Tuesday, December 23, 2014

Maybe North Korea Didn't Hack Sony?

So, I was eager to jump on the 'DPRK hacked Sony' bandwagon; after all, the North Korean's 'dear leader' is pompous and vain enough to not want any film poking fun and ultimately blowing him to pieces being shown to evil capitalist pig Westerners. And if it was an 'inside job', why not just release the info without bringing "The Interview" into the picture.  But there are plenty of people who are absolutely convinced that North Korea had nothing to do with the hack, and their theories are worth perusing.
But the weightiest rebuttal of the case against North Korea has come from renowned hacker, DEFCON organizer, and CloudFlare researcher Marc Rogers, who makes a compelling case of his own. Highlights below:

Why the Sony hack is unlikely to be the work of North Korea.
Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think…

The broken English looks deliberately bad and doesn't exhibit any of the classic comprehension mistakes you actually expect to see in "Konglish". i.e it reads to me like an English speaker pretending to be bad at writing English.


It's clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony's internal architecture and access to key passwords. While it's plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam's razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as.
Furthermore, "The attackers only latched onto "The Interview" after the media did – the film was never mentioned by GOP right at the start of their campaign. It was only after a few people started speculating in the media that this and the communication from DPRK "might be linked" that suddenly it became linked."
More theories on why so many think the link between North Korea and the Sony hack is bogus, here.

Okay, so I'm not always right, but we still don't know for sure. The whole thing is pretty bizarre.

It will be interesting to find out the real scoop.

No comments: