North Korea didn't hack Sony

or maybe they did, but the report from the FBI is unbelievable and not credible.

"Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks."

Similarities are not definitive and are actually commonplace in hacking circles. Code is borrowed, stolen, shared, reworked, etc.

"The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack."

This means nothing other than a Chinese network was used or routed through to facilitate the attack.

"Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea."

Hacking tools/methods are re-used and almost communal in the hacking community.

This report is intentionally vague and misleading. There is no hard evidence that points to North Korea carrying out this attack and other security analysts dout the FBI's findings. There is reason (other than ineptitude) to believe North Korea did not carryout this attack.  They have repeatedly denied the attack, despite a ripe opportunity to "play gotcha" without much recourse. The official statement suggests that North Korea did not attack Sony, but wishes it did. This is a surprisingly weak line from a nation that disemminates plenty of bullish propaganda.

The circumstances surrounding the attack are also odd. The hackers initially tried to extort money from Sony (a curious thing for a state to do,) then released hundreds of gigabytes of information from private Sony e-mail servers as well as several full length films yet to be released. It was not until after rumors about North Korea being behind the attack that we started to see demands relating to the Interview surfacing. 

Now North Korea wants a joint investigation to discover who the Hackers are, a "calling the bluff" tactic. Despite the conventional wisdom about these matters, the perpretrator of the hack could conceivably be my neighbor's 12 year old. Security experts will tell you that locations and IPs can be spoofed, networks can be hijacked, code can be manipulated, and there is no way the FBI can be certain about the origin of this incident.

Image Credit: https://flic.kr/p/aXNpji

Lief Eric Malone's picture
Lief Eric Malone

You are here

North Korea didn't hack Sony