FBI Still Standing By Its 'North Korea Did It!' Claims On The Sony Hack
from the still-pretty-sure dept
After the FBI formally named North Korea as being behind the Sony Hack, a lot of people in the cybersecurity community explained why they didn’t find the evidence at all compelling. There was pretty widespread disbelief in the story — though most admitted that it was possible that the FBI had additional evidence it wasn’t sharing. In the past few days, a lot of attention has been paid to a theory coming out of Norse Security, that the attack really came from a group of people (not associated with North Korea) including, in particular, a disgruntled ex-Sony employee. On Monday, the FBI met with Norse to hear what the company had to say, but apparently came away unconvinced. The FBI continues to stand by its assertion that North Korea did it.
Asked about the meeting and criticism on Monday, the FBI declined to comment beyond a prepared statement that they are confident the North Koreans are behind the crippling Thanksgiving attack and there is ?no credible information? to suggest otherwise.
Tuesday, a U.S. official familiar with the matter said after the three-hour meeting, law enforcement concluded that the company?s analysis ?did not improve the knowledge of the investigation.?
Ouch. Once again, it is entirely possible that the FBI has access to even more information that it has not shared. However, it does seem rather clear at this point that the evidence it has shared publicly is just as unconvincing to cybersecurity experts as the information those security experts have shared is unconvincing to the FBI.
Filed Under: fbi, north korea, sony hack
Companies: norse security, sony, sony pictures
Comments on “FBI Still Standing By Its 'North Korea Did It!' Claims On The Sony Hack”
Insiders?
Bruce Schneier wrote about this today, still many options on the table.
https://www.schneier.com/blog/archives/2014/12/more_data_on_at.html
All part of the plan
If the FBI can successfully, credibly or, more likely, continually, blame North Korea then they get to declare cyber-war on another (much vilified) country, or terrorists. But if people successfully show it was an act of, or started by, a ‘disgruntled ex-employee’ then all they get is another investigation.
And the Feds have far more interesting things to do with their time, these days, than ‘investigate.’
Re: All part of the plan
Don’t forget that the Sony Hack came at a really convenient time… just after all those torture attrocity suspicions were confirmed….
Re: All part of the plan
“If the FBI can successfully, credibly […]”
There’s the problem. Their claim has no credibility because they haven’t backed it up with evidence. The FBI’s default credibility isn’t that high, so it’s a bit weird that they actually expect us to take them at their word.
Because the FBI never lies and there is no way they were involved in the hacks in any way…
Blaming NK is a political move. As i noticed in the last few years, every time the US says they have evidence to back up their claims but refuse to share it it turns out to be bullshit.
Re: Re:
I think Occam’s Razor applies here. The simplest explanation is that disgruntled (ex)-employees were heavily involved. The real question is why would NK want to hack and dump the information which acts more like revenge.
The FBI should refrain from making baseless accusations without any evidence to backup such claims. The whole “trust us, we have secret evidence”, is hardly compelling or believable.
If the FBI doesn’t want to provide classified evidence to the public, in order to backup their claims. Then they would be wise refrain from making such baseless accusations in public.
Obviously the FBI isn’t acting wisely. In fact, they look pretty silly.
Re: Re:
Well, the FBI, if they have ‘SUPAH SEKRIT EVIDUNCE,’ should reveal what their evidence is. This is not hard to comprehend in a remotely “just” society.
Re: these are the same guys who invent and solve their own plots.
so of course we believe them. you keep thinking that,
Re: Re: these are the same guys who invent and solve their own plots.
Um im saying they had no evidence….
You mean like the weapons of mass destruction evidence…
Re: Re:
Syrian gas attacks
Malaysian plane
Friendly reminder that the US still has evidence that proves that evil communists or dictators did those but refuse to share it. (syrian is comfirmed lie, gas was used by those who the US supports multiple times)
Re: Re: Re:
“Report reaffirms use of chemical weapons in Syria”, Al Jazeera, Jan 6, 2015
It’s an excuse to push through bad “Cyber Warfare” legislation. They want unfettered access to all electronic communications. Now they create an excuse to require backdoors.
