these and other aspects of the Sony affair.
It’s worth noting that Risk Based Security’s team isn’t entirely convinced by the FBI statement. In an an update to their commentary Friday, they observed that the agency has “not released any evidence to back these claims.” They add: “While the FBI certainly has many skilled investigators, they are not infallible. Remember, this agency represents the same government that firmly stated that Iraq had weapons of mass destruction, leading the U.S. into a more than ten year conflict, which was later disproven.
–Attribution of responsibility for attacks is much harder than laypersons believe. Kim Zetter of Wired observes, “Skilled hackers use proxy machines and false IP addresses to cover their tracks or plant false clues inside their malware to throw investigators off their trail.” Evidence pointing to North Korea, Zetter writes, is also consistent with attacks by “hacktivists,” who attack institutions for political motives of their own.
For more skepticism, see these posts by hacker Grugq and Jericho..
website here
An additional article…
Defiant North Korea Says Can Prove It Is Not Behind Hack “Without Resorting To Torture Like The CIA”
By Tyler DurdenCreated 12/20/2014 – 11:01
[1]
Submitted by Tyler Durden [1] on 12/20/2014 11:01 -0500
Just hours after the FBI announced that, with absolute certainty, it had determined that North Korea was behind the Sony hack, a “theory” that has become the butt of global jokes [12], we learned, in a far less prominent release, that according to an internal inquiry, FBI evidence if “often mishandled.” According to the NYT[13], “F.B.I. agents in every region of the country have mishandled, mislabeled and lost evidence, according to a highly critical internal investigation that discovered errors with nearly half the pieces of evidence it reviewed.
The evidence collection and retention system is the backbone of the F.B.I.’s investigative process, and the report said it is beset by problems.
It gets better: according to the report, the F.B.I. was storing more weapons, less money and valuables, and two tons more drugs than its records had indicated. Almost as if the FBI was siphoning off cash, while hoarding guns and blow.
The report’s findings, based on a review of more than 41,000 pieces of evidence in F.B.I. offices around the country, could have consequences for criminal investigations and prosecutions. Lawyers can use even minor record-keeping discrepancies to get evidence thrown out of court, and the F.B.I. was alerting prosecutors around the country on Friday that they may need to disclose the errors to defendants.
A majority of the errors identified were due in large part to human error, attributable to a lack of training and program management oversight,” auditors wrote in the report, which was obtained by The New York Times.
F.B.I. officials on Friday said that they decided on their own to conduct the review after discovering during an internal audit that there might be issues with the record keeping for evidence.
In other words, there was human error, as well as willful “record keeping” lies.
But that’s ok, because the FBI has released a YouTube clip proving that North Korea hacked the US subsidiary of a Japanese company in a matter that has escalated to a national security issue. Right? Because the US had doctored photos of Iraq WMDs, and a doctored YouTube clip of Syrians “dead” after an Assad chemical attack.
Well, maybe not. Which perhaps explains why a defiant North Korea not only refuses to take responsibility for the infamous Sony “hack”, something which makes little sense for the regime that would love to take full credit for crippling of the evil Imperialist pigs’ Christmas movie schedule, but that, as Reuters reports [14], it wants a joint probe investigation into the incident with the United States.
An unnamed spokesman of the North’s foreign ministry said there would be “grave consequences” if Washington refused to agree to the joint probe and continued to accuse Pyongyang, the official KCNA news agency reported on Saturday.
In fact, earlier today, North Korea warned of “serious consequences” if the United States retaliates against it.
As a reminder, on Friday, President Barack Obama blamed North Korea for the devastating cyberattack, which led to the Hollywood studio cancelling “The Interview”, a comedy on the fictional assassination of North Korean leader Kim Jong Un.
But the epic punchline, is that even a tiny backwater, dictatorship can now make fun of US “moral high ground” courtesy of the recent CIA torture disclosure. “We have a way to prove that we have nothing to do with the case without resorting to torture, as what the C.I.A. does,” the statement said.
We can’t wait to see it. We also can’t wait to see America’s own proof for what is shaping up to be yet another false flag intervention. Alas, we may be waiting for a long time.
While some computer experts still express doubts whether the North was actually behind the attack, American officials said it was similar to what was believed to be a North Korean cyberattack last year on South Korean banks and broadcasters. One key similarity was the fact that the hackers erased data from the computers, something many cyberthieves do not do.
Some American officials have said that North Korea appears to have embraced cyberterrorism as its new weapon of choice for making political points, and is possibly trying to extort new concessions out of the United States and its allies. While North Korea is an impoverished nation with so little Internet usage that it is essentially a black hole in cyberspace, the attacks showed a high level of sophistication and hacking expertise.
The hackers did considerable commercial damage to Sony Pictures, posting embarrassing emails, detailed breakdowns of executive salaries, digital copies of unreleased movies and even the unpublished script for an upcoming James Bond movie.
Sony said the threats against theaters left it no choice but to cancel the Dec. 25 release of “The Interview,” in which Seth Rogen and James Franco play television journalists who get a scoop interview with Mr. Kim, and then find themselves recruited by the C.I.A. to kill him.
On Friday, Mr. Obama faulted Sony’s decision to withhold the movie, saying that it created a precedent of studios giving into intimidation.
Yes, the “terrorists won”, which is precisely the cover that the US needed to maintain its imploding “Pax American” status quo. Oh, and whatever happened to all that media coverage of US “enhanced interrogation techniques” anyway?
website here
