Despite Denials and Lack of Proof, US Threatens to Attack Korea for Embarrassing US Corporation
December 21, 2014
Jason Ditz / AntiWar.com & Paul Wagenseil / Tom's Guide & The Guardian
Despite the lack of firm evidence, President Obama has promised a "response" to North Korea to punish them for hacking Sony Pictures and spoiling the release of a US "assassination comedy." Pyongyang has denied responsibility and has called for a joint US'North Korea investigation into the hacking incident. Cyber-security experts have expressed doubt that the North Korea government was involved. The North Koreans have promised grave consequences if the US continues to threaten it.
US Threatens Revenge on
North Korea for Sony Hack
Jason Ditz / AntiWar.com
(December 19, 2014) -- Speaking today, President Obama promised a "response" to North Korea to punish them for hacking Sony Pictures and spoiling the release of comedy The Interview, which was scheduled to come out at Christmas.
Obama refused to get into details of the form of the retaliation, but said it would be "in a place and time and manner that we choose." Obama was asked if a military attack was possible, but declined to answer.
The FBI insisted today that they've confirmed North Korea's responsibility, but they offered little evidence for it, and many experts continue to believe that an inside attack from a disgruntled Sony employee is the more likely explanation.
The hackers' familiarity with internal Sony networks certainly would be hard for North Korea to have come by, but growing publicity around the incident had the US under growing pressure to assign blame somewhere, and North Korea ended up being that somewhere.
The FBI held off its promised report twice this week, and when they finally issued the statement today, they insisted all of the really convincing evidence was classified, offering only suppositions and circumstantial evidence beyond that.
President Obama was also critical of Sony for not releasing the movie, saying "I wish they had spoken to me first," and that he would've convinced Sony to release it after all. Sony, which previously said they aren't going to release it, now says they are exploring possible routes for a release after all.
North Korea Hacked Sony?
Don't Believe It, Experts Say
Paul Wagenseil / Tom's Guide
(December 18, 2014) -- Many computer-security experts are doubt the validity of the claim that North Korea is behind the Sony Pictures Entertainment hack, citing a lack of strong evidence and the possibility of alternate scenarios.
"There's no direct, hard evidence that implicates North Korea," Sean Sullivan, a security researcher at Finnish security firm F-Secure, told Tom's Guide. "There is evidence of extortion (the Nov. 21 email [to Sony executives which demanded money]) and the hackers only mentioned [the movie] The Interview after it was brought up in the press, which they then used to their advantage."
"Is North Korea responsible for the Sony breach?" wrote Jeffrey Carr, founder and CEO of Seattle cybersecurity consulting firm Taia Global. "I can't imagine a more unlikely scenario."
Rather than an international incident of "cyberwar," the Sony hack looks like an inside job, several skeptics say.
"My money is on a disgruntled (possibly ex) employee of Sony," Marc W. Rogers, a security researcher at San Francisco-based Web-traffic optimizer CloudFlare, wrote on his personal blog. "Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down."
For the most part, the doubters are undeterred by newspaper and television reports yesterday (Dec. 17) that a U.S. government agency, so far unnamed, would present its evidence for a North Korean connection today (Dec. 18). Kim Zetter, a longtime security reporter for Wired, posted a piece picking apart the Pyongyang hypothesis just before the leaks broke, yet continued to stand by her story.
"At risk of launching another Tweet storm, I'll point out that intel[ligence] sources also claimed Brazilian blackouts were caused by hacker extortion," Zetter tweeted yesterday, referring to a since-debunked allegation that was aired on CBS News' "60 Minutes" a few years ago.
Skeptics pointed out that the hackers seem very familiar both with Sony Pictures' internal network and with American news media -- two things that would be unlikely in hackers operating from North Korea.
"To handle this sophisticated media/Internet campaign so well would require a handler with strong English skills, deep knowledge of the Internet and Western culture," wrote the pseudonymous vulnerability broker The Grugq. "I can't see DPRK [the Democratic People's Republic of Korea] putting this sort of valuable resource onto what is essentially a petty attack against a company that has no strategic value."
Even the few tidbits of evidence pointing to North Korea -- malware with Korean encoding, and a server in Bolivia, that had been previously used in North Korean attacks -- don't convince seasoned cybersecurity experts.
"It just doesn't feel right," wrote independent British security blogger Graham Cluley. "Trying to determine the location of Internet hackers can be as hard as nailing jelly to the ceiling. It's not uncommon at all for attackers to use compromised computers in other countries as part of their attack to throw investigators off the scent."
"So far, the information that's come out has pointed the finger at North Korean proxy groups, but it's been context-based," political scientist Peter W. Singer, a senior fellow at the Washington, D.C.-based think-tank the New America Foundation, told the tech blog Motherboard yesterday. "It wouldn't meet the level needed in a court of law."
To Singer, it certainly doesn't warrant the dramatic reaction by Sony Pictures, which canceled the release of the James Franco / Seth Rogen caper The Interview yesterday after an online posting attributed to the hackers obliquely threatened attacks on theaters that showed the movie.
"The attackers wonderfully understand the American psyche," Singer added. "This was a hack, but call it 'cyber' and 'terrorism,' and we lose our [stuff]. There's no other way to put it."
