The FBI will release a statement today blaming North Korea and its allies China, Iran and Russia for the Sony hack, while President Obama will also give a press conference in which he will finger the Hermit Kingdom as the culprit, despite the fact that the evidence overwhelmingly suggests North Korea was not responsible for the attack and that it was more likely an inside job.
The Stalinist state will be implicated for the hack attack despite the fact that, as the New York Times reported, “It is not clear how the United States determined that Mr. Kim’s government had played a central role in the Sony attacks.”
It is also likely that the hackers had “inside help” from a Sony employee given that, “Embedded in the malicious code were the names of Sony servers and administrative credentials that allowed the malware to spread across Sony’s network.”
Despite the FBI as of just a few days ago focusing on a Sony employee as the source of the leak, with insiders telling Radar Online that , “the FBI believes that the group had to have help from someone familiar with the infrastructure,” the federal agency has suddenly flipped 180 degrees and jumped on board with the White House’s baseless accusations.
Wired’s Kim Zetter notes that the evidence to blame North Korea is “flimsy” at best and that such accusations could merely be a “politically expedient” way of misleading the public on behalf of government and intelligence officials. The report also notes that it would be “easy for attackers to plant false flags that point to North Korea or another nation as the culprit.”
As technology editor David Gilbert explains, There is very little evidence that North Korea is behind the attack.”
The hackers themselves made no mention whatsoever of the film in their initial email to Sony and during a subsequent interview with CSO Online stated, “We are not under direction of any state.”
David Kennedy, founder of the security consulting firm TrustedSec LLC, adds that North Korea would be quick to take the credit for the hack if it was responsible (North Korean officials have repeatedly denied involvement). Kennedy also doubts that the attack was backed by China, while noting that North Korea “struggles with getting the technology it needs to launch major cyberattacks.”
Security blogger Marc W. Rogers documents a number of other indications that North Korea was not involved.
“The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea,” Rogers explains. “Not least because they don’t speak traditional ‘Korean’ in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult.”
Additionally, the broken English used “looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in ‘Konglish’. i.e it reads to me like an English speaker pretending to be bad at writing English.”
Rogers also explains how the hacker’s familiarity with the infrastructure clearly points to an insider being responsible.
“It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords,” Rogers notes. “While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider.”
Indeed, Sony executives themselves are convinced that the hack was an inside job. “We’re told the people at Sony who are investigating believe the hackers had intimate knowledge of mail systems and their configurations,” reports TMZ. “They also believe the hackers have knowledge of the internal media distribution systems and the internal IT systems, including human resources and payroll.”
In the Obama administration’s rush to blame North Korea for the hack, none of this evidence will even be mentioned during today’s press conference.
Given how the White House and top lawmakers have breathlessly seized upon the hack to reanimate “zombie” cybersecurity legislation that was dead and buried before the convenient Sony hack provided fresh justification, past history suggests that the prime suspect for the hack should be the U.S. government itself.
Those who accused the U.S. of being behind the two other most alarming cybersecurity attacks in recent years, the Stuxnet and Flame viruses, were labeled “conspiracy theorists.” It subsequently emerged that both attacks were the work of the United States and Israel.
The six major Hollywood studios also stand to gain from legislation to tighten control over online piracy which will be fast tracked in part because of the Sony hack.
As the Verge reports, Hollywood’s most powerful lawyers are in a war with entity they refer to as “Goliath” – Google to you and me – and are intent on resurrecting the failed SOPA bill in a bid to create new powers under which ISPs would be forced to comply with companies who demand websites accused of copyright violation be shut down on a whim with no due process whatsoever.