General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsDid the FBI Put Millions of Lives at Risk? - FBI May Have Misled President About Sony Hack
Did the FBI Put Millions of Lives at Risk?
by BooMan
Sun Dec 28th, 2014 at 09:03:58 AM EST
According to CNN, the FBI may have misled the president about who was responsible for hacking into Sonys computers:
But when its propagandists say it did not hack Sony Pictures before the original release date of the flick that satirizes dictator Kim Jong-un, they might just be telling the truth.
Some U.S. cyber experts say the evidence the FBI has presented to attempt to incriminate hackers working for the communist regime is not enough to pin the blame on Pyongyang.
Its clear to us, based on both forensic and other evidence weve collected, that unequivocally they are not responsible for orchestrating or initiating the attack on Sony, said Sam Glines, who runs the cybersecurity company Norse.
The FBI has said that code in the malware used by a group called Guardians of Peace (GoP) in the attack on Sony is similar to code used by North Korea in other attacks.
But that code was leaked a long time ago, experts say. Any hacker anywhere in the world could have used it.
.....a few rather important facts:
1. Has nuclear weapons.
2. Has a leader who appears to be insane.
3. Has a paranoid and bellicose military.
4. Patrols a Demilitarized Zone that separates it from tens of thousands of American soldiers.
5. Has a war doctrine that depends on attacking first and destroying Seoul, the capital of South Korea with a population of ten million people.
Under these circumstances, it would seem just a tad irresponsible to wrongly accuse the North Koreans of committing a cyberattack and then to knock out their ears and eyes so that they cannot know if they are about to experience a military invasion. Something like that could lead the North Koreans to panic and launch an attack of their own, possibly including a nuclear weapon.
If the FBI misinformed the president about the strength of their evidence, they just risked getting hundreds of thousands if not millions of people killed.
MORE:
http://www.boomantribune.com/story/2014/12/28/9358/9855
Agschmid
(28,749 posts)randys1
(16,286 posts)Octafish
(55,745 posts)Lickety split.
The CNN article really only quotes one source though, Norse security, which may just be trying to get their name in the press. The FBI/NSA has resources and access to classified intel that this company doesn't. The government is in a tough spot. Everyone is obviously skeptical because of the WMD debacle years ago. That said, any evidence the government gives to quell this skepticism could reveal sources, methods, and capabilities that should not be in the public sphere. Tough call.
daredtowork
(3,732 posts)Most seem to think it had to be at least in part an inside job planned over a long period of time.
And also this linguistic analysis of the emails which suggests some of the hackers are Russian:
http://www.nydailynews.com/theory-emerges-sony-hacking-suggesting-russian-hackers-article-1.2057181
If they are just analyzing the emails, though, it could just mean the data was sold to the Russians after it was stolen.
daredtowork
(3,732 posts)Did the FBI, or any force behind the FBI, mislead the President on purpose?
I've been posting on DU all weekend about the current "cyber activities" going on, particularly the trans-national complexity of it. A "Cold War" response is inappropriate. The reason I've been posting about it is my older acquaintances seemed to have complete buy in that Obama was behind the "retaliation" that took down North Korea's Internet. (Which happened to go down a second time in the course of the Anonymous vs. Lizard Squad/Anonymous vs. Sony Pictures events yesterday).
Just to give a whiff of the complexity, Anonymous itself is made up of lots of groups with different, often conflicting agendas. Right now Anonymous Protection is helping to restore Sony Playstations (which they got no credit for in the media, though they seemed to be doing most of the work) while Anonymous hacktivists were going after Sony Pictures for implicating North Korea in the Sony hacking.
Another branch of Anonymous claimed to leak 13,000 passwords last week - apparently just to punk the mainstream media (the media is still reporting it). http://www.databreaches.net/verifying-leaks-uncovers-fake-leaks/
Watching Anonymous vs. Lizard Squad (targeted for threatening Tor, and thus threatening worldwide Internet privacy) over the last 48 hours has been fascinating to say the least. This has not just been Anonymous taking down Lizard Squad web sites, outing and disabling their botnet, and doxxing their members. Real world arrests are being made:
http://www.dailymail.co.uk/news/article-2889080/I-wonder-ll-end-jail-representing-lizardsquad-Fears-Briton-named-Xbox-hacker-ruined-Christmas.html
I had a feeling when I was posting my articles that people on DU would wonder what the "big whup" was. Your OP is it. There are interests who will try to exploit the situation. When North Korea's Internet went down and Obama just left the idea we would "respond proportionally" on the table - that was exploiting an underlying situation that most people don't have any insight into at all.
My other DU posts on this:
http://www.democraticunderground.com/10026008877
http://www.democraticunderground.com/10026010751
http://www.democraticunderground.com/10026012429
dawg
(10,624 posts)PSPS
(13,593 posts)What evidence is there that this data theft was performed through the use of malware? Rather, given the often-quoted figure of "terabytes of data," I presume this was done on premises using portable hard drives (i.e., "disgruntled employee." Five terabytes would take almost two months to transfer over a 10 MBps internet connection and would almost certainly be detected.