Experts are Skeptical of North Korea's Involvement in Sony Pictures Hack

Experts are Skeptical of North Korea's Involvement in Sony Pictures Hack

Sony Make Believe Logo 310x

The FBI has spoken, but independent experts aren't quick to buy the outcome of its investigation.

After a tumultuous month-long period for Sony Pictures, the FBI released its findings pointing to North Korea as the culprit in the studio's computer network hack. Despite (or rather, in spite of) the feds blaming Kim Jong-un and his compliment of military hackers, several independent cybersecurity experts have come out saying that the story appears to be flimsy.

Some of the most compelling arguments against North Korea's involvement are coming from Marc Rogers, the British hacker who organizes DEF CON every year. One of the pillars of his argument, seen in full on his blog, is that the malware, tools, and libraries used by the Sony Pictures hackers is commercially available. It's a "if this, then that," kind of scenario; if the FBI says that "there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks," then it's likely that the malware and other software used is available for anyone to purchase (given they look in the right places).

As for other network attacks that have been linked to North Korea, like those that took place in South Korea in 2013? "While some of these similarities certainly strongly hint at a similar operation and a shared DNA between these pieces of malware, it is hardly a smoking gun," says Rogers.

And Rogers isn't the only security expert to squint at the FBI report. Wired's Kim Zetter published a report before the FBI made theirs official that, among other criticisms, points out that the hacker's initial communications with Sony made no mention of The Interview.

Lastly, Rogers points to a report by another security expert, who quickly shows that most of the IP addresses used in the hack are widely-known proxy IPs that can be used by any number of people.

Gawker has a more lengthy list of suspect criticisms, if this trio has piqued your interest.

As more information on the breach is undoubtedly revealed in the coming weeks, will the North Korea case hold up? Or will another culprit pop up? The end of 2014 does not mean the end of the Sony Pictures breach, for sure.

Permalink

So, in short, the only specific link back to North Korea is weak, and the other points don't point specifically to them, but also don't preclude North Korea's involvement.

I guess we'll be seeing if any additional evidence comes up in the near future.

Thing is, if this isn't North Korea, it makes Sony and the movie theaters look even DUMBER and more cowardly. You don't cave to crap like this because A) 90% of the time they're just hollow threats and B) there is no guarantee this will be the last time they make demands. When you have let anonymous fucktards sway you, you REALLY need to reevaluate yourselves.

Are the experts assuming that the FBI did a full disclosure of their investigation on their report? Because I don't. What the experts are saying is that the probability of the hackers not being North Korea is greater than the FBI states (but NK still isn't off the hook).

Widely Known Proxy IPs are being watched. So if the trail that they published ended with those proxy IPs then someone's not willing to release detailed snooping data. I doubt the NSA would release the data for public view. They are our Cyber Spy's after all.

North Korea has been screaming bloody murder since the film entered into public light. If someone threatened to kill someone if they didn't stop X, and X appeared to be imminent and that person died everyone would seriously suspect the person shouting to be a prime suspect. Maybe they didn't do it, but if they didn't maybe this will be a lesson about "The Little Dictator that Cried Nuke".

This story seems to already be dated though. The DDoS attack against NK appears to have been successful as of Sunday. Or maybe they are so concerned that we will do something that they unplugged the few computers they have connected to the internet.

CaitSeith:
Are the experts assuming that the FBI did a full disclosure of their investigation on their report? Because I don't. What the experts are saying is that the probability of the hackers not being North Korea is greater than the FBI states (but NK still isn't off the hook).

I believe the FBI said specifically they were not doing a full disclosure of their investigation at this time, actually.

Well North Korea or not it seems they've lost their internet connection if MundaneMatt is to be beleived.

I just don't see it. N.Korea just does not seem like they have the means to do this in house. Seems like Hackers having fun with Sony to me.

Sigh... "several independent cybersecurity experts have come out saying that the story appears to be flimsy.".
That has been the story from day one. But they are forgetting ONE major detail; the FBI has all the data, they don't.
The FBI has examined the damaged computers and network. They didn't. I bet anything that the FBI knows a lot more -classified details- about the South Korean attacks than they do. The FBI has been investigating Chinese government and criminal hackers for a very long time. The FBI has a shitton of manpower. The FBI took down Anonymous AND SilkRoad (and SR 2.0)...

So from a practical standpoint it's clear;
FBI like... 6?, Critics 0...

It's like saying "Well, *I* read 'all' about the serial killer in the newspapers, so *I* doubt the FBI is right on their suspect! Cause I am a local beat cop with 20 years of experience!!!!11!"...

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*
North Korea is weak ass, but China is their buddy...

medv4380:
Or maybe they are so concerned that we will do something that they unplugged the few computers they have connected to the internet.

A few? They have Bureau 121 AND Bureau 91: http://en.wikipedia.org/wiki/Bureau_121

"A defector indicated that the agency has about 1,800 specialists. Many hackers of the bureau are hand-picked graduates of the University of Automation, Pyongyang. While these specialists are scattered around the world, their families benefit from special privileges at home."

Yeah... they absolutely have many thousands of computers and are regarded very highly as black hats too. They are funded up the wazoo.
And since their boss makes a ton of money selling Meth to international gangs I'm *pretty* sure he sometimes asks for a portion of those dozens of millions of dollars in the form of computer hardware (and fancy cars and everything you think he does not have access too)!

