According to CNN, the FBI may have misled the president about who was responsible for hacking into Sony’s computers:
Sure, North Korea’s government despises the movie “The Interview.”
But when its propagandists say it did not hack Sony Pictures before the original release date of the flick that satirizes dictator Kim Jong-un, they might just be telling the truth.
Some U.S. cyber experts say the evidence the FBI has presented to attempt to incriminate hackers working for the communist regime is not enough to pin the blame on Pyongyang.
“It’s clear to us, based on both forensic and other evidence we’ve collected, that unequivocally they are not responsible for orchestrating or initiating the attack on Sony,” said Sam Glines, who runs the cybersecurity company Norse.
The FBI has said that code in the malware used by a group called “Guardians of Peace” (GoP) in the attack on Sony is similar to code used by North Korea in other attacks.
But that code was leaked a long time ago, experts say. Any hacker anywhere in the world could have used it.
This wouldn’t be a particularly important possibility except for the fact that the administration isn’t exactly denying launching a retaliatory cyberattack on the North Koreans which shut down their internet. In fact, the North Koreans just experienced another massive shutdown of both their internet and 3G cell phone service. This led to a nasty incident in which “an unidentified spokesman for North Korea’s National Defense Commission told the official Korean Central News Agency, “Obama always goes reckless in words and deeds like a monkey in a tropical forest.””
I hope I do not need to remind you of a few rather important facts.
North Korea:
1. Has nuclear weapons.
2. Has a leader who appears to be insane.
3. Has a paranoid and bellicose military.
4. Patrols a Demilitarized Zone that separates it from tens of thousands of American soldiers.
5. Has a war doctrine that depends on attacking first and destroying Seoul, the capital of South Korea with a population of ten million people.
Under these circumstances, it would seem just a tad irresponsible to wrongly accuse the North Koreans of committing a cyberattack and then to knock out their ears and eyes so that they cannot know if they are about to experience a military invasion. Something like that could lead the North Koreans to panic and launch an attack of their own, possibly including a nuclear weapon.
If the FBI misinformed the president about the strength of their evidence, they just risked getting hundreds of thousands if not millions of people killed.
It would seem kind of vital to find out if that is really what just happened.
Because it wasn’t North Korea, Sony reversed the decision and The Interview was released on Christmas Day in some theaters.
From my diary of Dec. 24th – Obama Got It Wrong, Sony Hack Was an Insider Job!.
The CIA.
The NSA.
The other “spook” agencies.
Now, the NYPD.
All, bucking against, or trying to undermine, civilian authority.
Can everyone say “Police State?”
And if they get their way, can everyone spell,
F-A-S-C-I-S-M?”
Interesting times.
Maybe, perilous times…
Exactly. And unless you think that Obama hasn’t noticed you have to figure out how and why he gets along.
Malia
Sasha
Michelle
does he? he does have the party of no among other problems, a complicated navigation
A dying hegemon is not a pretty sight.
If we can keep it down to millions, we will have done good.
It’s the BILLIONS that I’m concerned about.
How is it that readers of this blog could tell that North Korea might be behind it but probably was not, but not the FBI and president? Misleading the president is a huge problem, but so is listening to them to the point of giving them the go ahead to confirm it to the media when there are many experts saying the opposite?
well, at the time, there weren’t many experts saying the opposite – if you’re referring to Obama and The Interview and not Colin Power. Although, tech info aside, it was strange (but riveting) that the producer confidential emails were released.
An awful lot of arm-chair quarterbacking is going on about this topic.
Obama isn’t stupid. Does he have a history of making unfounded allegations against other nations? The people who do investigate IT breaches for a living in the government aren’t stupid either.
Those who say it was an inside job at Sony – it would be nice if they could explain how someone who works for a living has time to develop and hatch a multi-pronged attack like this yet (if they were in IT security) didn’t have time to secure Sony from such outside attacks? And if they weren’t in IT security, how they had time to develop the expertise to begin with? Just because the tools are available doesn’t mean that l33t Joe Haxxor can actually pull it off.
Let’s be skeptical of the “experts” who say that it couldn’t have been the DPRK.
Even though Addington and Cheney and the rest of those war mongers lied to get us to invade Iraq, that doesn’t mean that the FBI and US-CERT and the rest are wrong about DPRK being involved in this attack on Sony. The Obama administration isn’t going to release all the evidence they have…
http://krebsonsecurity.com/2014/12/the-case-for-n-koreas-role-in-sony-hack/
FWIW.
Cheers,
Scott.
Yes. Although he prefers that State and Defense issue the more strident statements of allegations.
WH dot gov
On Ghouta chemical attack
Note the evidence was so dodgy that Cameron couldn’t get Parliament to go along with attacking Syria and it wasn’t even strong enough for Obama to take it to a Congress that loves more war.
The evidence indicates he was right about both those things, too.
