23-12-2014, 09:22 AM
In Plain English: Five Reasons Why Security Experts Are Skeptical North Korea Masterminded The Sony Attack
1. The Original Messages from the Hackers were About Layoffs, Not "The Interview"The attackers originally sent messages to Sony referencing layoffs and demanding financial compensation. The tone was highly personal and did not reference "The Interview" movie at all. That's one reason why security experts (on private mailing lists) have been saying that disgruntled ex-employees are a likely candidate. The attackers only mentioned "The Interview" movie after the press suggested there was a connection.
This is the original threat letter sent via email to Sony executives on November 21:
"[M]monetary compensation we want," the email read. "Pay the damage, or Sony Pictures will be bombarded as a whole. You know us very well. We never wait long. You'd better behave wisely."
2. Underground Hackers Share Code and Tools
The FBI claims that there are similarities to other attacks attributed to North Korea. Security experts say that those attacks may not even have been North Korean in origin. However, even if they were  underground hackers share and sell code with each other. It's unsurprising that there would be overlap between cyberattacks.
3. IP Addresses Are Poor Evidence
The FBI cites similarities between IP Addresses used in this attack and in other attacks associated with North Korea. This is sloppy analysis because those IP addresses are public and don't have any special affiliation with North Korea. Plus, skilled hackers can fake IP addresses. So this is not a reliable piece of evidence.
4. The "Clues" Leading to North Korea Could Have Been Faked
Trickery and "trolling" are part of underground hacker culture. Deception is part of criminal culture. So why is the FBI so willing to take the code left by Sony's hackers at face value?
Whether it's the presence of Korean language or a connection to a North Korean computer, the clues leading to North Korea could have been faked. Imagine that you are at the scene of a crime and someone had written "North Korea was here" on the walls. While that's a good reason to take a look at North Korea, it's not proof either. The FBI cites similarities in "specific lines of code, encryption algorithms, data deletion methods, and compromised networks." Those could all be explained by cooperation (or sales) between hackers  or by intentionally making the hack point to North Korea.
Not all attacks are done by criminals who want credit. Sometimes they pin the blame on someone else. If you hacked Sony, would you want the world to know?
5. North Korea but Not the Government
It could have been North Koreans but not connected to the government. According to security expert Bruce Schneier, "reusing old attack code is a sign of a more conventional hacker being behind this." There is consensus among security experts that there was nothing about this hack that required the resources of a nation-state.
Both the US Government and Sony Have Political Reasons to Blame North Korea
Sony faces the possibility of numerous lawsuits as a result of sensitive data from employees, ex-employees and various partners being exposed. According to Jonathan Zittrain, professor of law and computer science at Harvard University, Sony might have some immunity from these lawsuits if this attack was part of an act of war.
The government has every reason to blame North Korea as well. That is certainly stronger positioning than admitting that the hackers hid themselves well. This also discourages other nation-states from trying something similar. Unfortunately, this also sends a message to hackers that they can get away with attacks if they can cast the blame on the right rogue nation-state.
Bruce Schneier raises the possibility that the government has classified intel that it's withholding. The NSA has been paying close attention to North Korea  who knows what documents they have that they choose not to disclose. However, it's dangerous for us as American citizens to accept the government's decision to accuse North Korea  a rogue country with nuclear aspirations  without a more legitimate body of evidence supporting this conclusion.
A multitude of security experts and tech-savvy journalists have covered this in great detail. Marc Rogers of Cloudflare has one of the best.
This piece by Bruce Shneier is one of the more comprehensive pieces that is also (relatively) accessible without a security background.
http://www.businessinsider.com/why-secur...14-12?IR=T
"The philosophers have only interpreted the world, in various ways. The point, however, is to change it." Karl Marx
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.