Who Has Really Attacked Sony?
Published in Rzeczpospolita
(Poland) on 31 December 2014
by Jarosław Giziński (link to original)
(Poland) on 31 December 2014
by Jarosław Giziński (link to original)
Translated from
by Edyta Zarzeczna.
Edited by Bora Mici.
The FBI and White House still maintain that North Koreans hacked the servers of Sony Pictures, but there is no proof, and doubts are mounting.
In the first days after the hacker attack on the servers of Sony Pictures, North Korea’s responsibility for it seemed obvious – since the attack was presumed to be in connection with the premiere of “The Interview,” which mocks the leader of the Communist regime in Pyongyang, and his subordinates could not disregard it.
Still, just before Christmas, U.S. analysts started having doubts. The operation seemed to be too complicated for the capabilities of governmental hackers from the North. Besides, someone who prepared the attack knew astonishingly well the internal structure of the company’s information technology system. The fact that President Obama no longer talks about North Korea as the country sponsoring cyberterrorism proves that he has lost his certainty about the identity of the attackers.
American journalists, who are analyzing circumstantial evidence that might have been the linchpin for the FBI analysts — for example Shane Harris from The Daily Beast or Adam Taylor from The Washington Post — are coming to the conclusion that this is not necessarily strong. For instance, lines that were almost identical to the virus code used before by the alleged hackers from North Korea were found in the malicious code left over after the attack — only these codes would be used by hackers from around the world in case they prove to be effective. The same, lame circumstantial evidence is pointing to the proxy servers that were used by the perpetrators of the Sony hacking “like Koreans had in the past." Servers like these are public; thus, their usage does not prove anything — one of them, 217.96.33.164, is from ... Olsztyn.
It should not be ruled out that in reality, the attack was perpetrated by — former? — workers of Sony who might have had reasons to take revenge on the company for some real or delusional injuries. Such assumptions were made by the analysts from the independent group the Norse Corp, which deals with Internet crimes. It is possible that the group “The Guardians of Peace” that is taking on the responsibility for the attack is only an artificial creation, or that the man who wanted to harm Sony coupled it with the idea of a spectacular “prank.”
The Koreans could have also joined in on the action or just assigned its effects to themselves, even if they were not the cause of the chaos. Their motivation? Upholding the faith in the potential of their computer scientists and a demonstration of power for their citizens. Meanwhile, the real perpetrator remains silent in order to hide his real identity. What is more, he must be realizing that even the most unrealistic rumors about North Korea will be regarded as probable — such as, for example, the rubbishy information from a few months ago about the rending of Kim Jong Un’s political opponents by a flock of hungry dogs.
It is possible that the FBI has some definite proof that won’t be revealed for operational reasons. Unfortunately, tactical play on the part of American agencies fighting cybercrime cannot be completely ruled out since they are pointing to minatory, external foes of America, and thus can count on further facilities: like, for example, obtaining trouble-free approval from Congress for even wider control of movement on the Internet or for increasing their granted benefits. Also, even if Edward Snowden’s activity is suspicious for the majority of Americans, who will question the need to resist the communist fanatics from Pyongyang?
"The Guardians of Peace" are already talking about the next attacks – this time aimed at the American media. And it is still unknown whether this is an actual campaign of cyberwar or just a new smoke screen for sly hackers.
In the first days after the hacker attack on the servers of Sony Pictures, North Korea’s responsibility for it seemed obvious – since the attack was presumed to be in connection with the premiere of “The Interview,” which mocks the leader of the Communist regime in Pyongyang, and his subordinates could not disregard it.
Still, just before Christmas, U.S. analysts started having doubts. The operation seemed to be too complicated for the capabilities of governmental hackers from the North. Besides, someone who prepared the attack knew astonishingly well the internal structure of the company’s information technology system. The fact that President Obama no longer talks about North Korea as the country sponsoring cyberterrorism proves that he has lost his certainty about the identity of the attackers.
American journalists, who are analyzing circumstantial evidence that might have been the linchpin for the FBI analysts — for example Shane Harris from The Daily Beast or Adam Taylor from The Washington Post — are coming to the conclusion that this is not necessarily strong. For instance, lines that were almost identical to the virus code used before by the alleged hackers from North Korea were found in the malicious code left over after the attack — only these codes would be used by hackers from around the world in case they prove to be effective. The same, lame circumstantial evidence is pointing to the proxy servers that were used by the perpetrators of the Sony hacking “like Koreans had in the past." Servers like these are public; thus, their usage does not prove anything — one of them, 217.96.33.164, is from ... Olsztyn.
It should not be ruled out that in reality, the attack was perpetrated by — former? — workers of Sony who might have had reasons to take revenge on the company for some real or delusional injuries. Such assumptions were made by the analysts from the independent group the Norse Corp, which deals with Internet crimes. It is possible that the group “The Guardians of Peace” that is taking on the responsibility for the attack is only an artificial creation, or that the man who wanted to harm Sony coupled it with the idea of a spectacular “prank.”
The Koreans could have also joined in on the action or just assigned its effects to themselves, even if they were not the cause of the chaos. Their motivation? Upholding the faith in the potential of their computer scientists and a demonstration of power for their citizens. Meanwhile, the real perpetrator remains silent in order to hide his real identity. What is more, he must be realizing that even the most unrealistic rumors about North Korea will be regarded as probable — such as, for example, the rubbishy information from a few months ago about the rending of Kim Jong Un’s political opponents by a flock of hungry dogs.
It is possible that the FBI has some definite proof that won’t be revealed for operational reasons. Unfortunately, tactical play on the part of American agencies fighting cybercrime cannot be completely ruled out since they are pointing to minatory, external foes of America, and thus can count on further facilities: like, for example, obtaining trouble-free approval from Congress for even wider control of movement on the Internet or for increasing their granted benefits. Also, even if Edward Snowden’s activity is suspicious for the majority of Americans, who will question the need to resist the communist fanatics from Pyongyang?
"The Guardians of Peace" are already talking about the next attacks – this time aimed at the American media. And it is still unknown whether this is an actual campaign of cyberwar or just a new smoke screen for sly hackers.