HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Ex-Anonymous hacker quest...

Sun Dec 21, 2014, 03:26 AM

Ex-Anonymous hacker questions North Korea's role in Sony hack

The United States is close to publicly blaming North Korea for the Sony cyberbreach. Could North Korea really pull off something like this when it can barely keep the lights on? A former American hacker who also attacked Sony is raising doubts, CBS News' Elaine Quijano reports.

Working under the code name Sabu, Hector Monsegur was responsible for some of the most notorious hacks ever committed. As he told "CBS This Morning" co-host Charlie Rose earlier this month, Monsegur began cooperating with the FBI after getting caught. He now works as a security researcher.

"For something like this to happen, it had to happen over a long period of time. You cannot just exfiltrate one terabyte or 100 terabytes of data in a matter of weeks," Monsegur said. "It's not possible. It would have taken months, maybe even years, to exfiltrate something like 100 terabytes of data without anyone noticing."

Administration officials believe North Korea was behind the hack.

"It could be. In my personal opinion, it's not," Monsegur said. "Look at the bandwidth going into North Korea. I mean, the pipelines, the pipes going in, handling data, they only have one major ISP across their entire nation. That kind of information flowing at one time would have shut down North Korean Internet completely."

<snip>

"Well, it doesn't tell me much. I've seen Russian hackers pretending to be Indian. I've seen Ukrainian hackers pretending to be Peruvian.There's hackers that pretend they're little girls. They do this for misinformation, disinformation, covering their tracks," he said. "Do you really think a bunch of nerds from North Korea are going to fly to New York and start blowing up movie theaters? No. It's not realistic. It's not about 'The interview.' It's about money. It's a professional job."

http://www.cbsnews.com/news/sony-hack-former-anonymous-hacker-not-convinced-north-korea-is-responsible/

36 replies, 3439 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 36 replies Author Time Post
Reply Ex-Anonymous hacker questions North Korea's role in Sony hack (Original post)
JonLP24 Dec 2014 OP
cheapdate Dec 2014 #1
JonLP24 Dec 2014 #3
Warren Stupidity Dec 2014 #20
cheapdate Dec 2014 #35
nichomachus Dec 2014 #30
cheapdate Dec 2014 #36
MinM Dec 2014 #32
cheapdate Dec 2014 #34
Sherman A1 Dec 2014 #2
JonLP24 Dec 2014 #4
delrem Dec 2014 #5
nichomachus Dec 2014 #31
MisterP Dec 2014 #33
Ichingcarpenter Dec 2014 #6
newfie11 Dec 2014 #9
Ichingcarpenter Dec 2014 #11
JonLP24 Dec 2014 #10
Jesus Malverde Dec 2014 #13
Ykcutnek Dec 2014 #7
JonLP24 Dec 2014 #8
Jesus Malverde Dec 2014 #14
JonLP24 Dec 2014 #16
Jesus Malverde Dec 2014 #17
Boreal Dec 2014 #18
Jesus Malverde Dec 2014 #19
DeSwiss Dec 2014 #12
Jesus Malverde Dec 2014 #15
Warren Stupidity Dec 2014 #21
Jesus Malverde Dec 2014 #22
Warren Stupidity Dec 2014 #23
Jesus Malverde Dec 2014 #24
Oilwellian Dec 2014 #25
unblock Dec 2014 #26
Faux pas Dec 2014 #27
kwassa Dec 2014 #28
nichomachus Dec 2014 #29

Response to JonLP24 (Original post)

Sun Dec 21, 2014, 03:35 AM

1. Yes, my leftist friends are very interested in alternative explanations.

They're either skeptical, or very confident that North Korea wasn't involved, although they're vague about who or why someone else did it.

