Don't Blame North Korea

Online security expert Marc Rogers makes the case that it wasn't North Korea that hacked Sony's computers -- supposedly over the Seth Rogen/James Franco movies "The Interview" -- it was a disgruntled former employee. In a piece for The Daily Beast, Rogers goes through a lot of technical computer-speak to back up his thesis, and then gets to these five points:
1. First of all, there is the fact that the attackers only brought up the anti-North Korean bias of “The Interview” after the media did—the film was never mentioned by the hackers right at the start of their campaign. In fact, it was only after a few people started speculating in the media that this and the communication from North Korea “might be linked” that suddenly it did get linked. My view is that the attackers saw this as an opportunity for “lulz”, and a way to misdirect everyone. (And wouldn’t you know it? The hackers are now saying it’s okay for Sony to release the movie, after all.) If everyone believes it’s a nation state, then the criminal investigation will likely die. It’s the perfect smokescreen.

2. The hackers dumped the data. Would a state with a keen understanding of the power of propaganda be so willing to just throw away such a trove of information? The mass dump suggests that whoever did this, their primary motivation was to embarrass Sony Pictures. They wanted to humiliate the company, pure and simple.

3. Blaming North Korea offers an easy way out for the many, many people who allowed this debacle to happen; from Sony Pictures management through to the security team that were defending Sony Picture’s network.

4. You don’t need to be a conspiracy theorist to see that blaming North Korea is quite convenient for the FBI and the current U.S. administration. It’s the perfect excuse to push through whatever new, strong, cyber-laws they feel are appropriate, safe in the knowledge that an outraged public is fairly likely to support them.

5. Hard-coded paths and passwords in the malware make it clear that whoever wrote the code had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s (just) plausible that a North Korean elite cyber unit could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of a pissed-off insider. Combine that with the details of several layoffs that Sony was planning and you don’t have to stretch the imagination too far to consider that a disgruntled Sony employee might be at the heart of it all.
Read Rogers' full piece here.

Also on Harris Online...

Labels: