The FBI -- putting its rep on the line -- says that North Korea is definitely fer sure
behind that Great Sony Hack Attack. Yet North Korea says not only that they didn't do it, but that they want to join with the US
in a joint effort to uncover the real culprit. Of course, that will never happen -- especially since NK feels compelled to word their invite in a very uninviting fashion:
"If the U.S. refuses to accept our proposal for a joint investigation and continues to talk about some kind of response by dragging us into the case, it must remember there will be grave consequences," the spokesman said.
That kind of talk is not a way to make new friends. And certainly not the best way to allay suspicions.
is the FBI's evidence against NK:
The FBI said the malware "revealed links to other malware that the FBI knows North Korean actors previously developed."
Further, the FBI noticed "significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea." For instance, the FBI said several IP addresses with "known North Korean infrastructure" communicated with IP addresses "hardcoded" into the malware that ripped through Sony's systems, deleting data and swiping sensitive information and rendering thousands of computers inoperable.
The FBI also said the "tools" used in the attack are similar to those in a North Korea-led attack against South Korean banks and media outlets last year.
But what if the FBI has it all wrong?
(That link goes to a Rachel Maddow segment which I'd like to embed here but can't.)
The Christian Science Monitor talked to some experts who don't agree with the FBI's assessment...
“It’s mostly a repeat of information that has been in the public before,” Rob Graham, chief executive officer of research firm Errata Security, said of the FBI's statement issued Friday.
Many prominent names in the field, Graham and others, took to Twitter to express their concern. "I'm completely underwhelmed by the FBI's 'proof' attributing Sony attack to North Korea," Graham tweeted from his @ErrataRob account.
All of the technical watermarks can and frequently be falsified or mimicked by hackers.
“We know that hackers share malware on forums. Every hacker in the world has all the source code available,” says Mr. Graham.
“I think you have to go back to the original ransom note,” says Graham Cluley, a former antivirus software programmer and security consultant who currently writes about the industry for grahamcluley.com, a security blog.
“It didn’t ask for 'The Interview' to not be released, it asked for money," he says. "In Dark Seoul, there were no demands. They just wiped everything. We’re not even entirely sure that North Korea did that attack. We think they did, but it hasn’t been proven.”
My take? I'm not going to say that the FBI is incapable of lying. Far from it! But I can't think of any instance in which the Bureau did anything to risk injury to its god-like reputation for tech prowess.
On the other hand, Cluley raises some damned fine points -- points which most journalists covering this story refuse to mention.
The BBC presents a more-or-less balanced look at the details