ITsecurity
twitter facebook rss

North Korea did not attack Sony; & the US did not attack North Korea

Posted by on December 23, 2014.

The official line from the US is that North Korea attacked Sony; and the official line from the British custodian of truth, the BBC Radio 4 news, is that the US probably attacked North Korea (which the US has declined to deny). Both are almost certainly false.

While the US, from Obama down, insists it has proof (but won’t say what) that North Korea was behind the Sony attack, the vast majority of genuine security experts believe that this is highly unlikely. There is a detailed summary on the Fabius Maximus website: The FBI told their story about North Korea attacking Sony. Before we retaliate, read what they didn’t tell you.

Summary: The government blames North Korea of the Axis of Evil for the attack on Sony, a claim quite like the bogus claims of the past we so credulously believed. No matter how often they lie to us, Americans believe what the government tells us. They lie, we believe, their lies are exposed — rinse, repeat. It makes us easy to govern…

But the implication today is that the US has already retaliated. By not denying that it is behind the North Korean tango down, the US government is implying that it did indeed take the country off the internet in retaliation for the act of cyberwar against Sony. This is possible, but highly unlikely. While being an inconvenience for NK, it does not visibly hurt anyone to the extent that Sony has been hurt. It’s simply not a very good retaliation — just ask Israel what retaliation really means.

There are more credible suggestions that the NK attack was a relatively simple and not very complex DDoS from actors possibly annoyed at the censorship of The Interview. Consider this comment from Ofer Gayer, security researcher at Incapsula:

According to public reports, North Korea’s total bandwidth is 2.5 gigabits per second, with a single Internet Service Provider STAR-KP, and a single IP range consisting of 1024 addresses. We routinely see attacks of 10 to 20 gigabits against our commercial clients, with those of 100 gigabits per second no longer uncommon. Even if North Korea had ten times their publicly reported bandwidth, bringing down their connection to the Internet would not be difficult from a resource or technical standpoint.

And then this commentary from Dan Holden of Arbor Networks:

Anonymous has been tweeting about not only releasing the movie, The Interview, but taking revenge on North Korea for the movie being taken out of theaters. A second hacktivist cyber-terrorist group, Lizard Squad, is also active on Twitter:

Lizard Squad tweets on North Korea

At this stage I don’t think we can say for certain who is behind either of the attacks against Sony and North Korea. But what I am sure of is that North Korea did not attack Sony; and the US did not attack North Korea.


Share This:
Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: News, News_hacks, News_politics | Tags: , ,