Slashdot Mirror
North Korea Denies Responsibility for Sony Attack, Warns Against Retaliation
jones_supa writes: A North Korean official said that the secretive regime wants to mount a joint investigation with the United States to identify who was behind the cyber attack against Sony Pictures. An unnamed spokesman of the North Korean foreign ministry was quoted by the country's state news agency, KCNA, describing U.S. claims they were behind the hack as "slander." "As the United States is spreading groundless allegations and slandering us, we propose a joint investigation with it into this incident," the official said, according to Agence France-Presse. Both the FBI and President Barack Obama have said evidence was uncovered linking the hack to to North Korea, but some experts have questioned the evidence tying the attack to Pyongyang.
Meanwhile, reader hessian notes that 2600: The Hacker Quarterly has offered to let the hacker community distribute The Interview for Sony. It's an offer Sony may actually find useful, since the company is now considering releasing the movie on a "different platform." Reader Nicola Hahn warns that we shouldn't be too quick to accept North Korea as the bad guy in this situation:
Most of the media has accepted North Korea's culpability with little visible skepticism. There is one exception: Kim Zetter at Wired has decried the evidence as flimsy and vocally warns about the danger of jumping to conclusions. Surely we all remember high-ranking, ostensibly credible, officials warning about the smoking gun that comes in the form of a mushroom cloud? This underscores the ability of the agenda-setting elements of the press to frame issues and control the acceptable limits of debate. Some would even say that what's happening reveals tools of modern social control (PDF).
Whether or not they're responsible for the attack, North Korea has now warned of "serious consequences" if the U.S. takes action against them for it.
US gov't never passes on an opportunity to fabricate stories which make their foes look bad (Russia, Syria, Iran, Lybia, Venezuela, etc)
Do not attribute to a conspiracy that which can be adequately explained by incompetence -- especially if you won't show your evidence of said conspiracy. The company that thought a Root Kit was a good idea does seems to be lacking something in the competence department.
The more this unravels the more I smell false flag.
Iraq didn't have WMDs, people are spirited away to Guantanamo Bay without being charged, and the NSA spies on literally the entire world without justifiable cause. The US just does what it wants, and right now it seems like it wants to inject some Freedom into North Korea.
People are stupid, panicky and easily scared. If you constantly bombard them with threats of attacks/destruction/"consequences" it doesn't matter if you never carry it out, people remember it.
It doesn't matter if North Korea is guilty or not. The fact that after DECADES of threats (with some actual attacks); fuck the evidence (or lack thereof), "we" need to take out the North Koreans before they take us out!
One business got thoroughly hacked, but it's not like whoever did that targeted every country's infrastructure, like the communication systems. Or maybe they did, but then let's get them for that, not for fucking Sony.
My first reaction was that it was like OJ Simpson offering a reward to find the real killer. But then I took off my snarky goggles and on reflection, I realized that given government, corporate and media interests and manipulation there's no way in hell we'll ever know the truth. Sad but true, I'm afraid.
Deja Vu. What if the FBI was "mistaken"? I guess we'll have to start another war based on false info. The real culprit is lack of security at Sony.
For one thing, if North Korea was capable of this sort of hack they've got more tempting targets to use that capability on. And it's just a bit too convenient, coming on the heels of a disappointing performance by Sony, for SPE to suddenly get an excuse to get out from under another apparent flop. My bet is the hack's just another in a long string of breaches by the usual gangs of malcontents, aided and abetted by corporate obliviousness to security, and various parties are just taking advantage of superficial connections for their own reasons.
is cyber superpower?
I am not buying it. They could have smart people that would make talented hackers. But good luck finding them because they most likely don't even own a computer.
Weren't those the exact same words that were used against Sony?
File under 'M' for 'Manic ranting'
Choosing between Sony and North Korea is like choosing whether Alien or Predator is the good guy in Alien vs Predator.
Please just relax, relax. Now is there anything else you see in there?
