Experts doubt North Korea was behind the big Sony hack – CNN

(CNN) — Sure, North Korea’s government despises the movie “The Interview.”

But when its propagandists say it did not hack Sony Pictures before the original release date of the flick that satirizes dictator Kim Jong-un, they might just be telling the truth.

Some U.S. cyber experts say the evidence the FBI has presented to attempt to incriminate hackers working for the communist regime is not enough to pin the blame on Pyongyang.

“It’s clear to us, based on both forensic and other evidence we’ve collected, that unequivocally they are not responsible for orchestrating or initiating the attack on Sony,” said Sam Glines, who runs the cybersecurity company Norse.

North Korean Internet returns sporadically

The FBI has said that code in the malware used by a group called “Guardians of Peace” (GoP) in the attack on Sony is similar to code used by North Korea in other attacks.

But that code was leaked a long time ago, experts say. Any hacker anywhere in the world could have used it.

There is a group in the Kim regime that is responsible for cyber warfare, but independent IT security researcher Scott Borg doesn’t believe North Korea was capable of the Sony hack.

“It’s beyond the skill level that we have been able to observe,” he said.

CNN has reached out to the FBI for comment on the doubts about North Korea’s involvement in the Sony hack, but has not heard back.

Earlier this month, U.S. officials told CNN on condition of anonymity that the National Security Agency and FBI were able to trace the attack back to North Korea.

A whodunit

So, North Korea might not have done it. But if not, who did?

Sony may be a bur in Pyongyang’s fur for the movie, in which an actor playing Kim is confronted by the protagonist with North Korea’s human rights record. In the end, they do bloody battle.

But Sony has other enemies — both internal and external.

One example could be the group that says it launched a cyberattack on Christmas Day against Sony’s PlayStation Network.

The Lizard Squad has claimed responsibility for knocking PSN gamers offline and said it had also done the same with Microsoft’s Xbox. In the summer, it also smacked game networks Battle.net, Eve Online and League of Legends.

But after Sony Online Entertainment acknowledged large-scale attacks on Twitter this summer, the Lizards appear to have gotten particularly nasty with them.