At the risk of being called a mindless dupe and a lockstep drinker of the propaganda state koolaid, I'm going with the official version until a more compelling reason to believe otherwise is shown.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to cheapdate (Reply #1)

Sun Dec 21, 2014, 03:39 AM

3. I'm just learning as I go, myself

Last edited Sun Dec 21, 2014, 04:31 AM - Edit history (1)

I don't know for sure what took place as far as the who & the why is concerned but I found this interesting, from a perspective of a hacker.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to cheapdate (Reply #1)

Sun Dec 21, 2014, 08:47 AM

20. Ah, I love the smell of hippie punching in the morning.

 

You really have leftist friends?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #20)

Sun Dec 21, 2014, 04:07 PM

35. Yes, I really have leftist friends.

We collaborated with Middle Tennesseans for Religious Freedom during the mosque controversy here. Several are members of SOCM (Statewide Organizing for Community Empowerment, formerly Save Our Cumberland Mountains) of which I am also a member. We sometimes meet for Philosophy and Beer Fridays.

You're obviously free to call my post "hippie punching," but I'd say that's way off the mark. My leftist friends consider themselves as revolutionary socialists and Marxists, not hippies. Secondly, I only said that I'm not convinced by their arguments in this matter. That's not "hippie punching" unless you're only trying to stir up division for its own sake.


Reply to this post

Back to top Alert abuse Link here Permalink


Response to cheapdate (Reply #1)

Sun Dec 21, 2014, 11:47 AM

30. Wise move

Our government has never ever lied to us. Never. Ever. How are those WMDs in Iraq working out?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to nichomachus (Reply #30)

Sun Dec 21, 2014, 04:10 PM

36. Right on que, as predicted.

Of course our government has lied, continues to lie, and will lie in the future.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to cheapdate (Reply #1)

Sun Dec 21, 2014, 12:19 PM

32. What is the official version?

The Hollywood Reporter had an early version of this that still seems to be the most credible and plausible..

Sony Hack: Studio Security Points to Inside Job

Now the question of who is behind the attack has become a chilling Hollywood whodunit. While the hackers have identified themselves only as Guardians of Peace, emails pointing journalists to allegedly stolen files posted on a site called Pastebin came from a sender named "Nicole Basile." A woman by that name is credited on IMDb as an accountant on the studio's 2012 hit film The Amazing Spider-Man, and her LinkedIn page says she worked at Sony for one year in 2011. Basile couldn't be reached for comment and the studio declined to confirm if she works or has worked there.

Initial speculation swirled around a state-sponsored attack perpetrated by the North Korean government or its allies in retaliation for Sony's upcoming comedy The Interview, in which James Franco and Seth Rogen play journalists drafted by the CIA to assassinate North Korea leader Kim Jong Un. North Korean officials have condemned the movie, calling it "an act of war." But as the story of the cyberattack has grown, North Korea has been coy about its possible involvement. Asked by the BBC whether the government was involved in the attack, a spokesman said only, "Wait and see."

Inside the studio, though, sources say there is little evidence that North Korea is behind the attack. Cybersecurity expert Hemanshu Nigam also finds it hard to believe that North Korea is the perpetrator. Instead, he theorizes an employee or ex-employee with administrative access privileges is a more likely suspect. For the studio — which has laid off hundreds of employees over the past year in an effort to contain costs — the possibility of a disgruntled employee wreaking havoc is very real.

"If terabytes of data left the Sony networks, their network detection systems would have noticed easily," explains Nigam. "It would also take months for a hacker to figure out the topography of the Sony networks to know where critical assets are stored and to have access to the decryption keys needed to open up the screeners that have been leaked." In addition, he says, "Hackers don't use such things as Hushmail, Dropbox and Facebook when they want to engage in what amounts to criminal activity. Real hackers know that these sites collect access logs, IP addresses and work with law enforcement. It is possible that North Korean-sponsored hackers were working with someone on the inside. But it is more likely a ruse to shift blame, knowing the distaste the North Korean regime has for Sony Pictures." ...

http://www.hollywoodreporter.com/news/sony-hack-studio-security-points-753509

Sony Hackers Found

Reply to this post

Back to top Alert abuse Link here Permalink


Response to MinM (Reply #32)

Sun Dec 21, 2014, 03:47 PM

34. Official version : Ther North Korean state, under pathological magalomaniac Kim Jong-un,

was behind the attack.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 03:38 AM

2. Saw this interview the other day

and it does cause one to seriously wonder.

I just am not buying into "the North Koreans did the hacking memo". Did they make some noise about a movie they found offensive, sure and I think they were well within their rights to do so, but the hack, not so much.