The final MH-17 report is still a few months away, but the official site has lots of info – http://www.onderzoeksraad.nl/en/onderzoek/2049/investigation-crash-mh17-17-july-2014
Just because a country doesn’t want to get involved in hostilities doesn’t mean they think the evidence presented is wrong or insufficient to apportion blame…
HTH.
Cheers,
Scott.
Actually, no.
My series of diaries about the MH-17 cover-up and the Dutch government from day one.
○ MH17 Investigation: Not Exclusive the BUK Missile Scenario
○ US and Dutch Cover-up of MH-17 Ukraine Crash Evidence
Dutch journalists and members of parliament are at last starting to ask questions. Family of victims and Malaysian sources want the United Nations to take over the investigation from the Dutch government. A new documentary this week on Dutch television: Nieuwsuur.
At the time Obama made those statements, the evidence was weak and at best controversial and debatable. No subsequent information/data has emerged to strengthen Obama’s allegations and more non-confirming data has dribbled out.
My new diary – Demonizing North Korea: Lies Concerning the Cheonan Incident.
Because, as I have noted both here and elsewhere going back a couple of weeks now, this is what I do on the outside: computers and computer security. The information made public just wasn’t all that informative – we all have a pretty good idea How much money they make; nor even salicous – snippy rich bitches send snippy rich bitch emails; and don’t get me started on bimbos that leave nudie pictures of herself on a server out there somewhere. Secondly…
My dusty old hometown out here on the Oregon High Desert has more computing power, more servers, networks blogs and commercial websites… more Internet sophistication, than North Korea. Simply put, NK simply is not sophisticated enough to mount that complicated a hack. In short it has the motivation nor modus operandi.
Hence: an elaborate publicity stunt to sucker the rubes into watching a shitty slap shtick propaganda movie normalizing the blowing up of a foreign leader’s head. Not decapitation, mind you, that’s not good enough… blow up the tin-pot dictator’s head. In light of previous failures – this the third movie in as many years: a GI Joe cartoon and the equally cartoonish remake of Red Dawn – it was obvious from the start that it all been an elaborate publicity stunt to suckers the rubes into watching propaganda to gin up some more war.
a really really stupid movie promotion idea is what occurred to me first and I’d still go with that, with maybe some ppl taking advantage, as it were, part of the mess
We have become such a culture of tin foil hats that it would be no wonder if a bad actor middleman decided to take advantage of the media’s penchant for fear mongering and let the FBI loose on a wild goose chase, complete with finger pointing, only to stir up retaliation promises which rile the N Koreans.
The fear mongering has made us vulnerable to our own over reactions so why wouldn’t some entity move to push our buttons?
or, it might be related to other events designed to undermine Obama – I’m disgusted that some commenters on this site are playing along with that possible scenario
I ‘m really more-than-half believing that the internal management of the CIA (not Brennan) is to Obama as the internal management of the NYPD (not Bratton) is to de Blasio. Are you saying the same applies to FBI?
well, it does seem like a lot to suggest. Just that it’s such a major mistake, and opportune distraction. I’d at least like to open the possibility that someone took this opportunity to undermine Obama. the issue was imo also completely mis-spun as it were, since Sony owns the film, their decision not to spend additional $$ releasing it is their own business decision not a matter of free speech per se. there was all that urgency because release dates are set so far in advance and involve so much scheduling. Onec an internal hack is shown to be likely all kinds of options are on the table – cui bono, as they say, and all kinds of movie biz internal issues could have started it and someone else just decided to run with the opportunity. I guess, to answer your question, I wouldn’t really say that about the FBI but someone may have used the event to that result for their own purposes
The President hasn’t been in true control of the State Department, the intelligence agencies or the military since that power was taken from the office in 1963. Republican Presidents generally have been in agreement with these units of the government, although Nixon still actually presumed he was President, which was an error on his part.
The conspiracy theories write themselves. Where’s Gilroy when you need him?
Because our government would never lie to us, it must be a “theory.”
Your mindset, your willingness to accept government propaganda in its various delicious forms, has played a large part in the destruction of real democracy.
Wow. You seem to know so much about my “mindset”. Oh wait, you actually know nothing about me . Never mind.
I only know what you wrote. Quite honestly, don’t you think at this late stage it’s a little late to be throwing out the conspiracy theory card?
No, you don’t.
Obviously you didn’t actually read what I wrote. Here it is again:
The conspiracy theories write themselves.
Now read all the comments in this thread. My statement is a characterization of some of what is written here. Got it now?
And the numerous possibilities laid out in the CNN piece. None of those seem a bit unlikely to you?
Those five facts about North Korea should produce caution, but North Korea’s continued presence as a regime seems to stick in some policy people’s craw.
There are five facts about the United States of America:
That should and likely does give the North Korean foreign policy establishment pause. Their collective national security leadership has been at this conflict as long as has the US national security leadership. Hopefully by now both sides know where the hot buttons are. Or even have some informal contacts for checking out when something is politically serious. (We know that we had some dumb luck during the Cuban Missile Crisis and that the “hot line” between the White House and the Kremlin did get used, and that even with that we almost saw nuclear war).