Spin cycle
“Conservative hero Ben Carson on Sony: ‘I am proud of the president’ ”, by Jeremy Diamond, CNN, Dec 31, 2014
Re: Spin cycle
Oh, the tea party, you mean that movement that was about rejecting the official 911 story that was highjacked by wingnuts and the cock brothers who trademarked the organization? Yeah, those people are completely trustworthy.
Re: Re: Spin cycle
“Public scorn for LG, Samsung’s ‘washing’ battle”, by Se Young Lee, Asian Age, Jan 1, 2015
Sad
This attack LOL’d us better than anything Anonymous ever pulled off.
Washington Senators
“China involved in Sony attack? Senator says yes”, by CNN Wire, Q13 Fox News, Dec 29, 2014
Re: Washington Senators
Well, he’s right about that. But if the fundamental premise (that North Korea did it) is invalid, then the derived conclusion (that China had a hand in North Korea’s hack) is also invalid.
Re: Re: Washington Senators
“U.S. suspects North Korea’s surveillance body was involved in Sony cyberattack via Shenyang”, Japan Times, Jan 1, 2015
Re: Washington Senators
just shows a lack of understanding for the lack of security at sony.
Re: Re: Washington Senators
On December 10th, 2014, in testimony before the Senate Committee on Banking, Housing, and Urban Affairs, the FBI Cyber Division’s Assistant Director, Mr Joseph Demarest, Jr, characterized the Sony attackers’ sophistication as “extremely high.”
Re: Re: Re: Washington Senators
And why do you believe him?
Re: Re: Re:2 Washington Senators
“Sony Hacking: After Seeing ‘The Interview, US Intel Chief Says North Koreans ‘Don’t Have a Sense of Humor’ ”, By Aaron Katersky, ABC News, Jan 7, 2015
Re: Re: Re:3 Washington Senators
“GOP senator calls for Sony hack hearing”, by Cory Bennett, The Hill, Dec 21, 2014
Re: Re: Re:4 Washington Senators
“US intelligence director: Sony cyberattack demonstrates new North Korean threat”, Fox News (AP), Jan 7, 2015
Re: Washington Senators
Lindsay Graham is one crazy ginger head, that’s what I know. Just the way he speaks has a creepy ring about it, I wouldn’t be surprised he’s up high in the hierarchy of those high ranking politician pedophile circles.
My farts are better contribution to the survival of the human race than anything he says.
They have been given a whole couple truck loads of cash, and there is more if they can keep cyberattacks in their area of concern.
If after jumping to a conclusion, which seems untethered from reality, someone might decide someone else should do the job.
Also it helps consumer confidence that corporations are secure, and only nation states can hack them not 3 guys and Becki from accounting.
Keeping everyone worried about the balance of power in the world and distracted from the truth is how the nation has functioned for a very long time now and why not DPRK? The odds of a land war are slim, so other than some posturing there can be no downside… except if the reports of nukes are true.
Re: Nukes [was ]
“Kim Jong Un Open to ‘Highest-Level’ Talks With South Korea”, by Sam Kim, Bloomberg, Dec 31, 2014
Upcoming Hearing
“McCain to hold cybersecurity hearing after Sony attack”, by Jeremy Diamond, CNN, Dec 19, 2014
Re: Upcoming Hearing
Totally what the people of Arizona are the most concerned with, right?
space aliens did it
NO I SAY SO , SO ITS TRUE
Re: space aliens did it
I read on the internet that it was space aliens.
That makes 2 sources….even more true.
Now they’re also claiming the same hackers hacked some other company. Why would NK do that if they only cared about that movie?