I think Sony is trying to deflect the blame for their lack of IT security and shelving what was most likely a real dog of a movie, that was a real bad idea to produce from the start.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Sherman A1 (Reply #2)

Sun Dec 21, 2014, 03:41 AM

4. From the reviews of the movies doesn't make the last statement very convincing

Basically the initial consensus seemed to be few laughs, but likable characters much like comedies made every single year. I don't see why this one would be so special but I certainly don't rule it out.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 04:11 AM

5. I'm quite certain Putin did it.

Now I can already hear the screaming from the Putin Apologists that I'm a Kim Jong-un Apologist.
Just goes to show how low they'll go!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to delrem (Reply #5)

Sun Dec 21, 2014, 11:49 AM

31. Could have been

Could have been China, Romania, India. It could have been a bunch of free-lancing script kiddies trying to stir up international shit.

The question is whether we're really going to go to war because we found out that a Sony exec called Angelina Jolie a diva?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to delrem (Reply #5)

Sun Dec 21, 2014, 02:55 PM

33. I don't care what all the Bongo Ondimba pimps say, it was Gabon!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 04:28 AM

6. Who was most affected by the hack at Sony?

Its seems like its been the entertainment honchos
of Sony exposing their emails, salaries and inter-workings.

Now who would know about Sony's technology?


Sony Pictures lays off employees in' technology' group, including leader

2014 jan



Sony Pictures Entertainment has laid off an undisclosed number of people from its Sony Pictures Technologies group, including the unit's president, Chris Cookson.

The studio confirmed the layoffs, which occurred Wednesday, saying in a statement that the functions of Sony Pictures Technologies would be absorbed "into various core businesses."

A spokesman for the Sony Corp.-owned studio declined to say how many people were losing their jobs. The Technologies division handles the studio's technology policy and processes as they relate to creating content.


Sony Pictures is in the midst of an effort to reduce its overheard by $250 million. The studio, run by Chairman Michael Lynton and Co-Chairman Amy Pascal, has also hired consultancy Bain & Co. to examine the studio's expenditures, with the goal of at least $100 million more in cuts.


In recent months, studio executives including Marc Weinstock, the former head of domestic and international marketing, and Steve Elzer, the former senior vice president of media relations, have been let go.

Also laid off Wednesday was Mitch Singer, Sony Pictures' chief digital strategy officer, who spearheaded the studio's UltraViolet initiative, which gives consumers access to movies they've purchased across different devices.

http://www.latimes.com/entertainment/envelope/cotown/la-et-ct-sony-pictures-lays-off-employees-technology-group-20140122-story.html

In 2012 Sony laid off 10,000 people.


Security blogger Marc W. Rogers documents a number of other indications that North Korea was not involved.

“The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea,” Rogers explains. “Not least because they don’t speak traditional ‘Korean’ in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult.”

Additionally, the broken English used “looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in ‘Konglish’. i.e it reads to me like an English speaker pretending to be bad at writing English.”

Rogers also explains how the hacker’s familiarity with the infrastructure clearly points to an insider being responsible.

“It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords,” Rogers notes. “While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider.”

Indeed, Sony executives themselves are convinced that the hack was an inside job. “We’re told the people at Sony who are investigating believe the hackers had intimate knowledge of mail systems and their configurations,” reports TMZ. “They also believe the hackers have knowledge of the internal media distribution systems and the internal IT systems, including human resources and payroll.”


http://marcrogers.org/2014/12/18/why-the-sony-hack-is-unlikely-to-be-the-work-of-north-korea/


http://www.ibtimes.co.uk/north-korea-didnt-hack-sony-pictures-who-hell-did-1480082

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ichingcarpenter (Reply #6)

Sun Dec 21, 2014, 05:07 AM

9. This make the most sense!nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to newfie11 (Reply #9)

Sun Dec 21, 2014, 05:51 AM

11. The Hackers called themselves the GOP

Guardians of Peace........no sense of humor there.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ichingcarpenter (Reply #6)

Sun Dec 21, 2014, 05:21 AM

10. This is a good one too

The Evidence That North Korea Hacked Sony Is Flimsy

1 The New York Times reported this evening that North Korea is “centrally involved” in the hack, citing unnamed U.S. intelligence officials. It’s unclear from the Times report what “centrally involved” means and whether the intelligence officials are saying the hackers were state-sponsored or actually agents of the state. The Times also notes that “It is not clear how the United States came to its determination that the North Korean regime played a central role in the Sony attacks.” The public evidence pointing at the Hermit Kingdom is flimsy.

