A well-placed captain at Cyber Command confirmed to Gotnews.com that North Korea wasn’t behind the Sony hack today.
He becomes just the latest in a string of interview and sources confirming North Korea wasn’t behind the alleged attack. “We’re all [the law enforcement profession] very embarrassed that the government ran with this,” he said.
The captain shares the views of hackers, Sony insiders, and law enforcement officials interviewed by Gotnews.com over the last few days.
A Sony insider who had his Social Security information released described the company’s security as “hard on the outside, squishy in the middle” and “criminally negligent.” You “essentially can go anywhere once you’re inside.” The insider said that Sony had no security once you got within the system and that “you could readily access salary information for employees who had left 15 years before.”
The mainstream media and conservative pundits are claiming that the FBI is claiming based on highly circumstantial evidence that North Korea was behind the attack. In fact, the FBI’s statement is far more complicated.
“The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea,” Reuters reported in early December.
FireEye, a company that specializes in identifying the origins of cyber hacks, has pointed out the problems of using this malware method of identification.
Here’s an example: “This method of tracing the origins of an attack is not foolproof. In theory, a Russian national could employ a North Korean keyboard to disguise his or her identity and whereabouts, for example.”
The FBI’s argument seems to make it obvious that the use of the malware bomb was intended to cast blame on North Korea as an exit plan. The hackers sought first to steal and then to exit and use the Korean connection as the cover up.
Other commentators are already raising serious doubts about the alleged North Korean connection.
This comment is particularly illustrative.
The analysis doesn’t blame Korea or anyone else, it’s the media taking that route. The analysis just lists the file targets and the information you’d want to see if you have a match; e.g.
Size: 249856 bytes (244.0 KB)
PE Compile Time: 2014-11-24 04:11:08
Language pack of resource section: Korean
Cyber security expert Marc Rogers also doubts the Korean involvement as well.
Why I don't think North Korea has anything to do with the Sony hack – http://t.co/cjIEUqQrMR
— Marc Rogers (@marcwrogers) December 18, 2014
So does Ryan Lackey.
— Ryan Lackey (@octal) December 18, 2014
GotNews.com is also exploring the Korean language angle.
Full disclosure: I have helped the FBI and other law enforcement agencies work on other crime solving problems before.