But an NSA shamed by the Snowden exposures and seeking relevance as an defensive cyberwarfare arm is not as careful about what it does. The aftermath of the StuxNet attack on Iran’s centrifuges now poses a threat to many types of supervisory control and data acquisition systems that control real-world equipment. If one is looking for an excuse to take out North Korea’s internet as a test exercise, seizing on another event can look attractive.
What is clear from the exposures of NSA activity is that NSA is FBI in its technical capabilities for identifying sources of attacks within the US. NSA does the analysis. It is NSA analysis that was presented to the President through the chain of command of the FBI.
It is also clear from the Snowden reports that the NSA has a lousy track record at identifying the source of any attacks, in cyberspace or outside cyberspace and is mostly set up to analyze attacks after the fact with large haystacks of information.
And the NSA lusts mightily after one, just one, actual national security success that they can point to before Congress.
We also know that the crown jewels of Sony’s realm is its highly digitally protected library of features and of features under development. And that there is a hacker war going on with Sony over its Playstation releases. We also know that extortion of large corporations is not unknown. And that the exploits used in hacker cyberattacks are often repurposed cyberweapon exploits invented by military contractors or personnel of one of the world’s militaries or another. And that most computer security anaylsis involves reverse engineering of attacks so as to understand how they work. In short, the signature of code that the NSA/FBI associated with North Korea could have come from almost anywhere unless there was a completely new wrinkle to it. It is also possible that another actor spoofed a North Korean signature for the NSA/FBI to find.
The point of the analysis of the inside job explanation is that the outside hack worked either because Sony doesn’t care enough about security to effectively protect the crown jewels or some insider left a hole in the security that that hack exploited. That it was not a totally outside attack.
The person who lied to the President was the person who gave the President the certitude that the hacker was indeed North Korea. (Look, we are talking about burglary of information here, not physical violence against persons; “attack” is inflammatory language.”)
What intrigues me about this story is that there are only three countries at the moment with which the US does not have diplomatic relations: Cuba, Iran, and North Korea. The US has denied recognition to North Korea for 66 years; it denied recognition to Cuba for over 50 years; it has denied recognition to Iran for 35 years. Withdrawal of ambassadors traditionally was an indication of pique or prelude to a state of war. This sort of long-term non-recognition is kind of unique and creates difficult intelligence problems. The US national security would be much improved if we had ambassadors and CIA stations in these countries (the CIA operations folks are a different matter). That can occur by the end of Obama’s Presidency and will be a historical step. It is also possible to move forward nonproliferation negotiations with both Iran and North Korea within the next two years. There are those within the national security establishment that want to deny these successes personally to President Obama or think that normal relations with these countries are unwise. President Obama might see North Korea as not doable himself and that prejudiced his reaction to whatever information he was provided.
Given the authority that news media give to FBI attributions of responsibility, it is very important to find out where this analysis went wrong, if it did. (But given the recent veracity of government assertions, how will verify that the FBI did have it right?)
The crisis of legitimacy that we face at all levels of government right now is rooted in the overuse of the policy of deception as a result of a 73-year-long war footing. The web becomes more entangled and the hall of mirrors more disorienting. To the point that we forget that we are still playing with nuclear weapons. And that a distrustful peace and good relations is better than the destruction of infrastructure and morality that comes with war.
Very good points, THD.
I don’t have a link for this, so call it an interesting rumor at this juncture, but I saw a report recently that Putin had offered for Russia to take NK under its protective ‘paw’ in exchange for relinquishing it nuclear weapons. A Syria repeat, so to speak. The idea (one of) is that once South Korea feels much less threatened, it will be a lot harder for them to continue to agree with being occupied by the hegemon. OMG! They might reunite!
Quick! A distraction needed pronto! Putin is doing diplomacy again.
Reuniting will be on mutual terms if it is just. And that likely looks more like South Korea’s society than North Korea’s society.
The Sunshine policy from 1998 to 2007 seemed to delay any thought of reuniting until there was effective normal diplomacy between the two nations. The South Korean government felt that German reunification had been too abrupt and destabilizing. And East Germany was closer matched economically to West Germany that the two Koreas were.
What that meant was some relaxing of sanctions and allowance of family remittances to North Korea. It was that policy that George W. Bush sat on in order to preserve an enemy.
South Korea sees the US presence as much a guard against Japan as North Korea. So there would have to be some substantial mutual trust built on a multilateral basis for the the US to completely disengage from East Asia.
Eventually the US might realize that there are better and more effective ways to be a hegemon than the expense of being forwardly deployed everywhere in the world.
fascinating
This would also be one of the least surprising events ever, right down there with the sun rising in the east tomorrow. Think COINTELPRO.