Other theories of attribution focus on hacktivists—motivated by ideology, politics or something else—or disgruntled insiders who stole the data on their own or assisted outsiders in gaining access to it. Recently, the finger has pointed at China.

In the service of unraveling the attribution mess, we examined the known evidence for and against North Korea.
Attribution Is Difficult If Not Impossible

First off, we have to say that attribution in breaches is difficult. Assertions about who is behind any attack should be treated with a hefty dose of skepticism. Skilled hackers use proxy machines and false IP addresses to cover their tracks or plant false clues inside their malware to throw investigators off their trail. When hackers are identified and apprehended, it’s generally because they’ve made mistakes or because a cohort got arrested and turned informant.

Nation-state attacks often can be distinguished by their level of sophistication and modus operandi, but attribution is no less difficult. It’s easy for attackers to plant false flags that point to North Korea or another nation as the culprit. And even when an attack appears to be nation-state, it can be difficult to know if the hackers are mercenaries acting alone or with state sponsorship—some hackers work freelance and get paid by a state only when they get access to an important system or useful intelligence; others work directly for a state or military. Then there are hacktivists, who can be confused with state actors because their geopolitical interests and motives jibe with a state’s interests.

<snip>

Sony and FBI Deny Connection to North Korea

First of all, Sony and the FBI have announced that they’ve found no evidence so far to tie North Korea to the attack. 2 New reports, however, indicate that intelligence officials who are not permitted to speak on the record have concluded that the North Koreans are behind the hack. But they have provided no evidence to support this and without knowing even what agency the officials belong to, it’s difficult to know what to make of the claim. And we should point out that intelligence agencies and government officials have jumped to hasty conclusions or misled the public in the past because it was politically expedient.

http://www.wired.com/2014/12/evidence-of-north-korea-hack-is-thin/

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ichingcarpenter (Reply #6)

Sun Dec 21, 2014, 08:12 AM

13. good one...nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 04:41 AM

7. If North Korea didn't do it, then the real hackers would be crucified.

 

You don't piss off that many rich and powerful people only to have the government pin your crime on a regime that can't really be punished much more than we've already punished them.

It's cute that Internet detectives want to chime in with their own seen-too-many-cheesy-thriller-movies theories, but we have professionals for that.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ykcutnek (Reply #7)

Sun Dec 21, 2014, 05:03 AM

8. So far no one is proven guilty for that

Personally I acknowledge possible suspects include North Korea, North Korean supporters based in China, or someone with other motives.

I don't know if you consider me one of those internet detectives but I find opinions from people who know what they're talking about interesting. None of it means NK didn't do it, however.

Blogger Marc Rogers drills down into the details of this particular hack.

He concludes that the fact that the code was written on a PC with Korean locale and language actually makes it less likely North Korea is the source.

He points out that they do not speak traditional Korean in North Korea, they speak their own dialect and traditional Korean is forbidden.

"Let's not forget also that it is trivial to change the language/locale of a computer before compiling code on it," he writes.

He also points out that the the hackers are very net and social-media savvy. "That and the sophistication of the operation, do not match with the profile of the DPRK (Democratic People's Republic of Korea)."

But perhaps his most compelling piece of evidence is the fact that the attackers only latched onto The Interview connection after the media suggested that North Korea might be linked to the attack.

<snip>

When the hack was first reported there was little to suggest a monetary motive but actually the hackers emailed five top Sony Pictures executives on November 21, days before they began leaking the files, and demanded money.

Sean Sullivan, a senior researcher at security company F-Secure, believes extortion could be the motive behind the hack.

"That is a lot more credible than a nation state," he told the BBC.

For him, the real test will be what the hackers do next.

If the pulling of The Interview was their primary motive, things should quieten down but if there are more data dumps, then he thinks everyone should pretty much dismiss North Korea as the source.

