
Sony 'Hack' Shows How Eagerly U.S. Media Still Regurgitate Government Claims - srslack
https://firstlook.org/theintercept/2015/01/01/north-koreasony-story-shows-eager-u-s-media-still-regurgitate-government-claims/
======
TillE
Does the US government really have much to gain from falsely claiming that
North Korea is behind the attack? It doesn't seem like it, and it would be
pretty embarrassing if it turns out that they're wrong.

That's the only reason I tend to believe in the FBI in this particular case,
when they say they have good evidence. It doesn't change much if North Korea
is responsible, so why lie?

~~~
xnull2guest
North Korea is a nuclear power (they tested their first nuke some number of
years ago now...) and the last few CIA Directors under the Obama
administration have included North Korea on a list enumerating 'rising
powers'.

Instability in North Korea potentially benefits the United States as its
instability agitates its neighbor China and because China would be responsible
for millions of very sick and extremely brainwashed immigrants were it to
collapse.

Finally, Korea was split as a post war agreement (and punishment to Japan)
after World War II and the goal was to quickly thereafter have the cooperation
of the US, UK, the Soviet Union and China reunite. (Interestingly, part of
Japan was also promised to the Soviet Union, but that never came to pass as
the West reneged). Rising tensions during the Cold War prevented the
cooperation necessary to achieve this reunification and the provisional
governments became entrenched as legitimate statehoods. IE to the major powers
Korea (especially North Korea) has no legitimate claim to existence - it is a
provisional government that got away from its imperialist keepers.

------
mattmcknight
Somehow Kaspersky (Russia) is in on it too? The similarities in toolchain and
appearance to shamoon and darkseoul are meaningless? This is not
regurgitation, this was out prior to the FBI announcement. Evidence has only
grown since then.

[http://arstechnica.com/security/2014/12/sony-pictures-
malwar...](http://arstechnica.com/security/2014/12/sony-pictures-malware-tied-
to-seoul-shamoon-cyber-attacks/)

~~~
srslack
The 2012 attack on Saudi Arabia, dubbed Shamoon, was blamed on Iran by U.S.
officials, and yet researchers believe that the malware originated from
hacktivists. How is that related to North Korea again, unless you're implying
North Korea carried out that attack?

Your own link states: "While there is nothing in the analysis that would tie
the three attacks to the same malware developers, they all used similar
techniques, as well as some of the same commercial Windows drivers to attack
the hard drives of their victims."

Darkseoul was blamed on North Korea as well as China only because an IP
address in China seemed to be part of the campaign. South Korean officials
later retracted those allegations.

The evidence is circumstantial at best.

~~~
mattmcknight
Read the Kapersky analysis, it starts to answer your questions regarding the
reuse of Shamoon by NK.

Doesn't matter though, my point was, this was not the media regurgitating a US
gov opinion as the comment I replied to claimed.

I agree that the publically available evidence is never 100%, but the malware
samples and c&c infrastructure point to NK. If you have evidence that someone
else did it, that would be interesting. As it stands, NK has a very strong
motive for the timing of this move, so that plus just the public info, and the
FBI claim based on nonpublic info is enough to convince me they are
responsible.

However, the spectrum of "responsibility" is quite broad:
[http://taosecurity.blogspot.com/2014/12/what-does-
responsibi...](http://taosecurity.blogspot.com/2014/12/what-does-
responsibility-mean-for.html?m=1)

