Slashdot Mirror
FBI: North Korean Hackers "Got Sloppy", Leaked IP Addresses
An anonymous reader writes "The FBI launched a PR counterattack against skeptics of the assertion by the US government that North Korean hackers were responsible for anonymous threats received by Sony before its scheduled premiere of the film The Interview. Sony initially cancelled the Christmas day release, but later relented after receiving extensive criticism. In a speech at a New York City cybersecurity conference hosted by Fordham University, FBI Director James Comey said that while the attackers concealed their identify by using proxy servers, on occasion they "got sloppy" and made direct connections, exposing their true IP addresses; these indicated a North Korea origin. Comey also mentioned additional corroborative evidence, including patterns matching those seen in previous attacks known to have come from North Korea, but was guarded on details. Also at the Fordham conference, US Director of National Intelligence James Clapper mentioned recently meeting the Kim Yong Chol, the North Korean general in charge of cyberwarfare. Clapper emphasized Kim's belligerence and lack of a sense of humor, implying that an advance screening of "The Interview" would likely have enraged and provoked the North Korean brass."
Seriously? Who writes this stuff?
The CIA.
Until now, I believed it was North Korea.
But the US government always lies. I'm starting to doubt!
Sometimes, Occam's razor comes to bear.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Listening to his speech is like sitting through a Transformers movie. You know the words, and you know the terms, but theyre all used in an entirely incoherent fashion. James seems to think hacking works just like a James Bond film in that its all about time. hackers that 'disconnect quickly' wont be found and those that 'get sloppy' will be detected by some ostentatious array of flashing lights and sirens attached to a mainframe.
James hasnt pulled his star wars head out of his NCIS ass and given any pertanent information like how hackers breeched sony, what attack vectors were used, what exploits were performed (if any) and what if any IDS or firewall technology was complicit in the breech. So given the lack of seriously technical information surrounding this leak its more than plausible by Occams Razor that Sony was the result of a simple phishing attack or bruteforce. Its also a little too convenient that a country which outright bans american films and that would never have to tolerate its citizenry watching it, happens to care enough to make a retaliatory strike against what for all intents and purposes is a nonthreat. What IS however quite possible is a disgruntled employee simply decided to dump the mail server to the pirate bay, and because you can as a business affect an insurance claim against hackers, its convenient to do so in the face of a movie that will in all likelyhood barely break even.
Good people go to bed earlier.
Is this the same James Clapper who lied to Congress, and now expects us to believe him?
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Yup, definitely North Korea! There is no possibility that anyone could have setup a proxy account on some North Korean IPs.
Do you understand how impossible it is to get "a proxy account" into or out of North Korea? Clearly you do not. The have only one single block of IPv4 addresses.
The "got sloppy and leaked IP addrs" sounds like the same way the Silk Road server was found. I wonder what parallel construction existed (NSA?) telling the FBI where to look, and what to look for. Of course, we'll never hear those details because, "National Security".
Seriously? Who writes this stuff?
Sony's script writing department.
Can't you tell they've gotten a lot better, lately?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
"Clapper emphasized Kim's belligerence and lack of a sense of humor, implying that an advance screening of "The Interview" would likely have enraged and provoked the North Korean brass."
Well FUCK ME: if Kim Yong Chol can't take a little "jokey-joke" then obviously it was DPRK who stole the cookies from the cookie jar!
"FBI Director James Comey said that while the attackers concealed their identify by using proxy servers, on occasion they "got sloppy" and made direct connections, exposing their true IP addresses; these indicated a North Korea origin."
Well SHIT: apparently when the attackers connect from Eastern Europe: "it's a proxy server" but if they connect from an IP address inside a regime the CIA has a hard-on for pressuring economically: it's a smoking gun.
"Comey also mentioned additional corroborative evidence, including patterns matching those seen in previous attacks known to have come from North Korea, but was guarded on details"
BLAH BLAH "secret evidence" BLAH: here's the problem with sticking your nose up everyone's ass Clapper, even when you "know" something is a fact: nobody believes you because the evidence was gathered through spying and deciept! Even if you manage to fabricate some "parallel" construction without revealing which routers on the TREASURE MAP are poisoned: nobody will fucking believe you because you've lost all credibility.
Essentially, the FBI is saying "Trust us: you know we're hacking everyone else so you can trust us when we say we have SECRET EVIDENCE that North Korea hacked Sony". Everything else is just confirmation bias bullshit.
I'm by no means a penn-tester, but I know the routine well enough to say that claims of attack heuristics having unique or distinct fingerprint are pretty fucking sketchy. 2/3rds of Penn-testers never have to do more than litter "SEX TAPE" cds/usb thumb drives in the parking lot, run a metasploit scan, set up a fake wifi hotspot, or ARP-Spoof the router to get everything they need for total network rape.
If a random hacker owns my box using these tactics, did North Korea do it because we've seen them run Metasploit scans before?
This shit was obviously a for-profit hack which went pear shaped, and then the State Deparment/defense Intelligence/cyber-warfare wing jumped on this shit like a bunch of opportunist dogs in heat. Not the case? Then how about some of that transparency Obama promised us and they can pull the viel off the SECRET EVIDENCE or STFU and quit wasting everyone's time pretending they need an excuse to put economic sanctions on North Korea.
Do it cause "glorious leader has a bad haircut" for all I care, but stop pissing on us and telling us it's raining: I'm sick of being lied to be these assholes.
It must be true, Colin Powell brought a vial to the United Nations Security Council, and claimed it contained a 99.9999% pure North Korean IP.
Playing devil's advocate, it's possible that it wasn't the North Koreans who '"got sloppy" and made direct connections, exposing their true IP addresses'. Another explanation would be that some other group is responsible and got clever, routing attacks via North Korea to shift the blame.
