Wednesday, December 31, 2014

North Korea, The FBI, and egg-on-face syndrome

Yesterday, The Los Angeles Times published a piece arguing that a Sony insider -- not North Korea -- pulled off the Great Sony Hack.
Respected voices in the online security and anti-hacking community say the evidence presented publicly by the FBI is not enough to draw firm conclusions.

They argue that the connections between the Sony hack and the North Korean government amount to circumstantial evidence. Further, they say the level of the breach indicates an intimate knowledge of Sony's computer systems that could have come from someone on the inside.

This week, prominent San Mateo, Calif., cybersecurity firm Norse Corp. — whose clients include government agencies, financial institutions and technology companies — briefed law enforcement officials on evidence it collected that pointed toward an inside job.
Kurt Stammberger is a VP at Norse.
Leads suggesting North Korea as the culprit turned out to be red herrings and dead ends, he said.

Instead, the data pointed to a former employee who may have collaborated with outside hackers. The employee, who left the studio in a May restructuring, had the qualifications and access necessary to carry out the crime, according to Stammberger.

Moreover, names of company servers and passwords were programmed into the malware that infiltrated the studio's network, suggesting hackers had inside knowledge of the studio's systems, Stammberger said.
Ralph Echemendia directs another cyber firm called Red-e Digital. He says that the hackers tried to "monetize" their hack, and only when that attempt failed did they make any mention of The Interview. In other words: When they couldn't get the $$$, they went for the lulz.

A disturbing parallel. The FBI continues to insist that North Korea did it. Emptywheel points out the disturbing parallels between the FBI's work on this case and the job they did on the great anthrax scare.
So 13 years ago, anonymous sources blamed Iraq for the attack, 12 years ago they blamed Steven Hatfill, and 6 years ago, they started blaming Bruce Ivins. Probably, none of those claims are true.
The problems with the Ivins claim stem entirely (says Marcy) from the FBI's bizarre refusal even to consider the possibility of a criminal conspiracy.

Her argument, vis-a-vis Ivins, derived largely from this piece by Jim White, published on Marcy's site in 2011 (and based on documents released to Marcy Wheeler).

The 2011 article offers a remarkable reconstruction of events. One key document: A 1999 assessment by USAMRIID (the U.S. Army Medical Research Institute of Infectious Diseases, which really needs to come up with a shorter name). The report speaks of the threat of stolen infectious agents, and of possible  thefts perpetrated by insiders.

White thinks that the 2001 anthrax strain  came from a biowarfare facility located somewhere within the Nevada Test Site. (The Nevada Test Site is that weird, empty landscape you pass by when driving from Vegas to Mercury, Nevada.) The whole incident may have been a deliberate ploy to secure funding for a massive new Defense Threat Reduction Center in Fort Belvoir, Virginia, which opened in 2005.

Well, that's one theory. There's a lot more to the anthrax story (and I won't be surprised if one of my readers decides to send in a riff on that topic).

The important take-away here is that the FBI has been wrong before. Hatfill didn't do it, and Ivins too may have been innocent. (PBS, not normally critical of the government, looked into the Ivins case in 2011.) Are the feds wrong now, on North Korea?

Let's return to Marcy's new story. The claim against NK was made not just by the FBI but by a firm called Mandiant, which specializes in cybersecurity. Mandiant has close ties to the American intelligence community, as you can see for yourself with a little googling.
There’s one more factor that deserves notice here: the role of cybersecurity firms in laundering government propaganda.

One of the most pregnant observations in Zetter’s Countdown to Zero Day comes after Symantec published the first details implicating the US and Israel in the StuxNet attack. The Symantec team expected a bunch of others to jump in and start validating their work. Instead, they were met with almost complete silence. While Zetter didn’t say it explicitly, the implication was that the security industry is driven by its interest in retaining the good will of the US Government.
And while in this case there is no lack of experts willing to push back against US claims, I just wonder whether at least some of the initial credulity on the North Korea claims arose because of the dominance of USG contractors among the earliest reports on the hack?
Under the circumstances, I'm surprised that so many cybersecurity firms are voicing their distrust of the FBI's findings.

Yes, it is very possible that the Bureau has information that they cannot share with the general public. Our intelligence community may have an "inside" source within NK.

But that's why we have intelligence committees, right? Isn't it time for the Bureau to present the full story to Congress?
Comments:
O/T but fun

http://www.huffingtonpost.com/2014/12/29/most-beautiful-libraries_n_6391600.html

Not the Library you are looking for but fun. Have a safe NY.
 
The last time I took anything the FBI said at face value was in 1966.
I just assume the agency is always lying. I think that's the safest way to go.
 