Sony Pictures has shelved plans to screen the controversial comedy "The Interview," a film depicting the assassination of North Korea's leader. The move comes after the studio was the victim of cyber attack thought to have originated in North Korea. Click to see how the saga unfolded. Sony Pictures has shelved plans to screen the controversial comedy “The Interview,” a film depicting the assassination of North Korea’s leader. The move comes after the studio was the victim of cyber attack thought to have originated in North Korea. Click to see how the saga unfolded.
In June 2014, a North Korean Foreign Ministry spokesman said "The Interview" was "the most undisguised terrorism." "If the U.S. administration connives at and patronizes the screening of the film, it will invite a strong and merciless countermeasure," he said. In June 2014, a North Korean Foreign Ministry spokesman said “The Interview” was “the most undisguised terrorism.” “If the U.S. administration connives at and patronizes the screening of the film, it will invite a strong and merciless countermeasure,” he said.
In November, "The Guardians of Peace," a hacker group with suspected ties to North Korea, said that it had hacked Sony Pictures and released massive amounts of data. The group added that there would be more leaks. In November, “The Guardians of Peace,” a hacker group with suspected ties to North Korea, said that it had hacked Sony Pictures and released massive amounts of data. The group added that there would be more leaks.
December 5 -- Hackers exposed the security numbers of 47,423 people including Conan O'Brien, Sylvester Stallone, Rebel Wilson, Judd Apatow and Frank Stallone. December 5 — Hackers exposed the security numbers of 47,423 people including Conan O’Brien, Sylvester Stallone, Rebel Wilson, Judd Apatow and Frank Stallone.
In early December, hackers emailed Sony employees warning that "your family will be in danger." Guardians of Peace have claimed the email did not come from them. The FBI confirmed in a statement they were aware of the email and are investigating the "person or group responsible for the recent attack on the Sony Pictures network." Many security experts said the hack increasingly pointed to North Korea.In early December, hackers emailed Sony employees warning that “your family will be in danger.” Guardians of Peace have claimed the email did not come from them. The FBI confirmed in a statement they were aware of the email and are investigating the “person or group responsible for the recent attack on the Sony Pictures network.” Many security experts said the hack increasingly pointed to North Korea.
December 7 -- North Korea's state-run propaganda arm said they were not responsible for the Sony hack attack but applauded it as "a righteous deed of the supporters and sympathizers with the DPRK." They added they could not be responsible as America is "a country far across the ocean." December 7 — North Korea’s state-run propaganda arm said they were not responsible for the Sony hack attack but applauded it as “a righteous deed of the supporters and sympathizers with the DPRK.” They added they could not be responsible as America is “a country far across the ocean.”
December 8 -- Another message appeared on a website saying: "We have already given our clear demand to the management team of SONY, however, they have refused to accept. Do carry out our demand if you want to escape us. And, Stop immediately showing the movie of terrorism which can break the regional peace and cause the War!"December 8 — Another message appeared on a website saying: “We have already given our clear demand to the management team of SONY, however, they have refused to accept. Do carry out our demand if you want to escape us. And, Stop immediately showing the movie of terrorism which can break the regional peace and cause the War!”
December 11 -- Another leaked email revealed a controversial exchange between a Sony executive and a producer, speculating over President Barack Obama's favorite films, referring to "Django Unchained" and other movies about African Americans such as "12 Years a Slave."December 11 — Another leaked email revealed a controversial exchange between a Sony executive and a producer, speculating over President Barack Obama’s favorite films, referring to “Django Unchained” and other movies about African Americans such as “12 Years a Slave.”
December 15 - Sony Pictures asked news organizations to stop examining and publicizing the information made public by the hackers. Attorney David Boies said that the hackers' tactics are part of "an ongoing campaign explicitly seeking to prevent [Sony] from distributing a motion picture."December 15 – Sony Pictures asked news organizations to stop examining and publicizing the information made public by the hackers. Attorney David Boies said that the hackers’ tactics are part of “an ongoing campaign explicitly seeking to prevent [Sony] from distributing a motion picture.”
December 16 -- In an email to Sony Pictures' co-chair Amy Pascal, producer Scott Rudin called Angelina Jolie "minimally talented" and a "spoiled brat" with a "rampaging... ego". Jolie and Pascal were later photographed running into each other at an event with Jolie giving Pascal a nasty look.December 16 — In an email to Sony Pictures’ co-chair Amy Pascal, producer Scott Rudin called Angelina Jolie “minimally talented” and a “spoiled brat” with a “rampaging… ego”. Jolie and Pascal were later photographed running into each other at an event with Jolie giving Pascal a nasty look.
The leaks also revealed the secret aliases of some well-known actors. Tom Hanks goes by "Johnny Madrid," Sara Michelle Gellar sneaks around as "Neely O'Hara." Jessica Alba is "Cash Money."The leaks also revealed the secret aliases of some well-known actors. Tom Hanks goes by “Johnny Madrid,” Sara Michelle Gellar sneaks around as “Neely O’Hara.” Jessica Alba is “Cash Money.”
December 16 -- The New York premiere of "The Interview" was canceled after "The Guardians of Peace" posted a threat against moviegoers. The message said: "We will clearly show it to you at the very time and places 'The Interview' be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to," the hacking group said. "The world will be full of fear. Remember the 11th of September 2001."December 16 — The New York premiere of “The Interview” was canceled after “The Guardians of Peace” posted a threat against moviegoers. The message said: “We will clearly show it to you at the very time and places ‘The Interview’ be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to,” the hacking group said. “The world will be full of fear. Remember the 11th of September 2001.”
December 17 -- Two former Sony employees sued the company for failing to protect their private information. The plaintiffs seek to form a class action lawsuit of up to 15,000 former employees. The plaintiffs want Sony to provide them with five years of credit monitoring, bank monitoring, identity theft insurance and credit restoration services. They also called for Sony to be subject to regular privacy audits.December 17 — Two former Sony employees sued the company for failing to protect their private information. The plaintiffs seek to form a class action lawsuit of up to 15,000 former employees. The plaintiffs want Sony to provide them with five years of credit monitoring, bank monitoring, identity theft insurance and credit restoration services. They also called for Sony to be subject to regular privacy audits.
December 18 -- Sony decided to cancel the release of "The Interview," a decision that sparked outrage among celebrities. A movie theater in Texas announced they would offer a free screening of Team America -- which features the leader's father Kim Jong Il -- instead until Paramount shut that down too. Sony also downplayed the possibility that the film could be released online.December 18 — Sony decided to cancel the release of “The Interview,” a decision that sparked outrage among celebrities. A movie theater in Texas announced they would offer a free screening of Team America — which features the leader’s father Kim Jong Il — instead until Paramount shut that down too. Sony also downplayed the possibility that the film could be released online.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

Bomb threat

A Tweet sent from an account in the hackers’ name alleged there was a bomb on board a plane carrying Sony Online Entertainment president, John Smedley. The plane diverted.

The Lizards also claimed responsibility for a PlayStation Network outage early this month, just days after the big Sony Pictures hack that plundered a record-worthy 100 terabytes of data. It included movies, company secrets, employee data, embarrassing internal emails and Social Security numbers of celebrities.

Then there are Sony’s internal rubs: Security employees have been hit by layoffs.

A disgruntled former longtime employee code-named “Lena” has ties to GoP, Glines said. And she had high access to company secrets and user data. There’s a possibility these weren’t hacked away from Sony but given away instead.

“Lena” was probably mad about layoffs, Glines said, but she may have also commiserated with people who pirated Sony movies and other content “and how they had been prosecuted in the U.S. and other countries.”

CNN asked Sony about Glines’ account on “Lena” but has received no reply.

Deja vu

There are myriad other possibilities.

There are hackers for hire. Or — like that leaked North Korean code — lots of malware is available through the Internet. Cyberattackers can augment off-the-shelf viruses with customized components.

Also, Sony is a broad target that plenty of hackers have taken shots at in the past.

In October 2012, the hacker group “The Three Musketeers” released a security key that allowed PS3 users to run pirated games.

And in April 2011, Sony’s PlayStation Network was shut down for nearly a month when hackers stole the personal information of an estimated 77 million people.

A 19-year-old Briton, allegedly a member of a hacking group called LulzSec, was arrested over that one.

That same year, in June, hackers released 150,000 Sony Pictures records, including user names and passwords, and claimed to have compromised the private information of more than 1 million people. This month’s hack was a reprise of that one for critics and for some employees planning to sue the company for failing to protect their privacy.

CNN’s Kevin Conlon, Will Ripley, Jose Pagliery and Ivana Kottasova contributed to this report.



Comments

Write a Reply or Comment:

Your email address will not be published.*