The CIA has learned over the decades that it really doesn't matter how many times you fuck up, or how awful and short-sighted your intelligence is, or even how many international incidents you cause or stupid wars you help start. All that matters is how well you bullshit the American people. And the American people are pretty easy to bullshit.
SJW's don't eliminate discrimination. They just expropriate it for themselves.
Satire should NEVER be illegal.
Just go ask Salman Rushdie, a man who risked his own life by refusing to back down from his novel in the face of very real threats to his life. He'll tell you, like he did regarding the Charlie Hebdo attacks, that satire "has always been a force for liberty and against tyranny, dishonesty and stupidity." Neither you, me, a state, or a group of religious fanatics should get to say what speech is or is not acceptable.
"Everybody else pretty much agrees North Korea did it... "
Wait, what? I was under the impression that -no one- thinks North Korea did it. I certainly don't, and that's in part because my government is so -focused- on getting us to believe they did.
And in part because the president is a democrat (pwned by Hollywood).
And in part because of what was hacked, what was released.
(another) data breach is embarrassing. An attack by NK garners sympathy. Also, without this hack The Interview would have made about a dollar.
No idea why 'North Korea did it' can possible be modded "Informative".
Samsung took back my unlocked bootloader because Google wants me to rent movies. They're both evil.
You are correct in that it shouldn't need to be debated as it should outright be LEGAL. A "living leader" of any country is just a person; they are no different than any of us. Your only logical position would be to make it illegal to make a movie about assassinating any living person.
What rock did you just crawl out from under?
Most are in agreement that North Korea did NOT do this.
I'm a Network Engineer. I have been in the I.T. field for 30 years and my specialty is information security. My Job is to break into networks, to make sure people can't break into networks. I'm a professional white hat hacker.
Part of my job is watching the hacking trends. I watch the forums, newsgroups, blogs, video channels, chat rooms, etc. etc. I do this to keep an eye out on the hackers to see if they are planning any cyber attacks on my customers. I also have been watching other cyber conflicts around the world, and Sony has been in a cyber war for nearly a dozen years. They have angered a lot of people.
Sony has a history of not treating their own employees very well, taking hostile acts against their customers, and this is usually a mixture for disgruntled employees.
Any large network would notice several terabytes going over the lines, and we are talking about a hundred times that. North Korea does not have the bandwidth for that, even if they can keep their electricity running, and they are not going to launch an attack on a stupid company over a stupid movie while Obama has been pointing fingers and threatening him for years.
In addition, I know at least 100 other people in my same field and our combined experience is well over 1200 years, and I am telling you, there is NO WAY North Korea was behind these attacks.
The FBI is full of it.
" there is NO WAY North Korea was behind these attacks."
Thanks Mr Anon. We'll all take your word on the subject even though it's based on having absolutely ZERO inside knowledge of ANYTHING related to this situation.
If you do not understand that every packet in and out of NK is logged then hand in your geek badge. If you do not understand that major efforts over the last few years have focused on being able to scrutinize all that traffic successfully then hand in your geek badge. If you do not understand that all activity including packet size packet count and timing information through NSA managed Tor nodes can be used to trace an attack especially one transferring such massive quantities of data making it impossible to hide even with obfuscation then hand in your geek badge, you truly are an idiot who slept through the Snowden revelations. They KNOW who conducted this attack and they will never tell you why for good reason. Some "security expert" claiming otherwise if no such thing, but you're always find some dummy looking for a headline.
Various empire building "cyberwarfare" types do even if it's to the detriment of other parts of the government that are defunded to feed their growth.
I've spoken to someone who managed to get out of N.K. so I'm well aware that it's a basket case of evil, but we're just being misdirected by self serving pricks in this case. The links were suggested long after the hack and the very convenient story started building after that.
Let's rephrase the question: what exactly would the US Government have to release to you in order to believe it was the DPRK that committed this hack?
Unedited video of Apollo 11 going to the moon where Neil Armstrong found a second gunman guarding Obama's birth certificate.
Right now there is a controversy going on in India. A top Muslim actor played the lead role in a movie that makes fun of Hindu godmen, has scenes where the prime Hindu deity Shiva gets chased down the streets of India, losing his clothes and ends up in underwear. Many Hindu organizations are outraged, but none of them have urged any of their followers to kill anyone. They petitioned the courts to ban the movie. India has a board of film censors, it approved the movie. The head of the board is a Catholic Christian. She has been quick in the past to ban movies that "hurt the sentiments of the Christian/Muslim communities and might endanger communal harmony". Courts have refused to ban the movie. And all the Hindu organizations are being lectured on tolerance, freedom of expression etc.
My problem with the West is that never find good things to encourage and praise. With all that caste, linguistic, religious divisions and abject poverty India is struggling to be a democracy, to uphold values of freedom of expression etc etc. Ostensibly West wants to promote these values. But most stories about India are about its problems.
In the face of Paris outrage, as part of denouncing terrorism, if they have shown a token respect for India/Hindus, that would send shock waves among the Muslim communities. "You attack us violently, we will show sympathy and support for your enemies, the Hindus" is an angle that might play well.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Yup, definitely North Korea! There is no possibility that anyone could have setup a proxy account on some North Korean IPs.
Do you understand how impossible it is to get "a proxy account" into or out of North Korea? Clearly you do not. The have only one single block of IPv4 addresses.
Why would DPRK hackers be using the DPRK IPv4 address space when they are reportedly set up in China ? When I visited North Korea 6 months ago, the largest, most modern, and most prestigious hotel in the largest and most prestigious city (Pyongyang) was using dialup for internet access. To a Chinese ISP.
There are too many inconsistencies in the FBI's story. There are too many liars and too many suspects on all sides. Unless someone takes credit, there is no way to know who did the hacking.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.