Saturday, December 27, 2014

Count Me Skeptical on the North Korean Hacker Story

Not to stomp into Borepatch's security territory too much, but I've had a hard time believing the story that North Korean hackers broke into Sony and stole terabytes worth of data.  The complete set of computers in the whole country is something like four working Commodore 64s and while they certainly can (and do) send students with the aptitude to China to work in cyber attacks, it just seems hard to imagine they could have much of a base of computer savvy people in the country.  It requires better nourishment during pregnancy and child growth to develop working brains than a country that's forced to eat grass and sand can provide.  

Then I find an article in Fast Company that real experts are rather skeptical of the story, too.  Marc Rogers, for one, puts together a pretty good case against it being the North Koreans. 
So in conclusion, there is NOTHING here that directly implicates the North Koreans. In fact, what we have is one single set of evidence that has been stretched out into 3 separate sections, each section being cited as evidence that the other section is clear proof of North Korean involvement. As soon as you discredit one of these pieces of evidence, the whole house of cards will come tumbling down.
Gordon Chang is a lawyer/analyst/pundit who specializes in watching China and developments in China and North Korea.  He's probably excessively pessimistic about China, his book on the coming collapse of China is going on 14 years old, but he's still one of the more knowledgeable people in the pundit class.  Chang's view is that if NK did it at all they certainly didn't do it alone.  China and North Korea have a symbiotic relationship; China economically exploits the reclusive state for cheap labor, and resources while the North Koreans get most of their food from China and their only air travel is through and over China.  North Koreans attempt to escape north into China, the border is said to be easier to cross than the border into South Korea, and China plays a loose game of returning some but not others.  It seems natural that any North Koreans with the right skills (or potential) would get sucked north into China.

Chang believes that North Korean cyber attacks would have had to originate in China.  China is much better equipped for that sort of attack; think massive cube farms of hackers at work all day long.  Some of them could have been from North Korea.  At the absolute least, China would have known about the Sony attack, though.

Catherine Herridge, the Chief Intelligence Correspondent at Fox News, reports that sources in the US say there's evidence that points to China, as well as Russia and Iran.
The U.S. investigation into the recent hacking attack at Sony Pictures Entertainment has turned up evidence that does not point to North Korea as the "sole entity" in the case, but rather, raises the possibility that Iran, China or Russia may have been involved, an intelligence source told Fox News on Thursday.
The source pointed to the sophistication of malware “modules or packets” that destroyed the Sony systems -- on a level that has not been seen from North Korea in the past -- but has been seen from Iran, China and Russia.

There is no evidence of a forced entry into the Sony systems, pointing to an insider threat or stolen credentials. And the first emails sent to Sony, described as blackmail or extortion, included demands unrelated to the movie.
The idea of the Sony hack being an inside job from a disgruntled employee or something like that seems likely to me.  There are just too many things about it that taken together make it unlikely that it was the North Koreans.  At least in my book.  Now, if it was the world's greatest publicity scheme to get millions of Americans who wouldn't ordinarily go see (what seems to be) a mediocre comedy to change their plans and go see it in some sort of patriotic/1st amendment fervor, that would be a funnier story than Seth Rogan and James Franco could come up with. 


  1. More here supporting the theory it wasn't the norks


  2. Most likely? The US - or an agent thereof. False flag. Again.

    You know - oboomba's we gotta protect freedom of the internet with the ability to shut it down.


  3. What we know for sure is countries like NK, China, Russia and others do have cadres of hackers targeting the U.S. They are going after government secrets and business secrets. They are exploring/exploiting avenues that would destroy/cripple our infrastructure possibly as a first strike preceeding an actual physical attack. There are also in Eastern Europe, Russia, Africa and other countries crime gangs hacking private data or whatever they can get to sell. The attacks are constant, unlimited and extensive with the intent of stealing data or identify targets for a future cyber attack. What we don't know is did NK hack Sony and if they did did they do it from NK or another country? Considering the magnitude of the problem and the consequences that little "unknown" seems inconsequential. Yes, we may find out down the road that some 20 year old in his parents basement in LA did it but it does not change or mitigate the scope of the very real problem this story is touching on.

  4. "Now, if it was the world's greatest publicity scheme to get millions of Americans who wouldn't ordinarily go see (what seems to be) a mediocre comedy to change their plans and go see it in some sort of patriotic/1st amendment fervor, that would be a funnier story than Seth Rogan and James Franco could come up with."

    That theory betrays an almost childlike misunderstanding of the numbers involved.

    "Eureka! We'll get the four largest cinema chains in the country to drop the release, and then make it up on PPV and art house screens with protest viewers. Oh, and make sure to release a bunch of embarrassing corporate emails that trigger multimillion-dollar class action suits to throw people off our trail"

    If you see someone advancing the theory that Sony "hacked themselves to get more people to see the movie" you can safely dismiss them as fucking ignorant on the topic.

  5. "Unnamed US official" says they had help from Russian hackers: