FBI Still Standing By Its 'North Korea Did It!' Claims On The Sony Hack
from the still-pretty-sure dept
After the FBI formally named North Korea as being behind the Sony Hack, a lot of people in the cybersecurity community explained why they didn't find the evidence at all compelling. There was pretty widespread disbelief in the story -- though most admitted that it was possible that the FBI had additional evidence it wasn't sharing. In the past few days, a lot of attention has been paid to a theory coming out of Norse Security, that the attack really came from a group of people (not associated with North Korea) including, in particular, a disgruntled ex-Sony employee. On Monday, the FBI met with Norse to hear what the company had to say, but apparently came away unconvinced. The FBI continues to stand by its assertion that North Korea did it.Asked about the meeting and criticism on Monday, the FBI declined to comment beyond a prepared statement that they are confident the North Koreans are behind the crippling Thanksgiving attack and there is “no credible information” to suggest otherwise.Ouch. Once again, it is entirely possible that the FBI has access to even more information that it has not shared. However, it does seem rather clear at this point that the evidence it has shared publicly is just as unconvincing to cybersecurity experts as the information those security experts have shared is unconvincing to the FBI.
Tuesday, a U.S. official familiar with the matter said after the three-hour meeting, law enforcement concluded that the company’s analysis “did not improve the knowledge of the investigation.”
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fbi, north korea, sony hack
Companies: norse security, sony, sony pictures
Reader Comments
Subscribe: RSS
View by: Time | Thread
Insiders?
https://www.schneier.com/blog/archives/2014/12/more_data_on_at.html
[ link to this | view in chronology ]
All part of the plan
And the Feds have far more interesting things to do with their time, these days, than 'investigate.'
[ link to this | view in chronology ]
Re: All part of the plan
[ link to this | view in chronology ]
Re: All part of the plan
There's the problem. Their claim has no credibility because they haven't backed it up with evidence. The FBI's default credibility isn't that high, so it's a bit weird that they actually expect us to take them at their word.
[ link to this | view in chronology ]
Blaming NK is a political move. As i noticed in the last few years, every time the US says they have evidence to back up their claims but refuse to share it it turns out to be bullshit.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
If the FBI doesn't want to provide classified evidence to the public, in order to backup their claims. Then they would be wise refrain from making such baseless accusations in public.
Obviously the FBI isn't acting wisely. In fact, they look pretty silly.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: these are the same guys who invent and solve their own plots.
[ link to this | view in chronology ]
Re: Re: these are the same guys who invent and solve their own plots.
[ link to this | view in chronology ]
Re: Re: these are the same guys who invent and solve their own plots.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Malaysian plane
Friendly reminder that the US still has evidence that proves that evil communists or dictators did those but refuse to share it. (syrian is comfirmed lie, gas was used by those who the US supports multiple times)
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Spin cycle
[ link to this | view in chronology ]
Re: Spin cycle
[ link to this | view in chronology ]
Re: Re: Spin cycle
[ link to this | view in chronology ]
Sad
[ link to this | view in chronology ]
Washington Senators
[ link to this | view in chronology ]
Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Washington Senators
[ link to this | view in chronology ]
Re: Washington Senators
My farts are better contribution to the survival of the human race than anything he says.
[ link to this | view in chronology ]
If after jumping to a conclusion, which seems untethered from reality, someone might decide someone else should do the job.
Also it helps consumer confidence that corporations are secure, and only nation states can hack them not 3 guys and Becki from accounting.
Keeping everyone worried about the balance of power in the world and distracted from the truth is how the nation has functioned for a very long time now and why not DPRK? The odds of a land war are slim, so other than some posturing there can be no downside... except if the reports of nukes are true.
[ link to this | view in chronology ]
Nukes [was Re: ]
“Kim Jong Un Open to ‘Highest-Level’ Talks With South Korea”, by Sam Kim, Bloomberg, Dec 31, 2014
[ link to this | view in chronology ]
Upcoming Hearing
[ link to this | view in chronology ]
Re: Upcoming Hearing
[ link to this | view in chronology ]
space aliens did it
[ link to this | view in chronology ]
Re: space aliens did it
That makes 2 sources....even more true.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
False flag
[ link to this | view in chronology ]
shall i quote 2 days of george bush
so whoever i am i hacked the taliban website and told a mole of theirs....we knew of for LOL 8 bloody months....
freaked the fooker never came back and bush came on tv a second time and said and i'll quote
"[goofy lil laugh smile a his] ...ok hackers aren't terrorists...but please don't attack the talibans website, they might put information there"
LIKE RETARD AHOY , LETS PUT OUR SUPER SECRET ATTACK PLAN ON A PUBLIC WEBSITE....and the fbi....
they did attacks like this in the past we hackers know there operatis mottom so well we never got snared by there arrest of lolsec idiot....WE KNEW .....
and we know and are truly every where
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Why exactly is anyone trusting their word at this point?
[ link to this | view in chronology ]
Credibility [was Re: ]
[ link to this | view in chronology ]
Re: Credibility [was Re: ]
... or had something to gain by sticking to the 'Those dastardly North Koreans did it!' narrative.
Like, oh I dunno, to try and cram through the terrible(but great for the intelligence agencies) CISPA and CISPA clone bills, touted as being needed to 'protect' companies from cyber attacks, but which has been stomped flat the last couple of times they've tried to get it passed?
[ link to this | view in chronology ]
Re: Re: Credibility [was Re: ]
“Uncertainties cloud East Asia security prospects”, by Song Sang-ho, The Korean Herald, Dec 31, 2014
[ link to this | view in chronology ]
Re: Re: Re: Credibility [was Re: ]
How very compelling.
