
New Study Adds to Skepticism Among Experts That North Korea Was Behind Sony Hack - dnetesn
http://bits.blogs.nytimes.com/2014/12/24/new-study-adds-to-skepticism-among-security-experts-that-north-korea-was-behind-sony-hack/?ref=technology&_r=0
======
lbenes
Sony just had a major layoff,pointing to a possible insider.[1] Many Koreans
work for Sony and they may have had a personal gripe with NK.“Guardians of
Peace” comes from a quote used by former President Richard Nixon describing
South Korea.[2] In this debate[3], the security expert on the side of the FBI
keeps rehashing the old it's the same IP address debate. But I don't buy it.
Those are open proxies.

Combine that with the fact that North Korea has a terrible education system
and an entimated 1 in 10,000 people have access to the Internet in North
Korea. This is not the kind of environment that fosters elite super hackers. I
don't think NK did it.

[1] [http://www.polygon.com/2014/9/18/6377971/sony-financial-
resu...](http://www.polygon.com/2014/9/18/6377971/sony-financial-results-
mobile-2014)

[2] [http://www.thedailybeast.com/articles/2014/12/20/sony-
hacker...](http://www.thedailybeast.com/articles/2014/12/20/sony-hackers-
guardians-of-peace-troll-fbi-fbi-is-the-best-in-the-world.html)

[3]
[https://www.youtube.com/watch?v=vNCpHM4BBJQ](https://www.youtube.com/watch?v=vNCpHM4BBJQ)

~~~
GabrielF00
> Combine that with the fact that North Korea has a terrible education system
> and an entimated 1 in 10,000 people have access to the Internet in North
> Korea. This is not the kind of environment that fosters elite super hackers.
> I don't think NK did it.

Business Insider spoke to a defector about the DPRK's cyberwarface program[1].
Even if they can't develop hackers organically, they can build a small cadre
by selecting some people who might be talented, hiring outside experts to
train them and giving their trainee hackers certain privileges. An analogy
might be that in the US, we build our olympic teams organically - athletes
choose what they want to do based on personal interest and it's a good
environment in which to grow as an athlete. North Korea has a terrible
environment to develop athletes organically, but they can hire outside experts
to train a small cadre of their own people. They win a few gold medals every
summer Olympics.

[http://www.businessinsider.com/north-korean-defector-jang-
se...](http://www.businessinsider.com/north-korean-defector-jang-se-yul-
trained-with-hackers-2014-12)

~~~
XorNot
The only problem being that no outside expert with the right skillset would
_ever_ travel to North Korea, and them doing so would be highly suspect.

Even if NK wanted to build such a team, the reality of nation-states is that
you can't make up for the complete failure of your society with _just_ money
alone. The degree to which the Soviet Union turned out to be behind the US
during the Cold War speaks to that - and NK is _a lot_ worse off then the
Soviet Union.

~~~
dba7dba
You can build the skillset without having anybody teach you in person.

NK is a lot worse than the Soviet but NK still managed to develop nukes and
cobble together a midrange ballistic missile, something no teenage hackers in
a basement can manage. You shouldn't underestimate NK. Just the fact they have
survived as long as it has shows it means something.

~~~
kragen
The Copenhagen Suborbitals are a group of "teenage hackers in a basement" who
have cobbled together a midrange ballistic missile, although without any
intention of using it as a weapon. The main thing preventing other teenage
hackers from doing this is violence — either the police come and arrest you,
or your neighbors steal your things, or your neighbors get pissed off about
the amount of nitrogen oxides you're wafting over their house and coerce you
to stop.

~~~
dba7dba
True. But the focus is NK is capable of putting up ballistic missiles and
naturally they are capable of cobbling some malware tools to hack into sony.
Especially into sony.

------
tim333
Potentially interestingly, a guy from Norse security figures:

>data is pointing towards a woman who calls herself "Lena" [...] someone who
worked at Sony in Los Angeles for ten years until leaving the company this
past May.

So we may actually get a proper answer as to who did it. Maybe.

[http://www.cbsnews.com/news/did-the-fbi-get-it-wrong-on-
nort...](http://www.cbsnews.com/news/did-the-fbi-get-it-wrong-on-north-korea/)

~~~
nostromo
> It's worth noting that the original demand of the hackers was for money from
> Sony in exchange for not releasing embarrassing information. There was no
> mention of the movie "The Interview"

That alone really pokes a hole in the official narrative.

~~~
meowface
This isn't really true.

[http://regmedia.co.uk/2014/12/08/sony_hack.jpg](http://regmedia.co.uk/2014/12/08/sony_hack.jpg)

[http://cdn.arstechnica.net/wp-
content/uploads/2014/11/sonypi...](http://cdn.arstechnica.net/wp-
content/uploads/2014/11/sonypictureshack-640x1136.jpg)

These are the two original defaces on Sony's computer systems. Neither mention
money, just vague "obey our demands or we will expose all your data". The
first one explicitly mentions a "great effort to peace of the world", in line
with the name "Guardians of Peace".

Why would a disgruntled insider make something up about world peace if they
just wanted money?

Not saying that means it's necessarily North Korea, but I'm pretty sure the
actors either had The Interview as a real motive, or used the movie as a
pretext, from day 1.

