FBI Wrong on Sony Hack
After Sony Pictures was the victim of a sophisticated cyberattack just before Thanksgiving, they and the FBI were quick to point the finger of blame at North Korea, saying the attack was perpetrated in retaliation for the film The Interview. The media was quick to jump on the bandwagon and considered it a forgone conclusion that Pyongyang was behind what is almost certainly the largest data breach ever experienced by an American company. But many cybersecurity experts are saying that the available evidence doesn’t support that conclusion. The evidence points, instead, to a hacktivist group calling itself “Guardians of Peace,” which first attempted extortion, then when that failed, began a rolling release of Sony’s data to the media and the web. The information that was leaked to news services and the Internet included personnel files, salaries and salary negotiations, employee Social Security numbers, unreleased scripts, and several movies (four of which had not even been shown in theaters yet).
After the FBI determined that North Korea was responsible, President Obama publicly accused Pyongyang and threatened a “proportional response.” The first part of that, said the president, would be strict financial sanctions against the communist nation, made under authority he granted himself via an executive order. In a statement from the White House, Treasury Secretary Jacob Lew said:
Today’s actions are driven by our commitment to hold North Korea accountable for its destructive and destabilizing conduct. Even as the FBI continues its investigation into the cyber-attack against Sony Pictures Entertainment, these steps underscore that we will employ a broad set of tools to defend U.S. businesses and citizens, and to respond to attempts to undermine our values or threaten the national security of the United States. The actions taken today under the authority of the President’s new Executive Order will further isolate key North Korean entities and disrupt the activities of close to a dozen critical North Korean operatives. We will continue to use this broad and powerful tool to expose the activities of North Korean government officials and entities.
FBI’s Cursory Investigation
Much of the evidence that the FBI and Sony Pictures relies upon for their assertion that North Korea was involved has been called “flimsy” by the private-sector experts who have looked at it and other evidence. It also appears that the FBI has overlooked evidence that would be more valuable in determining the actual perpetrators. For instance, the FBI made much of the Korean programming language used in the intrusion into Sony’s servers — though it is well known that hackers often use a variety of programming languages to disguise themselves and their locations — while not considering how the hackers knew exactly where to look for the data they stole. That data was stored on servers at Sony, and the hackers knew the names and passwords of those servers and hard coded that information into the malware they used in the attack. That knowledge indicates that someone inside Sony was involved in the breach.
JBS Member or ShopJBS.org Customer?
Sign in with your ShopJBS.org account username and password or use that login to subscribe.
Subscribe Now
- 24 Issues Per Year
- Digital Edition Access
- Exclusive Subscriber Content
- Audio provided for all articles
- Unlimited access to past issues
- Cancel anytime.
- Renews automatically
Subscribe Now
- 24 Issues Per Year
- Print edition delivery (USA)
*Available Outside USA - Digital Edition Access
- Exclusive Subscriber Content
- Audio provided for all articles
- Unlimited access to past issues
- Cancel anytime.
- Renews automatically