The North Korean news agency mentioned (KCNA) has the statement on their website. It seems to be a weird webapp that doesn't allow direct linking, but you can find it if you click on "English" at the top, then scroll down a bit to "DPRK Foreign Ministry Rejects U.S. Accusation against Pyongyang over Cyber Attack". Or just look here:
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
But now that they denied involvement, I suspect they may be.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
The only way the Norks will "cooperate" with an investigation that would implicate them is as a means to scope out more US network targets and hit us up for badly needed cash. They are a police state at home and a bandit state abroad.
I dream of a world in which Sony, on the sly, seeds a few torrents of the movie. Holy plausible deniability!
It'll never happen, of course...
Il n'y a pas de Planet B.
Seriously. The FBI said that, '90% of US companies would have been hit by this attack'. SONY got hit by a Zero-Day Windows bug, right? Don't about 90% of US companies rely on things like Windows Server, SMB shares, Active Directory, etc.? Besides the security that Linux offers, reduced vectors and all that, rogue nation-states would have to re-focus on new attack vectors, which will consume a few of their resources and take some time. Seriously Fortune 500's, etc., take security seriously, like proper risk management, okay? Why should the POTUS be required to take retaliatory action because of your own bad decisions, based mainly on costs and ignorance?
You can't be ahead of the curve, if you're stuck in a loop.
It was suggested perhaps North Korea was not behind that Sony leak, perhaps it was Sony themselves. The reasoning being that the movie itself is such a dog, and the cost of the data leak is less then the cost of advertising sufficent to generate positive return.
Did anybody else hear this?
We didn't hack you. but if you retaliate we will hack you again!
Any insufficiently advanced magic is indistinguishable from technology.
If there is even a nugget of truth to North Korea being behind the cyber attacks, then why should we be frightened of them? Why should we let some little pygmy dictator tell us how we can lead our lives? Obviously, North Korea won because Sony capitulated.
cant even log in anymore, I get to my preferenses, and when I try to post, I am not even logged in...
wtf has happened here?
Here's an update: North Korea denies hacking Sony, U.S. stands by its assertion
The FBI said technical analysis of malicious software used in the Sony attack found links to malware that "North Korean actors" had developed and found a "significant overlap" with "other malicious cyber activity" previously tied to Pyongyang. But it otherwise gave scant details on how it concluded that North Korea was behind the attack.
Why do they have internet connectivity to the outside world to begin with?
If you're not with us, you're against us! ...And every other guilt-slap trope in existence.
If you don't agree with me, you're a terrorist!
If you ignore this message then you're a supporter of child abuse! Copy this message to every forum you've ever heard of!
Tell ya what, stick them up your arse and come back to me with credible evidence instead of the aforementioned bullshit.
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
NK either did it themselves or paid someone to do it.
That said, reprisals are a terrible idea. Totally not worth it. Nothing to be gained by attacking them in any way. All it does is agitate the Chinese.
And while some of you will doubtless respond "Yeee haw! Lets go get those China men!"... that is not a fight you are prepared for and really no one is behind you on that one. So... stop it.
This is the response to the issue. Tell Sony everything they did wrong with their internal security and tell them that if they put everything up on the internet that is their own damn fault.
Seriously, how many naked pictures of celebrities does it take for hollywood to figure out that you don't put that shit on the internet?
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
It would seem that they have only now realised that their little reactive hacking games were not in their best interests and that they were fools for being goaded into an act of cyber-warfare which while it seems in huge will have little significant long term economic impact, but that will now permit retaliatory action against them that will inflict significant harm upon their Stalinist regime.
The only reason they want to participate in an investigation is so that they can have privileged access to any evidence gathered and thereby be in a better position to stall the investigation by methods including the murder of external agents hired to participate in the hacking operation.
Like Hans Blix!
Why is everybody assuming that if NK was responsible they did it with north korean hackers? Couldn't have they hired russian hackers, for instance? The NK government just has to provide a money filled suitcase delivered through a third party and they have perfect deniability.