Even the language used by the hackers seems to contain tongue-in-cheek references. The group's self-determined name, Guardians of Peace, may be both a dig at the Republican Party and a nod to the summer hit Guardians of the Galaxy.
Cinema owners were scared by the threat to "remember the 11th of September," but that sounds like an allusion to "remember, remember the fifth of November" from the 2006 movie V for Vendetta, which spawned the craze for Guy Fawkes masks among supporters of the hacktivist movement Anonymous.
Unless North Korean leader Kim Jong Un declares that his minions did, indeed, carry out the attack, we may never know exactly who did it. Until then, it's best to take all claims with a grain of salt.
"My advice to journalists, business executives, policymakers and the general public is to challenge everything that you hear or read about the attribution of cyberattacks," Carr wrote. "Demand to see the evidence . . . . Be aware that the FBI, Secret Service, NSA, CIA and DHS rarely agree with each other, that commercial cybersecurity companies are in the business of competing with each other and that 'cyber intelligence' is frequently the world's biggest oxymoron."
Video: North Korea Probably Not Behind
Sony Pictures Hack, Says Cyber Security Expert
Caroline Baylon, a research associate in cyber security at Chatham House, discusses why the North Korean government was probably not behind the hack of Sony Pictures. The company has now cancelled the Christmas release of a film at the centre of the hacking scandal, The Interview, after terrorist threats to cinemagoers and a decision by major movie theatre groups to cancel screenings in the US.
North Korea Demands Joint Inquiry
With US into Sony Pictures Hack
(December 20, 2014) -- North Korea has proposed holding a joint inquiry with the US into the hacking of Sony Pictures, claiming it can prove it did not carry out the cyber-attack.
The foreign ministry in Pyongyang denied responsibility for the the highest-profile corporate hack in history, and said there would be grave consequences if Washington refused to collaborate on an investigation and continued to blame it.
The state KCNA news agency added that claims North Korea had conducted the attack on Sony in revenge for the controversial comedy The Interview, a multimillion-dollar comedy starring James Franco and Seth Rogen that depicts the assassination of Kim Jong-un, were "groundless slander."
KCNA quoted the foreign ministry as saying: "As the United States is spreading groundless allegations and slandering us, we propose a joint investigation with it into this incident.
"Without resorting to such tortures as were used by the CIA, we have means to prove that this incident has nothing to do with us."
North Korea's comments came after Barack Obama said Sony had made a mistake in axing the comedy, which had been due for release on Christmas Day.
Speaking on Friday after the FBI pinned the blame for the cyber-attack on North Korea, Obama said: "We cannot have a society in which some dictator some place can start imposing censorship here in the United States, because if somebody is able to intimidate folks out of releasing a satirical movie, imagine what they start doing when they see a documentary that they don't like, or news reports that they don't like.
"Or even worse imagine if producers and distributors and others start engaging in self-censorship because they don't want to offend the sensibilities of somebody whose sensibilities probably need to be offended.
"That's not who we are. That's not what America is about."
Obama said he was sympathetic to Sony's plight but added: "I wish they had spoken to me first."
Sony Entertainment's CEO, Michael Lynton, hit back, saying the company had been in touch with White House officials over the hacking before the film was pulled.
Lynton argued the comedy had been pulled because it would have been impossible to screen after major cinema groups backed out for fear of terrorist attacks.
Lynton told CNN he hoped the film would still be shown, but added no video on demand services had supported a release.
"We have not backed out. We have always had every desire to let the American public see it," Lynton said.
On Wednesday Sony issued a statement saying it had "no further release plans" for the film and has also pulled its website and promotional material from an official YouTube channel.
The FBI has been investigating suspected links with North Korea's Bureau 121 hacking unit since early December, and on Friday officials said a technical analysis of the malware used in the attack had been linked to other similar software "that the FBI knows North Korean actors previously developed."
"We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea's attack on SPE [Sony Pictures Entertainment] reaffirms that cyberthreats pose one of the gravest national security dangers to the United States," the FBI said in a statement.
The White House had already labelled the attack a "serious national security matter," but Obama would not be drawn on Washington's reponse.
"We will respond, we will respond proportionally, and in a place and time that we choose. It's not something that I will announce here today at this press conference," he said.
Sony has been left reeling from the November attack, after thousands of confidential documents, including employee social security numbers, personal emails, unreleased films and executive pay were published online.
The hacking group Guardians of Peace (GOP) that claimed responsibility for the attack demanded Sony pull release of The Interview, which it did on Wednesday after threats invoking 9/11 were made against cinemagoers, and after major US theater groups cancelled screenings.
The decision has drawn the ire of many high-profile names in Hollywood, who have also criticised the press for publishing details from the hacked documents.
George Clooney called on Hollywood to get The Interview released in any format possible. "We cannot be told we can't see something by Kim Jong-un, of all fucking people . . . we have allowed North Korea to dictate content and that is just insane," he said in an interview with Deadline.
GOP reportedly sent Sony executives a message on Thursday evening, calling the studio's decision to cancel the release "very wise."
The statement was written in broken English and leaked to CNN. It continued: "Now we want you never let the movie released, distributed or leaked in any form of, for instance, DVD or piracy.
"And we want everything related to the movie, including its trailers, as well as its full version down from any website hosting them immediately."
Posted in accordance with Title 17, Section 107, US Code, for noncommercial, educational purposes.