General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsEx-Anonymous hacker questions North Korea's role in Sony hack
The United States is close to publicly blaming North Korea for the Sony cyberbreach. Could North Korea really pull off something like this when it can barely keep the lights on? A former American hacker who also attacked Sony is raising doubts, CBS News' Elaine Quijano reports.
Working under the code name Sabu, Hector Monsegur was responsible for some of the most notorious hacks ever committed. As he told "CBS This Morning" co-host Charlie Rose earlier this month, Monsegur began cooperating with the FBI after getting caught. He now works as a security researcher.
"For something like this to happen, it had to happen over a long period of time. You cannot just exfiltrate one terabyte or 100 terabytes of data in a matter of weeks," Monsegur said. "It's not possible. It would have taken months, maybe even years, to exfiltrate something like 100 terabytes of data without anyone noticing."
Administration officials believe North Korea was behind the hack.
"It could be. In my personal opinion, it's not," Monsegur said. "Look at the bandwidth going into North Korea. I mean, the pipelines, the pipes going in, handling data, they only have one major ISP across their entire nation. That kind of information flowing at one time would have shut down North Korean Internet completely."
<snip>
"Well, it doesn't tell me much. I've seen Russian hackers pretending to be Indian. I've seen Ukrainian hackers pretending to be Peruvian.There's hackers that pretend they're little girls. They do this for misinformation, disinformation, covering their tracks," he said. "Do you really think a bunch of nerds from North Korea are going to fly to New York and start blowing up movie theaters? No. It's not realistic. It's not about 'The interview.' It's about money. It's a professional job."
http://www.cbsnews.com/news/sony-hack-former-anonymous-hacker-not-convinced-north-korea-is-responsible/
cheapdate
(3,811 posts)They're either skeptical, or very confident that North Korea wasn't involved, although they're vague about who or why someone else did it.
At the risk of being called a mindless dupe and a lockstep drinker of the propaganda state koolaid, I'm going with the official version until a more compelling reason to believe otherwise is shown.
JonLP24
(29,322 posts)Last edited Sun Dec 21, 2014, 04:31 AM - Edit history (1)
I don't know for sure what took place as far as the who & the why is concerned but I found this interesting, from a perspective of a hacker.
Warren Stupidity
(48,181 posts)You really have leftist friends?
cheapdate
(3,811 posts)We collaborated with Middle Tennesseans for Religious Freedom during the mosque controversy here. Several are members of SOCM (Statewide Organizing for Community Empowerment, formerly Save Our Cumberland Mountains) of which I am also a member. We sometimes meet for Philosophy and Beer Fridays.
You're obviously free to call my post "hippie punching," but I'd say that's way off the mark. My leftist friends consider themselves as revolutionary socialists and Marxists, not hippies. Secondly, I only said that I'm not convinced by their arguments in this matter. That's not "hippie punching" unless you're only trying to stir up division for its own sake.
nichomachus
(12,754 posts)Our government has never ever lied to us. Never. Ever. How are those WMDs in Iraq working out?
cheapdate
(3,811 posts)Of course our government has lied, continues to lie, and will lie in the future.
MinM
(2,650 posts)The Hollywood Reporter had an early version of this that still seems to be the most credible and plausible..
Now the question of who is behind the attack has become a chilling Hollywood whodunit. While the hackers have identified themselves only as Guardians of Peace, emails pointing journalists to allegedly stolen files posted on a site called Pastebin came from a sender named "Nicole Basile." A woman by that name is credited on IMDb as an accountant on the studio's 2012 hit film The Amazing Spider-Man, and her LinkedIn page says she worked at Sony for one year in 2011. Basile couldn't be reached for comment and the studio declined to confirm if she works or has worked there.
Initial speculation swirled around a state-sponsored attack perpetrated by the North Korean government or its allies in retaliation for Sony's upcoming comedy The Interview, in which James Franco and Seth Rogen play journalists drafted by the CIA to assassinate North Korea leader Kim Jong Un. North Korean officials have condemned the movie, calling it "an act of war." But as the story of the cyberattack has grown, North Korea has been coy about its possible involvement. Asked by the BBC whether the government was involved in the attack, a spokesman said only, "Wait and see."