<snip>

http://www.bbc.com/news/technology-30530361

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ykcutnek (Reply #7)

Sun Dec 21, 2014, 08:14 AM

14. You mean like the hackers who owned the payment system at target?

The ones that still haven't been caught.

Seems not everyone gets crucified. Some people are good at what they do and that includes setting up patsies.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Jesus Malverde (Reply #14)

Sun Dec 21, 2014, 08:19 AM

16. Who could forget the billions hacked as well

It claimed the stolen information came from more than 420,000 websites, including "many leaders in virtually all industries across the world".

http://www.bbc.com/news/technology-28654613

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Reply #16)

Sun Dec 21, 2014, 08:31 AM

17. Or those who wrote and delivered the stuxnet virus.

Part of the problem is this stuff is technical and those who have no technical background are easily misled.



Who will benefit most from this hack? Thats likely the party that did it.

[Flashback] Dec. 3, 2014 - 03:45AM McCain Ready To Tackle Cyber Threats
http://www.defensenews.com/article/20141203/CONGRESSWATCH/312030041/McCain-Ready-Tackle-Cyber-Threats-Cost-Plus-Contracts-SASC-Chairman

[Flashback] 9 Jun '12, 1am Sen. McCain on Offensive Cyber Warfare
http://newsmilitary.com/pages/4706958-sen-mccain-offensive-cyber-warfare

John McCain Rips Sony ‘Interview’ Cancellation As ‘Troubling Precedent’
http://www.thewrap.com/john-mccain-rips-sony-interview-cancellation-as-troubling-precedent/


INFILTRATION. SABOTAGE. MAYHEM. FOR YEARS, FOUR-STAR GENERAL KEITH ALEXANDER HAS BEEN BUILDING A SECRET ARMY CAPABLE OF LAUNCHING DEVASTATING CYBERATTACKS. NOW IT’S READY TO UNLEASH HELL.

http://www.wired.com/2013/06/general-keith-alexander-cyberwar/all/

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Jesus Malverde (Reply #14)

Sun Dec 21, 2014, 08:32 AM

18. Yeah, remember when

 

we had 24/7 cable news droning on about the Target or Home Depot (and many other huge data bases) attacks being "terrorism"? Neither do I. But those just stole the data of hundreds of millions of ordinary people so no biggie.

This story is bullshit and probably has something to do with the entertainment industry wanting access to peoples ISP info because of their never ending freak out over file sharing. Hell, the US government went to New Zealand to get Kim Dotcom for the entertainment industry.

Inside job with government involvement for powerful Hollywood moneybags.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Boreal (Reply #18)

Sun Dec 21, 2014, 08:34 AM

19. +1..nt



Jesus

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 06:00 AM

12. K&R

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 08:16 AM

15. Careful jon you might annoy the contingent who gets all their info from

the idiot box.

Skepticism in foreign affairs seems to be a third rail around here.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Jesus Malverde (Reply #15)

Sun Dec 21, 2014, 08:50 AM

21. They are blaming Snowden.

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #21)

Sun Dec 21, 2014, 08:51 AM

22. Your kidding me.



Jesus

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Jesus Malverde (Reply #22)

Sun Dec 21, 2014, 08:53 AM

23. Well it is a fucking joke

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #23)

Sun Dec 21, 2014, 08:57 AM

24. Its the same tired contingent of neocons and talking point parrots.



They don't bring much to the table but snark and in this case a whopper of a conspiracy theory.



Jesus

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #23)

Sun Dec 21, 2014, 10:46 AM

25. That was amusing

Had a damn fine chuckle with my morning coffee.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 11:16 AM

26. this is what i've been saying. "terrorists" at walt disney makes more sense than north korea.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 11:29 AM

27. I thought

they came to the Korean conclusion pretty fast, made me wonder...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 11:32 AM

28. Maybe North Korea just paid some pros. Maybe some disgruntled Sony employee ....

with access downloaded masses of material. Think Chelsea Manning.

and then sold it to North Korea.

or a combination of many of these elements.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to JonLP24 (Original post)

Sun Dec 21, 2014, 11:46 AM

29. The real reason the film was canceled

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread