The World – What If It Isn’t North Korea?

The Sony hack…is North Korea guilty? I don’t believe it for one second. There is much more to this story than what we know. Behind the sc ens deals. Pulling the movie “The Interview” from public release? A movie that cost around $80 million to produce and market?

Nope…I wonder what else that the hackers found that they are holding over Sony Pictures and possibly the US government?


The Sony hack: What if it isn’t North Korea

Michael Hiltzik

Is the world rushing to judgment by blaming North Korea for the Sony hack?
The received wisdom that North Korea is responsible for hacking Sony Pictures Entertainment has taken over discussion so thoroughly that the Obama administration already has been chided for not taking firm action against the insular regime. Until Friday, official sources’ attribution of blame to North Korea was off the record; the issued a formal accusation.

Occam’s razor suggests the simpler explanation of an insider.
– Hacking expert Marc Rogers on doubts that North Korea is guilty in the Sony hack

Yet that makes it even more important to point out that in the hacker and anti-hacker community the conclusion is by no means unanimous. Much of the evidence provided against North Korea up to now has been circumstantial: The regime was mad about Sony’s assassination comedy “The Interview,” it has expressed approval of the hacking (though not explicitly taken credit), etc.

The FBI filled in some blanks Friday by noting that “technical analysis of the data-deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed,” including “similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.” The FBI also found Internet addresses linked to North Korea in the malware involved in the attack.

Still, it may be wise to stay cautious; some cybersecurity experts who were skeptical of the North Korean connection are still skeptical.

The North Korea/”Interview” narrative is comforting in several ways. It feeds into the tendency to attribute almost God-like capabilities to an adversary, especially a secretive one; that’s very much a scenario favored by Hollywood. (Think of the all-time definitive James Bond movie line, from “Dr. No”: “World domination–same old dream.”) And it helps Sony executives deflect blame — how could anyone expect them to defend against an attack by such a sinister, all-powerful enemy? You can expect to see more coverage, like this piece from CNN, about North Korea’s shadowy “Bureau 121,” purportedly its Cyberattack Central.
There are great dangers in mistaken attribution — it shifts attention from the real perpetrators, for one thing. A counterattack against North Korea could needlessly provoke the regime, wrecking the few diplomatic initiatives taking place.

Here’s a rundown of the counter-narrative.

–“Whitehat” hacker and security expert Marc W. Rogers argues that the pattern of the attack implies that the attackers “had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time … Occam’s razor suggests the simpler explanation of an insider,” perhaps one out for workplace revenge. (N.B. “Occam’s razor” is the principle that the simplest explanation for something is often the best.)

–The assertion that the attack was uniquely sophisticated, which is an element of the accusation against North Korea, is both untrue and incompatible with the North Korea narrative. It presupposes that a nation-state without a native computer infrastructure could launch an unprecedented assault. More to the point, very similar hacking technology has been used in earlier hacks in Saudi Arabia and elsewhere. The consulting firm Risk Based Security has a discussion of these and other aspects of the Sony affair.

It’s worth noting that Risk Based Security’s team isn’t entirely convinced by the FBI statement. In an an update to their commentary Friday, they observed that the agency has “not released any evidence to back these claims.” They add: “While the FBI certainly has many skilled investigators, they are not infallible. Remember, this agency represents the same government that firmly stated that Iraq had weapons of mass destruction, leading the U.S. into a more than ten year conflict, which was later disproven.

–Attribution of responsibility for attacks is much harder than laypersons believe. Kim Zetter of Wired observes, “Skilled hackers use proxy machines and false IP addresses to cover their tracks or plant false clues inside their malware to throw investigators off their trail.” Evidence pointing to North Korea, Zetter writes, is also consistent with attacks by “hacktivists,” who attack institutions for political motives of their own.

For more skepticism, see these posts by hacker Grugq and Jericho..

website here

An additional article…

Defiant North Korea Says Can Prove It Is Not Behind Hack “Without Resorting To Torture Like The CIA”

Print Friendly, PDF & Email

Leave a Reply

enter code *

This site uses Akismet to reduce spam. Learn how your comment data is processed.