Inside the studio, though, sources say there is little evidence that North Korea is behind the attack. Cybersecurity expert Hemanshu Nigam also finds it hard to believe that North Korea is the perpetrator. Instead, he theorizes an employee or ex-employee with administrative access privileges is a more likely suspect. For the studio which has laid off hundreds of employees over the past year in an effort to contain costs the possibility of a disgruntled employee wreaking havoc is very real.
"If terabytes of data left the Sony networks, their network detection systems would have noticed easily," explains Nigam. "It would also take months for a hacker to figure out the topography of the Sony networks to know where critical assets are stored and to have access to the decryption keys needed to open up the screeners that have been leaked." In addition, he says, "Hackers don't use such things as Hushmail, Dropbox and Facebook when they want to engage in what amounts to criminal activity. Real hackers know that these sites collect access logs, IP addresses and work with law enforcement. It is possible that North Korean-sponsored hackers were working with someone on the inside. But it is more likely a ruse to shift blame, knowing the distaste the North Korean regime has for Sony Pictures." ...
http://www.hollywoodreporter.com/news/sony-hack-studio-security-points-753509
Sony Hackers Found
cheapdate
(3,811 posts)was behind the attack.
Sherman A1
(38,958 posts)and it does cause one to seriously wonder.
I just am not buying into "the North Koreans did the hacking memo". Did they make some noise about a movie they found offensive, sure and I think they were well within their rights to do so, but the hack, not so much.
I think Sony is trying to deflect the blame for their lack of IT security and shelving what was most likely a real dog of a movie, that was a real bad idea to produce from the start.
JonLP24
(29,322 posts)Basically the initial consensus seemed to be few laughs, but likable characters much like comedies made every single year. I don't see why this one would be so special but I certainly don't rule it out.
delrem
(9,688 posts)Now I can already hear the screaming from the Putin Apologists that I'm a Kim Jong-un Apologist.
Just goes to show how low they'll go!
nichomachus
(12,754 posts)Could have been China, Romania, India. It could have been a bunch of free-lancing script kiddies trying to stir up international shit.
The question is whether we're really going to go to war because we found out that a Sony exec called Angelina Jolie a diva?
MisterP
(23,730 posts)Ichingcarpenter
(36,988 posts)Its seems like its been the entertainment honchos
of Sony exposing their emails, salaries and inter-workings.
Now who would know about Sony's technology?
Sony Pictures lays off employees in' technology' group, including leader
2014 jan
Sony Pictures Entertainment has laid off an undisclosed number of people from its Sony Pictures Technologies group, including the unit's president, Chris Cookson.
The studio confirmed the layoffs, which occurred Wednesday, saying in a statement that the functions of Sony Pictures Technologies would be absorbed "into various core businesses."
A spokesman for the Sony Corp.-owned studio declined to say how many people were losing their jobs. The Technologies division handles the studio's technology policy and processes as they relate to creating content.
Sony Pictures is in the midst of an effort to reduce its overheard by $250 million. The studio, run by Chairman Michael Lynton and Co-Chairman Amy Pascal, has also hired consultancy Bain & Co. to examine the studio's expenditures, with the goal of at least $100 million more in cuts.
In recent months, studio executives including Marc Weinstock, the former head of domestic and international marketing, and Steve Elzer, the former senior vice president of media relations, have been let go.
Also laid off Wednesday was Mitch Singer, Sony Pictures' chief digital strategy officer, who spearheaded the studio's UltraViolet initiative, which gives consumers access to movies they've purchased across different devices.
http://www.latimes.com/entertainment/envelope/cotown/la-et-ct-sony-pictures-lays-off-employees-technology-group-20140122-story.html
In 2012 Sony laid off 10,000 people.
Security blogger Marc W. Rogers documents a number of other indications that North Korea was not involved.
The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea, Rogers explains. Not least because they dont speak traditional Korean in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult.
