Sunday, December 21, 2014

The Sony hack... (warning: pure speculation to follow)

The FBI said technical analysis of malware used in the Sony attack found links to malware that "North Korean actors" had developed and found a "significant overlap" with "other malicious cyber activity" previously linked to Pyongyang. Reuters
It's obvious that North Korea is behind the attack on Sony in retaliation for making "The Interview"...

In fact it is so obvious that it makes me suspicious.

The North Koreans say they didn't do it... I believe them.
Much of North Korea’s hacking is done from China. And while the attack on Sony used some commonly available cybertools, one intelligence official said, “this was of a sophistication that a year ago we would have said was beyond the North’s capabilities.” Fareed Zakaria - Washington Post
I think they have been set up for the fall by a much more sophisticated attacker, one who doesn't want to take "credit" for the attack. There are two prime suspects in that case: China and Russia.  In my opinion it was the Russians. Here is a recent report of their work:
Russian state-backed cyber spies are behind coordinated, sophisticated digital attacks in the past two years against sensitive political and military targets, including Nato, the EU and government ministries, according to a security analyst. “Up until now the focus has been on China – but Russia is really the far more advanced player. Russia has been more effective at integrating cyber espionage into a geopolitical grand strategic campaign – not just a military one, but economic and political. They are more tactical too. More targeted in the institutions they go after . . . and more accomplished.” Financial Times - October 28, 2014
For me the Sony hack shows a very deep knowledge of the American economic and social system's weak points, where the celebrity culture intersects with the insurance/financial/complex and the communication infrastructure that supports it... and the rest of corporate America. I believe the Russians accumulated this kind of "reverse-Kremlinology" during the decades of the Cold War and that neither the Chinese or especially the North Koreans, would know how to touch so many of America's raw nerves simultaneously.
Why would the Russians pin it on the North Koreans?

They would for the same reason that Sony made the film: the North Koreans are comic book villains that are seen as crazy enough to do anything and it's precisely the the craziness that has made this incident so viral, where the comments about Angelina Jolie's possible insanity take precedence over the plus $90,000,000 that Sony stands to lose by pulling the film or the uncountable, confidential, corporate information, now in hostile hands. Russia certainly wouldn't want to provoke a hostile confrontation with the United States over something so "comic bookish", but the "comic bookishness" is an essential part of the incident's power. An attack on JP Morgan is probably much more serious than the Sony hack, but that would never grab the public's attention in the same way.

That leads us directly to the following questions:

What has the attack achieved? What would Russia have to gain by this attack?

The answer to the first question is the answer to the second.

The Sony hack has shown the fragility of America's complex system in a way that even the least technical person can understand it and because of the celebrity gossip involved the entire country, ladies and gentlemen and children of all ages have seen it and talked about it.
And what if the next target for the cyber attackers is not a film corporation but an electricity grid, or gas suppliers, or water pumping stations? Then what? Call this a comedy? I'm not sure there is much to laugh about. BBC
Russia is at this moment under tremendous pressure from the "West"; it would even appear that the Obama administration is bent on "regime change" in Moscow. The logic of the Russians acting under the cover of the wackos of Pyongyang would be the following: in the light of the Sony hack and seeing the damage that puny North Korea could do to a major corporation, the "good and the great", the "serious" people in corporate America might pause to ask themselves: if Kim Jong-un could cause such havoc, what might Vladimir Putin be able to do, it sufficiently backed into a corner? DS


Anonymous said...

OR any of "our" myriad PNAC Attacking spy services, false-flagging the other third of Company-man W's "axis of 'evil'"!

Anonymous said...

Hard to say who is behind the intrusion into Sony's information systems. Reportedly a "Server Message Block (SMB) Worm Tool" was used in the intrusion. There are various separate short programs that are part of this tool. Their functions are briefly outlined in that article. These programs are similar to programs used to disrupt operations at South Korean banks and news organisations on March 20, 2013. The programs are analysed in detail in a report by McAfee Labs "Dissecting Operation Troy". Similar tools apparently were used in the Sony intrusion.

I agree however that the North Korean government likely had nothing directly to do with the intrusion. The perpetrator could well have been a former employee or someone else angry with the company for who knows what reason.