False flag
This looks to me like a classic false flag operation meant to distract from the torture report and boost support for CISPA/NSA surveillance/whatever they’re calling it now. “This proves it. We must remove liability for corporate data sharing with the NSA or WE’LL ALL DIEEEEE!!!1” etc etc etc.
shall i quote 2 days of george bush
sept 11 bush said hackers were terrorists
so whoever i am i hacked the taliban website and told a mole of theirs….we knew of for LOL 8 bloody months….
freaked the fooker never came back and bush came on tv a second time and said and i’ll quote
“[goofy lil laugh smile a his] …ok hackers aren’t terrorists…but please don’t attack the talibans website, they might put information there”
LIKE RETARD AHOY , LETS PUT OUR SUPER SECRET ATTACK PLAN ON A PUBLIC WEBSITE….and the fbi….
they did attacks like this in the past we hackers know there operatis mottom so well we never got snared by there arrest of lolsec idiot….WE KNEW …..
and we know and are truly every where
i dont know any more than anyone else who was responsible but i wouldn’t mind betting the accusation was thrown at N.Korea, just to give the excuse of starting some sort of action against it. it’s not as if the USA has ever lied in such cases, is it!
from an organization that is supposed to protect its citizens from danger that goes around creating terrorism plots against americans.
Why exactly is anyone trusting their word at this point?
Re: Credibility [was ]
“Sony hacking: North Korea mystery continues”, Times of India (AFP), Dec 31, 2014
Re: Re: Credibility [was ]
“The intelligence community would never have let (Obama) stick his neck out on this unless they had a high degree of confidence about this,” he said.
… or had something to gain by sticking to the ‘Those dastardly North Koreans did it!’ narrative.
Like, oh I dunno, to try and cram through the terrible(but great for the intelligence agencies) CISPA and CISPA clone bills, touted as being needed to ‘protect’ companies from cyber attacks, but which has been stomped flat the last couple of times they’ve tried to get it passed?
Re: Re: Re: Credibility [was ]
“Uncertainties cloud East Asia security prospects”, by Song Sang-ho, The Korean Herald, Dec 31, 2014
Re: Re: Re:2 Credibility [was ]
So basically the ‘evidence’ you keep posting basically sums up to ‘NK did it because we said so’.
How very compelling.
Re: Re: Re:3 Credibility [was ]
“Obama’s daunting new year”, by Nicholas Burns, Boston Globe, Jan 1, 2015
Re: Re: Re:3 Credibility [was ]
So basically the ‘evidence’ you keep posting basically sums up to ‘NK did it because we said so’.
It’s not clear he’s trying to prove a point with these quotes. Some of them almost seem random.
Re: Re: Re:4 Credibility [was ]
I appreciate your use of the word “almost.”
Re: Re: Re:2 Credibility [was ]
Oh the RAND corp, the corporation that has computerized models of a perfect society where everyone is taking advantage of others at a level that is acceptable to each other, so basically a system on how make a viable world for psychopaths.
No wonder they’ve only ever let one journalist look at their database of research.
Re: Re: Credibility [was ]
“The intelligence community would never have let (Obama) stick his neck out on this unless they had a high degree of confidence about this,” he said.
This is the funniest thing I’ve read today.
Need new federal legislation
Clearly, offering evidence contrary to the findings of the FBI causes confusion and may lead to error and wrong decision-making. What we obviously need is federal legislation outlawing (with severe penalties) disputes with the expert findings of the honorable men of the FBI. /s
FBI = Keystone CyberKops
“The FBI May Have Made An Embarrassing Mistake While Investigating The Sony Hack”
http://uk.businessinsider.com/the-fbi-may-have-made-a-huge-mistake-in-its-investigation-of-the-sony-hack-2014-12
“a journalist who writes about cybersecurity stepped forward and claimed that he wrote the threat to CNN as a prank, copying another message that he found online and simply swapping some of the words.”
This smells bad from the start. Hacker attacks typically take weeks and months to determine who, what, and where. Yet within days the FBI comes out with NK did it. A country that has troubles feeding its people and keeping the lights on.
According to one article I read NK has 1 count it, 1 ISP. That comes from China.
All the three letter agencies long ago lost all credibility to be believed over the lying done previously. Without proof it’s just another scheme to divert unwanted attention from their real problems or a plan to push through another insane bill to open up yet more individual privacy matters.