As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
a hoax to get more publicity for the movie.
How many who believe NK also believe the US was behind Stuxnet, though on less evidence?
I fully agree and would also point out that this hack has resulted in HD bootlegs of unreleased sony movies being posted to bittorrent. Oh, and Brad Pitt's "Fury."
The top leadership at Sony Pictures is about to be booted out of their jobs and are so tainted that no other studio will hire them. I don't think this was their idea of a way to promote a film.
$5 / month hosted VPS on linux = awesome!
Someone should give The Interview the What's Up Tiger Lily? treatment.
May be just one, but it's a biggee, so I figure it's enough to show you really don't care to know when you're uninformed.
... that's the best guess at this point.
If the FBI actually had proof, they'd share that evidence with infosec so the rest of us could look at the method and double-check our practices.
It little behooves the best of us to comment on the rest of us.
Does nobody remember the first few news stories that mentioned a ransom demand? I swear I read that - then the story changed to Korea + Guardians of Peace out of nowhere.
Korea's dialog and posturing almost entirely internalized. Their glorious leader is a big fan of Hollywood, has never before acted on a threat against the USA, and has put up with other movies without so much as a whimper. The threats and posturing with NK come before the action, not that we have ever seen much real action from them. Not that action accomplishes anything of any note.
And where are all the internal Sony communications about wrongful dismissal, sexual harassment and assault cover-ups, deaths on the job, and so on? These things happen in a company of Sony's size, Sony's exposure under these circumstances could be massive - who knows what skeletons are in their closet.
There's something fishy about this whole thing.
I don't know why so much of Slashdot seems to be taking the obvious "it was NK omg" story at face value, even after NK explicitly denied it.
By that logic, China has never hacked anything, and Stuxnet had nothing to do with US-government hackers. After all, both these nations routinely deny any culpability in hack attacks, right?
Anybody remember this:
The Pirate Bay 'Moves' to North Korea (Updated)
The Pirate Bay admits to North Korean hosting hoax
So before you make any accusations, you better be very very sure. Otherwise you risk another Iraq/Afghanistan/etc. disaster.
The Sony hack is just a simple case of incompetent corporate management and the lengths to which big-money donors and their political friends will go to protect themselves and advance their own ends.
By claiming this is all North Korea (the best Korea!)'s doing, what was initially lose-lose (Sony burns their multi-billion-dollar business to the ground, and the NSA gets exposed for not having any ability to stop it or even give warning) is now suddenly win-win (Sony gets to portray itself as a helpless victim and thus no liability, and NSA gets to argue for even more spying).
Sure makes it easier to avoid bad press and expensive lawsuits when the President himself comes out and tells the world "It wasn't Sony's fault."
(I bet that will be worth a lot come campaign contribution time. Sort of the Hollywood version of how Obama sold all Americans to the health businesses, in exchange for their support and donations to D's.)
And the Rahm Emanuel playbook - "Never let a good crisis go to waste" - is still clearly in use in D.C. Instead of people demanding to know "why didn't the outrageously expensive and unconstitutional NSA surveillance of every American (and the whole world) protect anyone against this?" the political spin can now be "see, this is why we need restrictions on everyone's use of the Internet."
(As an amusing political side note, even though the Republicans are well aware North Korea had nothing to do with this, and are seething at how the Democrats will be able to use Obama's move for huge amounts of Hollywood support in 2016, the R's can't say a damn thing - because if they do they end up looking like they're defending North Korea!)
But it is impressive the level of influence some people have. "Tell Obama we need him to hold a press conference and say our negligence and malfeasance that destroyed our company wasn't our fault."
They may even start using this to try to rescue that disaster of a movie. "You have to see 'The Interview'! To support free speech and America!"
Who knows, maybe someone will even dig up from the Archives that patriotic old WWII song "Good Old Sony."
Technical analysis??? What does that mean?
Are they unmasking Tor users now?
They would have to explain to N.Korea how they unmask Tor users if they wanted to prove that N.Korea was behind the Sony attack.