Additionally, the broken English used looks deliberately bad and doesnt exhibit any of the classic comprehension mistakes you actually expect to see in Konglish. i.e it reads to me like an English speaker pretending to be bad at writing English.
Rogers also explains how the hackers familiarity with the infrastructure clearly points to an insider being responsible.
Its clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sonys internal architecture and access to key passwords, Rogers notes. While its plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occams razor suggests the simpler explanation of an insider.
Indeed, Sony executives themselves are convinced that the hack was an inside job. Were told the people at Sony who are investigating believe the hackers had intimate knowledge of mail systems and their configurations, reports TMZ. They also believe the hackers have knowledge of the internal media distribution systems and the internal IT systems, including human resources and payroll.
http://marcrogers.org/2014/12/18/why-the-sony-hack-is-unlikely-to-be-the-work-of-north-korea/
http://www.ibtimes.co.uk/north-korea-didnt-hack-sony-pictures-who-hell-did-1480082
newfie11
(8,159 posts)Ichingcarpenter
(36,988 posts)Guardians of Peace........no sense of humor there.
JonLP24
(29,322 posts)The Evidence That North Korea Hacked Sony Is Flimsy
1 The New York Times reported this evening that North Korea is centrally involved in the hack, citing unnamed U.S. intelligence officials. Its unclear from the Times report what centrally involved means and whether the intelligence officials are saying the hackers were state-sponsored or actually agents of the state. The Times also notes that It is not clear how the United States came to its determination that the North Korean regime played a central role in the Sony attacks. The public evidence pointing at the Hermit Kingdom is flimsy.
Other theories of attribution focus on hacktivistsmotivated by ideology, politics or something elseor disgruntled insiders who stole the data on their own or assisted outsiders in gaining access to it. Recently, the finger has pointed at China.
In the service of unraveling the attribution mess, we examined the known evidence for and against North Korea.
Attribution Is Difficult If Not Impossible
First off, we have to say that attribution in breaches is difficult. Assertions about who is behind any attack should be treated with a hefty dose of skepticism. Skilled hackers use proxy machines and false IP addresses to cover their tracks or plant false clues inside their malware to throw investigators off their trail. When hackers are identified and apprehended, its generally because theyve made mistakes or because a cohort got arrested and turned informant.
Nation-state attacks often can be distinguished by their level of sophistication and modus operandi, but attribution is no less difficult. Its easy for attackers to plant false flags that point to North Korea or another nation as the culprit. And even when an attack appears to be nation-state, it can be difficult to know if the hackers are mercenaries acting alone or with state sponsorshipsome hackers work freelance and get paid by a state only when they get access to an important system or useful intelligence; others work directly for a state or military. Then there are hacktivists, who can be confused with state actors because their geopolitical interests and motives jibe with a states interests.
<snip>
Sony and FBI Deny Connection to North Korea
First of all, Sony and the FBI have announced that theyve found no evidence so far to tie North Korea to the attack. 2 New reports, however, indicate that intelligence officials who are not permitted to speak on the record have concluded that the North Koreans are behind the hack. But they have provided no evidence to support this and without knowing even what agency the officials belong to, its difficult to know what to make of the claim. And we should point out that intelligence agencies and government officials have jumped to hasty conclusions or misled the public in the past because it was politically expedient.
http://www.wired.com/2014/12/evidence-of-north-korea-hack-is-thin/
Jesus Malverde
(10,274 posts)Ykcutnek
(1,305 posts)You don't piss off that many rich and powerful people only to have the government pin your crime on a regime that can't really be punished much more than we've already punished them.
It's cute that Internet detectives want to chime in with their own seen-too-many-cheesy-thriller-movies theories, but we have professionals for that.
JonLP24
(29,322 posts)Personally I acknowledge possible suspects include North Korea, North Korean supporters based in China, or someone with other motives.
I don't know if you consider me one of those internet detectives but I find opinions from people who know what they're talking about interesting. None of it means NK didn't do it, however.
Blogger Marc Rogers drills down into the details of this particular hack.
He concludes that the fact that the code was written on a PC with Korean locale and language actually makes it less likely North Korea is the source.