We’ve had too many examples of how this works to throw money at private corporations and too many examples of how to waste money on insane themes of unending wars. The real issues here are that those same 3 letter agencies have been responsible for many of the unpatched security concerns in software making much of the hacking possible.
“Once again, it is entirely possible that the FBI has access to even more information that it has not shared.”
Or that they’re to ashamed that the egg on their faces won’t wash away.
Ha ha ha the FBI says
The FBI says building 7 came down at free fall speed because of office fires. The FBI agrees that it was the magic bullet which killed Kennedy. The FBI sees no reason to arrest fast and furious, gun running Holder or the usurper Obama.
And now the FBI says North Korea did the Sony hack. Well then, North Korea obviously did it because the FBI says so. Ha ha ha ha. The FBI really needs to be on Saturday Night Live. They are funny.
If FBI knew or had evidence of North Korea, they would never had wasted 3 hours at Norse.
Good evidence here
The Son¥ hack was very likely to have been committed by a disgruntled former employee. After all, who is more likely to have known of their continuing shoddy ‘security’ practices?
Sanctions
“In Response to Sony Attack, U.S. Levies Sanctions on 10 North Koreans”, by Michael S. Schmidt and David E. Sanger, New York Times, Jan 2, 2015
Re: Sanctions
United States Department of the Treasury press release: “Treasury Imposes Sanctions Against the Government of The Democratic People’s Republic Of Korea”, Jan 2, 2015
Re: Sanctions
The White House, Office of the Press Secretary: “Statement by the Press Secretary on the Executive Order Entitled ‘Imposing Additional Sanctions with Respect to North Korea’ ”, Jan 2, 2015
Re: Re: Sanctions
‘Proportional’? Are they even listening to themselves? Assuming that they are right, and that NK is responsible for the Sony hack, one company got hacked, and the ‘proportional’ response is sanctions against an entire country?
Do they even pretend that they don’t work directly for the large companies anymore?
Re: Re: Re: Sanctions
The 39th president of the United States, Jimmy Carter, writing in the Washington Post, “Cuba, North Korea, and getting sanctions right” (Dec 26, 2014):
Re: Re: Re: Sanctions
“Obama administration imposes sanctions on North Korea, after Sony hack”, Fox News, Dec 2, 2015
Re: Re: Re:2 Sanctions
cyberattacks that can do grave damage
And here’s the million dollar question, one that never seems to be asked by politicians, but just taken as truth:
What ‘grave damage’ would that be?
I’ve read stories about some dirty laundry being aired, stories about a few people in various companies and organizations suddenly trying to get rid of the egg on their face, but I have yet to see a story about how Sony, and more importantly, the US, is suffering any ‘grave damage’ due to Sony being hacked. The way they’re flipping out, you’d think that the DOJ/CIA’s networks were broken into, not just a large electronics/entertainment company.
Re: Re: Re:3 Sanctions
“Does North Korea’s Sony hacking qualify as an ‘attack’ on US?”, by Wyatt Olson, Stars and Stripes, Dec 23, 2014
Re: Re: Re:3 Sanctions
“U.S. Sanctions Seen as Warning to Nations Backing Cyber-Attacks”, by Jim Snyder, Bloomberg, Jan 2, 2015
Re: Re: Re:4 Sanctions
but to destroy data on a foreign network
And uh, what data was destroyed again?
See, this is why it’s so hard to believe their claims or take them seriously, time and time again they blow things completely out of proportion in order to serve their agenda. The hackers managed to make off with I believe 11 TB worth of data, if they’d really wanted to delete things, they could have easily done it, yet instead they just copied stuff.
