FBI BLAMES NORTH KOREA [Surrogate of China]FOR THE SONY HACK
The FBI officially blamed North Korea for the unprecedented Sony hack in a statement on Friday morning.
From the statement:
As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
· Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
· The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
· Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
The FBI's statement follows weeks of rumors and speculation that the rogue state was responsible for targeting Sony Pictures Entertainment in retaliation for Kim Jong-un assassination movie "The Interview," which Sony has agreed not to release in the face of ongoing threats of leaks and further attacks.
The attack was "far more destructive than any seen before on American soil," intelligence officials have concluded, according to The New York Times.
But there's still very much we don't know about the attack, as even the FBI statement acknowledges.
Earlier Friday a US official reported that the North Korean hack has a Chinese link either through collaboration with Chinese actors or by using Chinese servers to mask the origination of the hack.
US Options
As far as US options in response, there are few immediate options, all of which come with risks. In any case, the best course may be call out the Chinese government.
"The only lever that I can see is China," Dave Aitel, a former NSA research scientist and CEO of the cybersecurity firm Immunity, told Business Insider in an interview. "And what you may see is that it comes out there were some Chinese resources involves in this, and then pressure them to get on board."
One option is sanctions against the North Korean regime. But Pyongyang is already heavily sanctioned and additional measures would anger China. [really?!]
"The Obama administration has been reluctant to embrace " the sanctions approach, Associated Press reports. "The biggest impact would be felt by banks in China, complicating US efforts to [cuddle up to] Beijing."
A do nothing option or cyber retaliation. But that risks escalation.
One proactive move the US should consider, Aitel told Business Insider earlier this week, is "declaring certain cyberattacks terrorist acts and the groups behind them terrorists," which would "set in motion a wider range of legal authority, US government/military resources, and international options."
In any case, the US will need a new policy when it comes to cyberattacks by state-backed actors.
"This is not something you say 'President Obama solved this tomorrow,'" Aitel said, noting that "deep down the policy engine of the US is very slow, and this case is very complex and has to do with China as well."
China being involved — makes pressuring Beijing the only option.
Its been well known for decades now that China routinely hacks US companies in search of intellectual property such as military technology and "to learn about how a company might approach negotiations with a Chinese company," according to FBI Director James Comey.
"You have to have a cyber policy [as an act of war], and get the Chinese on board with your policy," Aitel said. "We have to have very clear statement about what lines you cannot cross, and what we're going to do about it."
The attack on Sony, more than three weeks ago, was conducted by hackers calling themselves "Guardians of Peace."
The November hack is the second major attack in which hackers targeted American corporate infrastructure on a large scale with the primary goal of destroying it (as opposed to stealing from it or spying on it).
Dozens of terabytes of information were taken. Chaos has gripped the entertainment world as hackers dumped information online and news organizations scrambled to cover every possible angle.
Here's a roundup of some of the leaked information:
- A trove of emails from Snapchat CEO Evan Spiegel
- Some inappropriate comments about Barack Obama
- Actors' salaries for "American Hustle"
- Sony executive salaries
- Celebrity's aliases
- Snarky comments from the top about actor-comedian Kevin Hart
- A "21 Jump Street"-"Men In Black" crossover may be in the works
- Disney wants "Spider-Man" for their Marvel Universe
- Sony's troubled relationship with Adam Sandler
- Screener copies of upcoming Sony films have popped up online
President [do nothing] Barack Obama was expected to address the issue at a 1:30 p.m. (13:30 EST) end-of-year news conference.
No comments:
Post a Comment
Comments always welcome!