P.S.
Note how people who have fled the country (or where smuggled out on purpose) have big incentives to help out NK. As their family will be killed or get more food depending on cooperation. So cutting off the NK Internet is a half measure at most. Plus that means SigInt loses a valuable source of intel.

Kenjitsuka:

medv4380:
Or maybe they are so concerned that we will do something that they unplugged the few computers they have connected to the internet.

A few? They have Bureau 121 AND Bureau 91: http://en.wikipedia.org/wiki/Bureau_121

They don't even have a Class B licence. They have maybe 1024 connections that need to be pulled to shutdown their entire internet. Pretty simple at that scale. That's even assuming they're not burning some IP's on standard network sub-netting.

I don't care how many computers they have behind a nat. The one machine with the public addy is all the needs to be taken out.

Please note that the FBI indicated that they had more reasons of believing Korea did it but could not reveal them as an issue of national security.

It may not matter that the threads they mentioned fall short as long as the full report going over the President's desk contains damning evidence.

Kenjitsuka:

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*

Have you ever heard of Colin Powell and his (in)famous speech to the United Nations in which he argued that Saddam Hussein surely has loads of weapons of mass destruction?

They do not do it all the time, but really, you are a little bit naive if you think that the American government would never accuse another country based on flimsy evidence.

This is how I feel about North Korea's "Involvement" with the Hack. They'll take credit for it right up until somebody formally accuses them. Oh wait, that's exactly what happened two days ago, and right after the US formally accused them, Korea immediately denied involvement.

At the risk of stating the fucking obvious; why would we think that the FBI would put their proper evidence in a public release?

They'd release stuff that seems convincing to us numpties and keep their confidential shit, well, confidential.

Kenjitsuka:

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*

Iraq war

Kenjitsuka:

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*
North Korea is weak ass, but China is their buddy...

C'mon man, in light of the senate report and all the clandestine snafu's do you really have 100% faith in the government?

I think some scepticism is warranted. Not saying that I am convinced by the experts or the FBI, just that when you consider all the shifty behaviour the government has done, it is far too soon to dismiss the sceptics and the people with tinfoil hats.

Kenjitsuka:
The FBI took down Anonymous AND SilkRoad (and SR 2.0)...

Whatever helps you sleep at night.

Its impossible to take down anonymous because there is no structure to anonymous. sort of creating a Orwelian state anonymous is impossible to eradicate.

Silkroad alternatived sprang up before the asaulted servers managed to cool off.

Kenjitsuka:

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*
North Korea is weak ass, but China is their buddy...

Uh, need i remind you that Iraq war was started over the president pointing finger to another country and shouting "weapons of mass destruction" when it turned out they had nothing but hearsay about the existence of such.

China is not going to do shit. they may post a formal complain but not more. they cannot afford a war just as much.

Kenjitsuka:
Sigh... "several independent cybersecurity experts have come out saying that the story appears to be flimsy.".
That has been the story from day one. But they are forgetting ONE major detail; the FBI has all the data, they don't.
The FBI has examined the damaged computers and network. They didn't. I bet anything that the FBI knows a lot more -classified details- about the South Korean attacks than they do. The FBI has been investigating Chinese government and criminal hackers for a very long time. The FBI has a shitton of manpower. The FBI took down Anonymous AND SilkRoad (and SR 2.0)...

So from a practical standpoint it's clear;
FBI like... 6?, Critics 0...

It's like saying "Well, *I* read 'all' about the serial killer in the newspapers, so *I* doubt the FBI is right on their suspect! Cause I am a local beat cop with 20 years of experience!!!!11!"...

And one final stab; do you think the damned governement -PRESIDENT and FBI!!!- would just point the finger to another country based on flimsey ass shit? That's called "causing an international incident". Which no sane person does lightly.... *rolls eyes*
North Korea is weak ass, but China is their buddy...

What, you mean like when they started a 10 year clusterfuck of a war with tens of thousands of civilian casualties that turned a tyrannical but relatively stable country into a haven for the very terrorists the war was supposed to be undermining, and when all the dirty laundry finally gets aired it turns out all the "critical" intel used to justify the war came from one guy who didn't have a fucking clue what he was blabbering about? Yeah, those people would never throw around unsubstantiated accusations against a pariah state that even their supposed allies wish would stfu.

Strazdas:
Silkroad alternatived sprang up before the asaulted servers managed to cool off.

To be fair, I'd imagine that there were already plenty of silkroad alternatives before and during its existence.

lol North K i very much doubt it, if anything they prpob paid some hackers IF they were in this somehow but i still doubt it. Sony are just twats simple.

Conspiracy theory: The US hacked into sony pictures so the US would have a reason to instigate hostilities from NK and ultimately allow everyone to declare on NK and wipe Kim Jong Un's fat face off the earth.

I never bought into the idea that North Korea was behind it. I'm sure some independent group will eventually be proven to be behind it. My most hilarious theory is that someone within Sony was disgruntled enough to blow open all the company emails and information on his way out but that's probably a non-possibility.

OhNoYouDidnt:
Zim

Sseth:
Boom

Strazdas:
Pop

Now, to be fair guys, he DID say 'no sane person'. I argue that the President and his handy helpers were not so, at the time. So, his statement could still be considered wholey-accurate.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here