Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Links North Korea To Sony Hacking

Posted by samzenpus on from the who's-to-blame dept.

schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.

10 of 182 comments (clear)

  1. Of course they do by silviuc · · Score: 5, Insightful

    > It is not known how the US government has determined that North Korea is the culprit

    Of course it's known. The same way they established that Iraq had chemical weapons. The method is known as "because we say so".

  2. Speaking off the record by mwvdlee · · Score: 5, Insightful

    Speaking off the record

    Let me fix that for you...

    Obviously speaking on the record, but with sufficient disclaimers to not be held legally accountable according to literal interpretation of the law

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    1. Re:Speaking off the record by AmiMoJo · · Score: 4, Insightful

      We can't take any US intelligence or claims seriously any more. WMD? Torture? Rendition? Sorry bro, you lied too many times.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. How do we know? by DoofusOfDeath · · Score: 4, Insightful

    Why should we believe anything the "senior intelligence officials" tell us? They have a profound record of lying.

  4. Re:I don't see the big deal here. by DarkOx · · Score: 4, Insightful

    Right, I think that's the important difference here if there is one. In general I agree with the GP post cyber security should be the responsibility of the network/computer operator not the government. Costs should be born by the victims and their insurers; or by the perps when they can be identified and brought to justice as a general principle.

    In this case though we have a threat of violence and terror on top of the simpler criminal matter. These guys are not threatening to just empty a few bank accounts and embarrass some more celebrities. They have moved from the realm of nuisance crimes to violent crimes and the state definitely has an interest preserving public safety.

    As to how credible the threat is and should we be reacting to every threat to do violence out there, well I would say they have displayed at least enough capability to hack a major corporation that no doubt has a security team. They also have at least some financial resources backed by the DPRK. So this isn't an angsty 14 year old on facebook. Do I think they can project themselves into the physical world they way they claim, probably not, but its probably not worth risking that by just ignoring them entirely either.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  5. Re:I don't see the big deal here. by jellomizer · · Score: 4, Insightful

    If North Korea bombed Sony in Japan, It would be US responsibility.
    The bigger issue here is that there is an other country fighting to prevent free speech. By taking down and *Threatening* them. This isn't some small set of wackos but an actual government. So it is a big deal.

    I didn't want to see the movie, but now I do just to make a point.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  6. Re:with what? by _merlin · · Score: 4, Insightful

    Keep in mind, I can't recall if it was 2k11 or 2k12 but the Obama admin did not exactly dispute the pentagons view that "cyber" attacks could/should be viewed as an act of war. The "terror" threats against theaters have escalated things from a criminal matter, attack on a corporation, to a state matter attack on the public and order; therefore some kind of "response" is required. I am sure 0bama is trying to find a way to "do something" or appear to be without pissing off the Chinese.

    So the US has committed acts of war against Germany by tapping their head of state's phone, etc. Or is it only an act of war when it's against US interests?

  7. Re:with what? by Anonymous Coward · · Score: 3, Insightful

    Surveillance is surveillance, aggression is aggression. We have living spies in Germany and it isn't seen as grounds for war, and Germany has living spies in D.C. and it isn't seen as grounds for war.
    Modern diplomacy consists of a massive amount of non-destructive espionage, days of bickering between diplomats, and then 5-minute photo-opportunities between elected officials. The first two are not publicized, but are much more important to continued peace than the P.M. and President blathering on stage.

    "Cyber attacks" would be properly categorized as a subset of sabotage, which is seen as a very aggressive act even when no one is injured. Due to politicking, they're probably categorized as WMD usage, but the proper category would be sabotage.

  8. Re:Dubious because facts by OzPeter · · Score: 3, Insightful

    One thing mentioned in Marc Rogers article that I am also surpassed at is how do you miss that much data flying out of your network?

    A couple of years ago I was a customer site and had to download and install some updates onto an HMI system. Less than 5 minutes after starting this, my client's IT people had connected to the system in question and were poking around trying see why that device had suddenly started consuming network resources. Their attempts to shut it down were annoying to me, but at least they were on the ball when it came to knowing what was normal and what was not normal on their network.

    --
    I am Slashdot. Are you Slashdot as well?
  9. Re:with what? by Cigarra · · Score: 5, Insightful

    What about Stuxnet? Is that an act of war that merits a "response" from Iran?

    --
    I don't have a sig.