Having spent years researching this topic, I can tell you with 100% certainty the strain of anthrax could only have come from Fort Detrick (or oddly enough Iraq although there is no evidence that they had anything to do with this) and the FBI has done a piss poor job investigating this. They have ignored every bit of evidence contrary to their theories and even sabotaged some of it for unknown reasons. Scientists who have looked into this all agree the FBI is lying about this case and there is hard proof about it. There has been some good evidence against an Egyptian who worked in the Detrick lab that for some reason has also been ignored.
 
So the FBI blames North Korea for the Sony attack. Cybersecurity types are saying this is highly unlikely. You might remember that Sony was also hacked in 2011 by LulzSec. LulzSec was being run by a guy named Sabu. If you also remember... Sabu was working for the FBI for 7 months while he went around leaking Americans info with FBI approval. Sabu was also busy making attacks on computers in Iran, Syria, Pakistan and Brazil. Does your normal hacker give a shit about attacking computers in Syria and Iran? No. Who gives a shit about hacking computers in Syria and Iran?

Sony was in bed with RAND and the U.S. military who were feeding them stupid advice about how to make a movie about killing Kim Jong-Un. Then all of the sudden all of Sony's shit goes spilling out onto the web. The fact that this was Terabytes of data would seem to point to an inside man(or woman) according to Cyber Security types.

The FBI's first response was to predictably blame North Korea. This then gives U.S. intelligence an excuse to begin Cyber attacks against North Korea.

In matter of fact, if any one cared to look further, this is basically the same pattern that happened in the 1993 World Trade Center attacks, 9/11, and the Anthrax cases.

The FBI bungles an investigation with inside men, that leads to a destructive incident. Then the FBI misdirects blame, framing up a patsy which gives U.S. military/intel excuse to use patsies as an excuse to do X.

A company based in Seattle called Taia Global has fingered the Russians for being the most likely culprits behind the Sony attack. They are experts in Russian/Chinese cyber crimes. But remember, the FBI and U.S. intel has said absolutely NOTHING about Russians. They have been silent about Russian involvement. Why is that important?

Because if the Russians DID do it, it would seem to mean FBI & U.S. intel are either compromised by the Russians(which can't be totally ruled out). Or for some reason are strategically choosing to blame a patsy (North Korea) in place of the Russians. Otherwise there would be no reason for them to be silent on any Russian involvement.

But if the Russians DID NOT do it, then what does that leave us? Considering the focus of these attacks on places like North Korea, and in 2011 Syria and Iran... if Russia is not behind it, then we are back to considering that the culprit that attacked Sony would seem to be U.S. intelligence due to the strategic focus of the attacks. (One other possibility would be a false flag from Germany or France due to wrangling over privacy issues, but I don't see any evidence for that).

Whatever the case the FBI is a rotten filthy stinking egg that needs some serious inspection.

 
Also, remember that Sabu was pulled into the FBI's orbit as an agent provocatuer in June 2011. From June 2011 to March 2012 he worked under the FBI to attack both American and Foreign companies and the government websites of Syria, Iran, Pakistan and Brazil.

In early 2012 Sabu used Anonymous to attack corporate and government sites in Brazil. He was also interested in targets in Germany and Austria. Sabu was working for the FBI when he was using Anonymous as a patsy to attack Brazil. Brazil had been making efforts to decentralize the internet from American control. U.S. gov had bugged the phones of Brazilian officials.

So when Sabu ran his attacks, the FBI sat back and watched and did nothing.

Who benefits from all of this? The answer seems to be obvious. U.S. intelligence.

Would U.S. intelligence benefit from an attack against Sony?

A North Korea expert from RAND was working with Sony to advise on making a movie about killing Kim Jong-Un. A comedy apparently intended to associate hilarity in the American mind with the killing a foreign dictator, therefore making it more acceptable.

Sony is then hacked, with all sorts of indicators leading like bread crumbs right back to North Korea. The FBI without any apparent investigation blames North Korea inmmediately. Exactly like in 9/11. Meanwhile, Sony heads are being blackmailed by the "hackers" who are threatening to leak private Sony info or commit terror acts 9/11 style if they release the movie. Would North Korea threaten to commit 9/11 terror on the US over a fucking movie? No.

Obama and U.S. intel tell Sony to have balls and release the movie anyways, to spite those commie North Koreans which they do.

NOTHING HAPPENS.

No terror attacks, No more leaks from the hackers. Nothing.

So who benefits from this?

Obviously not North Korea.

Sony got their movie released, U.S. intel clandestinely responded with cyber attacks on North Korea, all of Sony's "Hollyweird" liberal commie leadership got blackmailed into playing ball under threat that more of their private info might get released or "Terra" might be unleashed on them. Sony released the movie against North Korea's wishes. The movie which had a $44 million budget made a good chunk of change due to the hype.

The alleged hackers responded to all of this by doing : NOTHING.

So I think we all know where the evidence is leading.
 
Post a Comment

<< Home


This page is 

powered by Blogger. 

Isn't yours?






























FeedWind












FeedWind