Re: Re: Re:5 Sanctions
“Update on Sony Investigation”, FBI press release, Dec 19, 2014
“Sony Cyberattack, First a Nuisance, Swiftly Grew Into a Firestorm”, by Michael Cieply and Brooks Barnes, Dec 30, 2014
“Top congressional Democrat asks Sony for hack details”, Reuters, Dec 23, 2014
Re: Re: Re:6 Sanctions
Followup:
“FBI memo warns of malware possibly linked to hack at Sony Pictures”, by Steve Ragan, CSO (“Salted Hash” webcolumn), Dec 1, 2014
“Mandiant to Sony Pictures: Nothing could have prepared you for this”, by Steve Ragan, CSO (“Salted Hash” webcolumn), Dec 8, 2014
Re: Re: Re:6 Sanctions
Additional Followup:
Alert (TA14-353A): Targeted Destructive Malware, US-CERT, Dec 19, 2014
(“Hackers Used Sophisticated SMB Worm Tool to Attack Sony”, by Mike Lennon, Security Week, Dec 19, 2014)
Re: Re: Re:6 Sanctions
So, they might have actually gotten a little more than a black eye out of the fiasco after all. Unfortunate, but I can’t really feel too sorry for them, after the whole Sony Rootkit thing a few years back.
Also, unless they were completely and utterly hopeless at data security, saying a bunch of data centers had been wiped clean, and servers destroyed, should be nothing more than a temporary problem, as they replace the compromised hardware, and restore what was lost from backups(they do have backups, right?).
Annoying and costly sure, but hardly apocalyptic level disaster.
Re: Re: Re:5 Sanctions
“Menendez urges broader U.S. crackdown on North Korea”, by Jon Prior, Politico, Jan 4, 2015
Re: Re: Re:4 Sanctions
Compare with: “Experts: Sony hackers ‘have crossed the line’ ”, by Elizabeth Weise, KAGS News (USATODAY), Dec 17, 2014 (original story no longer readily available online at USA Today)
Re: Re: Re:4 Sanctions
“. . . For the U.S., the Sony attack was different because it wasn’t simply an attempt to disrupt traffic, spy or steal information, but to destroy data on a foreign network, said an administration official involved in the deliberations about how to respond. “
Interesting. So, deleting data, which — assuming that there is even a minimally competent backup program in place — is an act that isn’t all that damaging, is over “the line” but the more damaging activities of spying and copying that information is not? Bizarre.
Isn’t it a sad notion that, at this point, I believe statements from North Korea more than I believe the FBI of the United States? The FBI, a part of the DoJ, is trying to sell something to Congress and the American people. It’s a con job that is rather despicable and craven.
Re: Re:
“Seth Rogen movie an ‘act of war,’ North Korea says”, by Choe Sang-Hun, Boston Globe, June 25, 2014
Didn't we learn from Iraq
It seems like our government is ready to blame North Korea for the hacks the same way they blamed Iraq for 9/11.
And like people are saying, why does the US government have to “do something” when Sony is a Japanese *company*? It’s not like the hackers hacked into a government agency.
Re: Didn't we learn from Iraq
So let me get this straight. You feel that the U.S. government should not be concerned when a federal crime occurs in California.
And the reason why the U.S. government should not concern itself with this particular federal crime is because the victim is the American daughter company of a Japanese parent corporation? Is that right? The American daughter of a Japanese parent is not protected against federal crimes occurring in California.
Re: Re: Didn't we learn from Iraq
Is there any other case of international sanctions being applied due to a federal crime being committed in the US? And if so, how long was the investigation?
Re: Re: Re: Didn't we learn from Iraq
Yes.
Re: Re: Re:2 Didn't we learn from Iraq
9/11 huh? So are you referring to sanctions delivered via Tomahawk missile? In any case, if that’s the category that this Sony hack is being put in, that’s just one more piece of evidence that the government is overreacting.
Re: Re: Re:3 Didn't we learn from Iraq
W80
Re: Re: Re:4 Didn't we learn from Iraq
I’m not sure what your point is in linking to a weapon that has never been used.
Re: Re: Re:5 Didn't we learn from Iraq
The exact situation that we find ourselves in happens to be somewhat unprecedented.
Re: Re: Re:5 Didn't we learn from Iraq
“Seoul Less Sure Than U.S. General of Pyongyang’s Nuclear Weapons Progress”, by Jeyup S. Kwaak, Wall Street Journal (blog), Jan 6, 2015
Confidence
“FBI Director Confident North Korea Was Behind Cyberattack”, ABC News (AP), Jan 7, 2015