Evidence Pointing to North Korea as Source of Sony Cyber Attack is Flimsy
I'm increasingly skeptical that North Korea is responsible for the Sony hack. I'm just not buying it, in spite of all the pundits clamoring for the spotlight to condemn North Korea.Some hackers are saying it looks more like an inside job. I also wonder about file backups when the goofy CEO of Sony says all the computers were wiped of all data.
When they had passwords stored in a file called "passwords" -- that's the kind of incompetence you'd expect from a grade school kid.
Many are saying this is a brilliant marketing ploy of Sony. I'm not prepared to go that far, but there are many red flags that indicate we cannot PROVE that North Korean hackers did this.
Wired magazine questions the idea that North Korea hacked Sony Pictures
It's extremely strange, and possibly unprofessional, to state with certainty that North Korea is the culprit. Since investigations are classified, it's hard to know what the sudden assertions are based on.
Cybersecurity expert, Graham Cluley, formerly at Naked Security from Sophos states in the following two quotes:
QUOTE 1
Here’s what we do know:
* The hackers initially emailed Sony executives days before the “skull attack”, and demanded money. No mention of “The Interview”, no mention of North Korea.
* The hackers then plastered grisly skull images over Sony computers, and threatened to release the company’s data unless their demands were not met. No mention of “The Interview”, no mention of North Korea.
* Suddenly the media, following the Re/code report, starts linking the attack to “The Interview” and North Korea.
* We also know that state-sponsored attacks don’t tend to put skull images on the computers they’re targeting (it makes the attack kinda obvious!) or demand money.
If it was all a plot by North Korea (or N. Korean sympathisers) to attack Sony because of the movie, why didn’t the initial demands or the malware mention this?
Similarities have been drawn between the Sony Pictures attack and the DarkSeoul malware that hit South Korean broadcasters in 2013. That attack wasn’t shy of using skull imagery either.
And, if unnamed White House sources are now pointing an accusatory finger at North Korea we need to ask ourselves:
* Why are they unnamed sources? Why won’t they go on the record? What do they hope to gain by making the claims anonymously?
* What proof do the US authorities have that North Korea is behind the attack?
* How do the US authorities explain the malware and the demands not making a reference to the movie or N Korea? (Yes, we know that a later anonymous PasteBin post started ranting about the movie and made 9/11 threats.)
QUOTE 1
Here’s what we do know:
* The hackers initially emailed Sony executives days before the “skull attack”, and demanded money. No mention of “The Interview”, no mention of North Korea.
* The hackers then plastered grisly skull images over Sony computers, and threatened to release the company’s data unless their demands were not met. No mention of “The Interview”, no mention of North Korea.
* Suddenly the media, following the Re/code report, starts linking the attack to “The Interview” and North Korea.
* We also know that state-sponsored attacks don’t tend to put skull images on the computers they’re targeting (it makes the attack kinda obvious!) or demand money.
If it was all a plot by North Korea (or N. Korean sympathisers) to attack Sony because of the movie, why didn’t the initial demands or the malware mention this?
Similarities have been drawn between the Sony Pictures attack and the DarkSeoul malware that hit South Korean broadcasters in 2013. That attack wasn’t shy of using skull imagery either.
And, if unnamed White House sources are now pointing an accusatory finger at North Korea we need to ask ourselves:
* Why are they unnamed sources? Why won’t they go on the record? What do they hope to gain by making the claims anonymously?
* What proof do the US authorities have that North Korea is behind the attack?
* How do the US authorities explain the malware and the demands not making a reference to the movie or N Korea? (Yes, we know that a later anonymous PasteBin post started ranting about the movie and made 9/11 threats.)
END QUOTE
QUOTE 2
"All I know from police investigations into cybercrime is that they are incredibly complex and can often take years. To complete this kind of investigation, the US would need the support of North Korea to look at the computer that made the attack. Hackers can make it look like they are coming from North Korea when they are really coming from Belgium, or the computer could be compromised and a computer in North Korea could be being controlled from somewhere else. To make this announcement so quickly seems a bit rushed."
END QUOTE
READ MORE about the Sony Corporation of America, a subsidiary of Japanese company Sony, and the cyber attack on them supposedly by North Korea:
Krebs on Security apparently accepts the FBI statement that it was North Korea, but to me, the evidence is flimsy at best still.
http://krebsonsecurity.com/2014/12/fbi-north-korea-to-blame-for-sony-hack/
A highly detailed and deep analysis of what happened and why the Sony hack was probably an inside job by a disgruntled employee.
https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack/
Caroline Baylon, a research associate in cyber security at Chatham House, discusses why the North Korean government was probably not behind the hack of Sony Pictures.
http://www.theguardian.com/technology/video/2014/dec/18/north-korea-probably-not-behind-sony-pictures-hack-cyber-security-expert-video
Cyber security expert Mark W. Rogers gives 10 reasons why it probably was NOT North Korea that hacked Sony Pictures. This article is buttressed with links to other cyber security experts who are also extremely skeptical about the FBI's rash accusations.
http://marcrogers.org/2014/12/18/why-the-sony-hack-is-unlikely-to-be-the-work-of-north-korea/
No comments:
Post a Comment