I don't think they're going to do that.
Kim-Un is still smarting from the Onion prank.
Ha ha
It was USA which asserted that Iraq, under Saddam Hussein, has "Weapon of Mass Destruction" (WMD)
And under the pretense of that assertion USA invaded Iraq and killed Saddam Hussein
Until now there is no WMD found in Iraq
So one question: When was the last time USA admitted that it has told blazen lies?
Sort of but not.
I'd say it's civilian American criminals trying to shift the blame to N.K. instead of government employed ones.
Then there's the beatup because pretending that it's OMG! CyBeRwAr turned up to 11 means more funding and empire building for a few people in the FBI and similar who seem to be making noise without adult supervision.
So more the case of "patriotically" waving the flag falsely and rattling sabres than actual false flag.
The downside is such warmongering pricks don't seem to realise that their stupid fake war games may inspire the very thin skinned North Korea to fire shells at parts of South Korea and kill a few people. They have done that every now and again.
The American agencies have evidence that DPRK was behind the attack? Really? Didn;t they once claim that they knew where the weapons of mass destruction of Saddam were? Sorry, but we don't buy that anymore. Show us the evidence or shut up.
NK has a history of bragging about things, this is true. However, their military leaders aren't stupid -- this is all a PR game. Any military isn't going to "brag" about various tools they have in their arsenal. Sure, our intelligence already knows most of this, but it's not clever PR.
NK did it, Kim Jong-un is angry because he got caught (again) and is responding like a frustrated teenager that can't get laid. "Do this or we'll destroy you!" Come on. It's as if on some level they really want a full-out military conflict. I'm afraid this will become a reality at some point. NK has managed to threaten and piss off most of the world, so it would hopefully be a brief war and NK would be leveled to dust. I just feel badly for the innocent people in NK who are suffering and brainwashed.
Sony should release the movie. The bottom line is that whatever these hackers have or will do, they will act on regardless -- it's just a matter of time.
The North Korean government (PDRK) has been trying to get official recognition as a "Government" since the 1953 truce talks. The "Official" entity on our side is the United Nations and the North Koreans, Communist Chinese, Soviet Russians were on the other side with the latter two denying official involvement. So far, our Presidents haven't swallowed the bait (Ike, JFK, LBJ, RMN, Gerald Ford, even Carter(!), Reagan, Both Bushes, and Bill Clinton) but I'm not betting on the current White House Resident. There is a precedent: FDR was the first US President to officially recognize the homicidal regime of the USSR under Stalin. Stay tuned, bat fans.
You’ve heard of the Sony Hack, right?
Ok, ok, I’m laughin me arse off over here.
I do SO enjoy a good practical joke sometimes!
About two weeks ago, I logged into equipment in Japan where all internet based communication goes through.
All traffic in Asia to the United States goes through Japan.
I had still had administrative access to the equipment I had worked with when I was sent to Hong Kong and Singapore to optimize networks and software systems for both the NSA and for Prudential Real Estate and Relocation which Warren Buffet was in the process of purchasing.
In a relatively simple computer program I placed on the equipment which is used to communicate between Sony and the United States, I created something called a ‘spoofed’ log entry.
A spoofed log entry is a ‘fictionalized’ entry which has not really happened.
Anytime information was grabbed from Sony by legitimate users, I would randomly place a spoofed log entry which would make it appear like information was being sent to North Korea.
In a nutshell what this means is data was never stolen.
It took Sony’s administrators 3 days to figure out what happened.
By then, they were so mired in their lies they could not change course.
In any case.
NOTHING I DID was illegal.
I had legitimate administrative access to the equipment which have had little, if any maintenance since I last did work on them in 2009.
And since the administrators of this equipment have had little, if any, awareness of what’s going on with their equipment let alone how their systems work.
THAT, my friends, is what a homeless hacker does when he’s bored and penniless.
http://universalbri.wordpress....
We do not give a flying fuck about Sony being hacked.