He points out that they do not speak traditional Korean in North Korea, they speak their own dialect and traditional Korean is forbidden.
"Let's not forget also that it is trivial to change the language/locale of a computer before compiling code on it," he writes.
He also points out that the the hackers are very net and social-media savvy. "That and the sophistication of the operation, do not match with the profile of the DPRK (Democratic People's Republic of Korea)."
But perhaps his most compelling piece of evidence is the fact that the attackers only latched onto The Interview connection after the media suggested that North Korea might be linked to the attack.
<snip>
When the hack was first reported there was little to suggest a monetary motive but actually the hackers emailed five top Sony Pictures executives on November 21, days before they began leaking the files, and demanded money.
Sean Sullivan, a senior researcher at security company F-Secure, believes extortion could be the motive behind the hack.
"That is a lot more credible than a nation state," he told the BBC.
For him, the real test will be what the hackers do next.
If the pulling of The Interview was their primary motive, things should quieten down but if there are more data dumps, then he thinks everyone should pretty much dismiss North Korea as the source.
<snip>
http://www.bbc.com/news/technology-30530361
Jesus Malverde
(10,274 posts)The ones that still haven't been caught.
Seems not everyone gets crucified. Some people are good at what they do and that includes setting up patsies.
JonLP24
(29,322 posts)It claimed the stolen information came from more than 420,000 websites, including "many leaders in virtually all industries across the world".
http://www.bbc.com/news/technology-28654613
Jesus Malverde
(10,274 posts)Part of the problem is this stuff is technical and those who have no technical background are easily misled.
Who will benefit most from this hack? Thats likely the party that did it.
[Flashback] Dec. 3, 2014 - 03:45AM McCain Ready To Tackle Cyber Threats
http://www.defensenews.com/article/20141203/CONGRESSWATCH/312030041/McCain-Ready-Tackle-Cyber-Threats-Cost-Plus-Contracts-SASC-Chairman
[Flashback] 9 Jun '12, 1am Sen. McCain on Offensive Cyber Warfare
http://newsmilitary.com/pages/4706958-sen-mccain-offensive-cyber-warfare
John McCain Rips Sony Interview Cancellation As Troubling Precedent
http://www.thewrap.com/john-mccain-rips-sony-interview-cancellation-as-troubling-precedent/
INFILTRATION. SABOTAGE. MAYHEM. FOR YEARS, FOUR-STAR GENERAL KEITH ALEXANDER HAS BEEN BUILDING A SECRET ARMY CAPABLE OF LAUNCHING DEVASTATING CYBERATTACKS. NOW ITS READY TO UNLEASH HELL.
http://www.wired.com/2013/06/general-keith-alexander-cyberwar/all/
Boreal
(725 posts)we had 24/7 cable news droning on about the Target or Home Depot (and many other huge data bases) attacks being "terrorism"? Neither do I. But those just stole the data of hundreds of millions of ordinary people so no biggie.
This story is bullshit and probably has something to do with the entertainment industry wanting access to peoples ISP info because of their never ending freak out over file sharing. Hell, the US government went to New Zealand to get Kim Dotcom for the entertainment industry.
Inside job with government involvement for powerful Hollywood moneybags.
Jesus Malverde
(10,274 posts)Jesus
Jesus Malverde
(10,274 posts)the idiot box.
Skepticism in foreign affairs seems to be a third rail around here.
Warren Stupidity
(48,181 posts)Jesus Malverde
(10,274 posts)Jesus
Warren Stupidity
(48,181 posts)But not to the "folks" who posted it:
http://www.democraticunderground.com/?com=view_post&forum=1002&pid=5985465
Jesus Malverde
(10,274 posts)They don't bring much to the table but snark and in this case a whopper of a conspiracy theory.
Jesus
Oilwellian
(12,647 posts)Had a damn fine chuckle with my morning coffee.
unblock
(52,206 posts)Faux pas
(14,672 posts)they came to the Korean conclusion pretty fast, made me wonder...
kwassa
(23,340 posts)with access downloaded masses of material. Think Chelsea Manning.
and then sold it to North Korea.
or a combination of many of these elements.