[ link to this | view in chronology ]
Re: Re: Re: Re: Credibility [was Re: ]
[ link to this | view in chronology ]
Re: Re: Re: Re: Credibility [was Re: ]
It's not clear he's trying to prove a point with these quotes. Some of them almost seem random.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Credibility [was Re: ]
[ link to this | view in chronology ]
Re: Re: Re: Credibility [was Re: ]
No wonder they've only ever let one journalist look at their database of research.
[ link to this | view in chronology ]
Re: Credibility [was Re: ]
This is the funniest thing I've read today.
[ link to this | view in chronology ]
Need new federal legislation
[ link to this | view in chronology ]
FBI = Keystone CyberKops
http://uk.businessinsider.com/the-fbi-may-have-made-a-huge-mistake-in-its-investigation-of-the- sony-hack-2014-12
"a journalist who writes about cybersecurity stepped forward and claimed that he wrote the threat to CNN as a prank, copying another message that he found online and simply swapping some of the words."
[ link to this | view in chronology ]
According to one article I read NK has 1 count it, 1 ISP. That comes from China.
All the three letter agencies long ago lost all credibility to be believed over the lying done previously. Without proof it's just another scheme to divert unwanted attention from their real problems or a plan to push through another insane bill to open up yet more individual privacy matters.
We've had too many examples of how this works to throw money at private corporations and too many examples of how to waste money on insane themes of unending wars. The real issues here are that those same 3 letter agencies have been responsible for many of the unpatched security concerns in software making much of the hacking possible.
[ link to this | view in chronology ]
Or that they're to ashamed that the egg on their faces won't wash away.
[ link to this | view in chronology ]
Ha ha ha the FBI says
And now the FBI says North Korea did the Sony hack. Well then, North Korea obviously did it because the FBI says so. Ha ha ha ha. The FBI really needs to be on Saturday Night Live. They are funny.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Good evidence here
[ link to this | view in chronology ]
Sanctions
[ link to this | view in chronology ]
Re: Sanctions
[ link to this | view in chronology ]
Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Sanctions
Do they even pretend that they don't work directly for the large companies anymore?
[ link to this | view in chronology ]
Re: Re: Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Re: Re: Sanctions
And here's the million dollar question, one that never seems to be asked by politicians, but just taken as truth:
What 'grave damage' would that be?
I've read stories about some dirty laundry being aired, stories about a few people in various companies and organizations suddenly trying to get rid of the egg on their face, but I have yet to see a story about how Sony, and more importantly, the US, is suffering any 'grave damage' due to Sony being hacked. The way they're flipping out, you'd think that the DOJ/CIA's networks were broken into, not just a large electronics/entertainment company.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Sanctions
And uh, what data was destroyed again?
See, this is why it's so hard to believe their claims or take them seriously, time and time again they blow things completely out of proportion in order to serve their agenda. The hackers managed to make off with I believe 11 TB worth of data, if they'd really wanted to delete things, they could have easily done it, yet instead they just copied stuff.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Sanctions
“Update on Sony Investigation”, FBI press release, Dec 19, 2014
“Sony Cyberattack, First a Nuisance, Swiftly Grew Into a Firestorm”, by Michael Cieply and Brooks Barnes, Dec 30, 2014
“Top congressional Democrat asks Sony for hack details”, Reuters, Dec 23, 2014
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Sanctions
“FBI memo warns of malware possibly linked to hack at Sony Pictures”, by Steve Ragan, CSO (“Salted Hash” webcolumn), Dec 1, 2014
“Mandiant to Sony Pictures: Nothing could have prepared you for this”, by Steve Ragan, CSO (“Salted Hash” webcolumn), Dec 8, 2014
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Sanctions
Alert (TA14-353A): Targeted Destructive Malware, US-CERT, Dec 19, 2014
(“Hackers Used Sophisticated SMB Worm Tool to Attack Sony”, by Mike Lennon, Security Week, Dec 19, 2014)
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Sanctions
Also, unless they were completely and utterly hopeless at data security, saying a bunch of data centers had been wiped clean, and servers destroyed, should be nothing more than a temporary problem, as they replace the compromised hardware, and restore what was lost from backups(they do have backups, right?).
Annoying and costly sure, but hardly apocalyptic level disaster.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Sanctions
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Sanctions
Compare with: “Experts: Sony hackers 'have crossed the line' ”, by Elizabeth Weise, KAGS News (USATODAY), Dec 17, 2014 (original story no longer readily available online at USA Today)
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Sanctions
Interesting. So, deleting data, which -- assuming that there is even a minimally competent backup program in place -- is an act that isn't all that damaging, is over "the line" but the more damaging activities of spying and copying that information is not? Bizarre.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
“Seth Rogen movie an ‘act of war,’ North Korea says”, by Choe Sang-Hun, Boston Globe, June 25, 2014
[ link to this | view in chronology ]
Didn't we learn from Iraq
And like people are saying, why does the US government have to "do something" when Sony is a Japanese *company*? It's not like the hackers hacked into a government agency.
[ link to this | view in chronology ]
Re: Didn't we learn from Iraq
And the reason why the U.S. government should not concern itself with this particular federal crime is because the victim is the American daughter company of a Japanese parent corporation? Is that right? The American daughter of a Japanese parent is not protected against federal crimes occurring in California.
[ link to this | view in chronology ]
Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Didn't we learn from Iraq
[ link to this | view in chronology ]
Confidence
[ link to this | view in chronology ]