~~~
ceejayoz
> Why would a disgruntled insider make something up about world peace if they
> just wanted money?

Why would someone extorting a company attempt to be deceptive? We're really
asking that question?

~~~
meowface
I'm not disputing that, really. I'm disputing this:

>It's worth noting that the original demand of the hackers was for money from
Sony in exchange for not releasing embarrassing information. There was no
mention of the movie "The Interview"

It very well could be an extortionist, but I think they clearly intended to
give the impression that it was allegedly about The Interview, first subtly
then explicitly. No public message, or leaked private message, was ever
released that showed the hackers asking for money. It is possible they sent a
private demand for money to Sony which has yet to be released, but that would
just be speculation.

Their group name, constant requests to "preserve world peace", releasing all
sorts of movies and scripts except anything relating to The Interview, and
then explicitly calling The Interview a "movie of terrorism" seems to show
that they intended to use the movie as a bargaining chip from day 1.

------
shadowmint
I doubt anyone seriously believes NK could have manufactured the malware that
was used.

...but it's plausible they may have paid other people to do it; or at least
seed funded some third party (eg. russian hackers).

To be fair to the NSA; they're not retards.

Evil... maybe. But stupid? I don't think so.

If they (via the FBI) say it was NK, they probably have _something_ to back
that up (eg. intercepted communications or money trail that leads back to the
NK).

Interesting point drops out of it though; I'd say it's pretty obvious the NK
were never _in control_ of the data or malware. If they paid for it, are they
still to blame? Or are the people who actually did the hack to blame...?

~~~
dba7dba
I doubt many 'hackers' manufacture the malware themselves these days. Many
buy/copy from others.

And we keep saying NK doesn't have enough capable human talent but they
developed nukes and launched a mid range ballistic missile. Surely they can
lock up some men in a building and teach how to run malwares?

IF NK paid for it, they are responsible still.

------
SixSigma
> Post-Watergate, post-Snowden

The only times the state has been caught lying!

------
snarfy
So is the US government lying, or incompetent?

~~~
squozzer
I'll go with lying. Blaming NK serves their political agenda for now. It's
still not outside the bounds of reason to believe Sony Pictures did it
themselves.

~~~
GabrielF00
It really doesn't make any sense to me that blaming North Korea serves a
political agenda for the administration. They have a limited time left in
office and they're trying to use it to accomplish something in foreign policy
(so far, Cuba, a climate deal with China). This is particularly important
since the President's domestic influence will be limited. This business with
North Korea seems like a distraction. It's not serious enough that it's going
to change anything in the relationship between the US and the DPRK. The DPRK
is so unpredictable that starting a beef with them unnecessarily seems like a
terrible idea. It's another item on the agenda with China, and I'm sure that
there are a lot of other things that we would rather be discussing with the
Chinese.

~~~
sixothree
Whether NK is behind this hack or not, you cannot deny that the president's
statement is a show of force. It is a clear message to any country that plans
to use 'cyberwarfare' against the United States - we will retaliate
proportionally.

~~~
lotsofmangos
The clear message the USA appears to be broadcasting by reacting swiftly on
what appears to be very dubious information is that it is now providing the
facility for trolls to SWAT entire countries, rather than just someone who had
pissed them off on Counterstrike. I do not think this makes the world safer.

~~~
sixothree
Agreed. I find this aspect worrying and underreported.

------
_almosnow
Here's an idea for the government:

Detonate a nuclear device somewhere isolated where you already detonate
nuclear stuff for fun. However, this time say that it wasn't planned at all.

Proceed to fabricate a story where the nuclear warheads were connected to the
internet but with extremely high security measures. Why? Because, who knows,
maybe the president is someday in the middle of a world crisis and the only
way to launch nuclear retaliation is through some internet channel. Then
proceed to say that North Korea and his world-class elite terrorist hackers
(with the help of some insider scapegoat that you can take from jail) managed
to HACK (it is important that you use this term) into the system and launch
the nuclear device; fortunately they were programmed to strike on desolated
terrain, god bless us all :'). Clearly, this is a direct attack towards
american ground and it's people; without a doubt, a formal declaration of war.
#KIMISBAD, #STOPNK2015, etc... ensues. Invade the country then, with the
public's approval. And finally accomplish your goal: a military base in the
outskirts of China.

~~~
oskarth
Not to mention the higher approval ratings for NSA et al.

