海角大神

Modern field guide to security and privacy

Did North Korea really hack Sony? Cybersecurity pros at odds

Industry experts weigh in on whether they believe North Korea is behind the massive Sony Pictures hack, which prompted the studio to pull 'The Interview' from theaters. 

|
Korean Central News Agency/Reuters
North Korean leader Kim Jong Un inspected the Korean People's Army naval Unit 189 in an undated photo released by North Korea's Korean Central News Agency.

Was North Korea involved in the Sony Pictures Entertainment hack? On Wednesday, several news reports quoted unnamed US officials saying yes. But many听cybersecurity experts remain skeptical. On Thursday, the White House refused to point the finger at North Korea, instead saying a "sophisticated actor" was behind the hack.听Passcode听asked experts throughout the industry whether they believe North Korea is responsible for the breach. Here's what they had to say:听

Graham Cluley, former senior technology consultant at Sophos and author of the security blog grahamcluley.com:

"It鈥檚 a bit like asking if I think Belgium was involved with the Sony hack. Why would you think North Korea is involved? The idea appears to only have popped up in a story in Re/Code a few days after the big, public reveal of the attack. The hackers hadn鈥檛 mentioned it. Sony executives received an e-mail a few days before the attack that said 'you just need to pay us.' When the message with all the skulls came up, there was no mention of the movie. If stopping 'The Interview' was the point of the attack, why wouldn鈥檛 they mention it? I just don鈥檛 get it. When have we ever heard of state sponsored cyberterrorism putting skulls on people鈥檚 screens?

"All I know from police investigations into cybercrime is that they are incredibly complex and can often take years. To complete this kind of investigation, the US would need the support of North Korea to look at the computer that made the attack. Hackers can make it look like they are coming from North Korea when they are really coming from Belgium, or the computer could be compromised and a computer in North Korea could be being controlled from somewhere else. To make this announcement so quickly seems a bit rushed."

Tal听Klein, vice president of strategy for the cloud security company Adallom Inc.:

"No. I'm not even wearing my cybersecurity hat when I say that. Too many things don't fit. When the attack was announced, North Korea denied it. North Korea loves to talk about themselves in these situations. It's not like Russia or China denying their role in espionage. North Korea would be dancing up and down. It doesn't fit. And a few days ago, the FBI was asked point blank and said they didn't think North Korea was behind the attack. That was an actual person willing to go on the record. Compared to that, an anonymous source is very hard to believe. The language in the ransom note is too western 鈥 it seems like someone with a Western education trying to sound Korean 鈥 and it didn't mention 'The Interview.'

"The malware used is likely derivative of something written in North Korea, but that's likely the extent. There's no indication from the malware that North Korea made any move to specifically get it to the attackers."

Dave Aitel, chief executive officer of the cybersecurity company Immunity Inc.:

"I always thought it was pretty obvious it was North Korea. The pattern on these state sponsored attacks is always similar 鈥 they don鈥檛 make it so entirely obvious that it鈥檚 a nation behind the attack. We鈥檝e seen this kind of attack from Iran. The goal is not so much about 'The Interview.' It鈥檚 about showing they have enough power in cyberspace to make a Sony do what they want. Sony was in the wrong place at the wrong time with the wrong movie. Now that North Korea made their point, they won鈥檛 have to do this type of move again. I do expect to see similar attacks from India and Pakistan to demonstrate they have that power."

Adam Segal, director of the Program on Digital and Cyberspace Policy at the Council on Foreign Relations:

"I have to say, I was leaning toward greater ambiguity but after the US official鈥檚 statement, I鈥檓 slightly leaning toward it being North Korea. I鈥檓 not sure we鈥檒l get any more new public evidence one way or the other. The Korean characters in the code, the clock settings being from the region, the malware being used in an attack in South Korea, these things are not persuasive. Unfortunately, with cyber warfare we鈥檙e dependent on classified information."

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
海角大神 was founded in 1908 to lift the standard of journalism and uplift humanity. We aim to 鈥渟peak the truth in love.鈥 Our goal is not to tell you what to think, but to give you the essential knowledge and understanding to come to your own intelligent conclusions. Join us in this mission by subscribing.
QR Code to Did North Korea really hack Sony? Cybersecurity pros at odds
Read this article in
/World/Passcode/2014/1218/Did-North-Korea-really-hack-Sony-Cybersecurity-pros-at-odds
QR Code to Subscription page
Start your subscription today
/subscribe