(ANTIMEDIA) The foolish political war between the U.S. and North Korea over the Sony hacking fiasco continues on. After an investigation that has many credible sources skeptical, the U.S. has declared sanctions on 10 North Korean officials.
The DPRK (North Korea) has responded with fury claiming that the U.S. is stirring up unwarranted hostility without legitimate ground. Interestingly enough, many computer security experts agree, as many are skeptical of North Korea’s involvement and the legitimacy of the evidence recovered by the FBI.
Marc Rogers, a renowned hacker, has been able to poke several holes in the FBI’s story. In his own analysis, Rogers states:
“The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English.
It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as.
Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless.”
This isn’t the only credible source that questions the validity of North Korea’s involvement. Jack Goldsmith, a Harvard Law professor and security expert, is also highly suspicious of the situation. In his piece discussing the hacking, he writes:
“First, the “evidence” is of the most conclusory nature – it is really just unconfirmed statements by the USG. Second, on its face the evidence shows only that this attack has characteristics of prior attacks attributed to North Korea. We know nothing about the attribution veracity of those prior attacks. Much more importantly, it is at least possible that some other nation is spoofing a North Korean attack. For if the United States knows the characteristics or signatures of prior North Korean attacks, then so too might some third country that could use these characteristics or signatures – “specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” and similarities in the “infrastructure” and “tools” of prior attacks – to spoof the North Koreans in the Sony hack.
Third, the most significant line in the FBI statement is this: “While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following.” Let us assume that the United States has a lot of other evidence, including human or electronic intelligence from inside Korea, that corroborates its attribution conclusion. This might give the USG confidence in the attribution and might support the legality of a proportionate response. But if protection of “sources and methods” prevents the United States from publicly revealing a lot more evidence, including intelligence beyond mere similar characteristics to past attacks, then there is no reason the rest of the world will or, frankly, should believe that a response on North Korea is justified. (Compare Adlai Stevenson and Colin Powell before the United Nations.) And if the United States’ response is significant, and has wider geo-political implications, this inability to prove attribution could be a huge problem. The important point: Even if the attribution problem is solved in the basement of Ft. Meade and in other dark places in the government, that does not mean the attribution problem is solved as far as public justification – and defense of legality – is concerned.”
As if the skepticism of security experts isn’t cause enough for concern, reporter Tom Fox-Brewster was allegedly contacted by email@example.com, an email address listed in the initial file leak. Upon posting the email to twitter, some fellow users expressed their skepticism as well.
Furthermore, a source who contacted The Anti-Media with knowledge of the Sony hack also told us that North Korea was not behind the hack.
The list of credible skeptics goes on and on. But the icing on the cake is the U.S.’s refusal to cooperate with DPRK’s requests (or rather demands) to launch a joint investigation on the attacks. Pyongyang officials believe the refusal to cooperate is proof that the U.S. has something to hide. I wonder what would give them that impression?
This is the first time that the U.S. has issued sanctions on officials from another country over a cyber attack. One of major issues with this whole situation is the anonymity factor. Because the faces and origins of these hackers cannot be definitively pinpointed, it can create a frenzy of misdirection and misinformation. This can lead to an array of outcomes and possibilities, including, of course, potentially doctored information that puts blame on an “innocent” party.
The U.S. is in a situation in which we’re taking action against another nation based on loose evidence. Déjà vu, anyone? Didn’t we see a very similar series of events before the invasion of Iraq? And what did we find there? Nothing. And in addition to not finding any “weapons of mass destruction”, it was later revealed that the “evidence” the Bush administration had acquired that justified the invasion of Iraq was complete and utter garbage.
North Korea won’t be the only victim of US sanctions if the Obama administration and the newly anointed Republican congress have their way. As we covered last week, the government is already moving to push CISPA 3.0 sanctions against US citizens through using the Sony hack as an excuse.
So I ask you: are we going to let this happen again?
This article is free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and TheAntiMedia.org. Tune-in to The Anti-Media radio show Monday-Friday @ 11pm EST, 8pm PST.
Since you’re here…
…We have a small favor to ask. Fewer and fewer people are seeing Anti-Media articles as social media sites crack down on us, and advertising revenues across the board are quickly declining. However, unlike many news organizations, we haven’t put up a paywall because we value open and accessible journalism over profit — but at this point, we’re barely even breaking even. Hopefully, you can see why we need to ask for your help. Anti-Media’s independent journalism and analysis takes substantial time, resources, and effort to produce, but we do it because we believe in our message and hope you do, too.
If everyone who reads our reporting and finds value in it helps fund it, our future can be much more secure. For as little as $1 and a minute of your time, you can support Anti-Media. Thank you. Click here to support us