FBI BLAMES NORTH KOREA

FOR THE SONY HACK
Reuters and Michael B Kelley
 
The FBI says that the agency "now has enough information to conclude that the North Korean government is responsible for" the Sony hack. From the statement: "As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions." The FBI notes that technical analysis "of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks." The agency "also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea.



For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack." Furthermore, the FBI says that "the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea." 'Chinese actors' Earlier Friday a US official said the US investigation into the hack of Sony's computer system has determined that North Korea was behind the operation with a possible Chinese link. The probe into the hack found North Korea was behind the incident and that there may be a Chinese link either through collaboration with Chinese actors or by using Chinese servers to mask the origination of the hack, the official said. The attack was "far more destructive than any seen before on American soil," intelligence officials have concluded, according to The New York Times.

 As far as US options in response, there are few immediate options, all of which come with risks. In any case, the best course may be through the Chinese government. "The only lever that I can see is China," Dave Aitel, a former NSA research scientist and CEO of the cybersecurity firm Immunity, told Business Insider in an interview. "And what you may see is that it comes out there were some Chinese resources involves in this, and then pressure them to get on board." One option is sanctions against the North Korean regime. But Pyongyang is already heavily sanctioned and additional measures would complicate relations with China. "The Obama administration has been reluctant to embrace " the sanctions approach, Associated Press reports. "The biggest impact would be felt by banks in China, complicating US efforts to curry better ties with Beijing." Another option is cyber retaliation. But that risks escalation. One proactive move the US should consider, Aitel told Business Insider earlier this week, is "declaring certain cyberattacks terrorist acts and the groups behind them terrorists," which would "set in motion a wider range of legal authority, US government/military resources, and international options." In any case, the US will need a new policy when it comes to cyberattacks by state-backed actors. "This is not something you say 'President Obama solved this tomorrow,'" Aitel said, noting that "deep down the policy engine of the US is very slow, and this case is very complex and has to do with China as well." If China is involved — as opposed to undefined "Chinese actors" — then pressuring Beijing becomes even more difficult. China routinely hacks US companies in search of intellectual property such as military technology and "to learn about how a company might approach negotiations with a Chinese company," according to FBI Director James Comey. "You have to a cyber policy [and] you have to get the Chinese on board with your policy," Aitel said. "We have to have very clear statement about what lines you cannot cross, and what we're going to do about it." The attack on Sony, more than three weeks ago, is the most destructive hacking of a company on U.S. soil, conducted by hackers calling themselves "Guardians of Peace." The November hack is the second major attack in which hackers targeted American corporate infrastructure on a large scale with the primary goal of destroying it (as opposed to stealing from it or spying on it). Dozens of terabytes of information were taken. Chaos has gripped the entertainment world as hackers dumped information online and news organizations scrambled to cover every possible angle.= Here's a roundup of some of the leaked information: A trove of emails from Snapchat CEO Evan Spiegel Some inappropriate comments about Barack Obama Actors' salaries for "American Hustle" Sony executive salaries Celebrity's aliases Snarky comments from the top about actor-comedian Kevin Hart A "21 Jump Street"-"Men In Black" crossover may be in the works Disney wants "Spider-Man" for their Marvel Universe Sony's troubled relationship with Adam Sandler Screener copies of upcoming Sony films have popped up online President Barack Obama was expected to address the issue at a 1:30 p.m. (13:30 EST) end-of-year news conference. Read more: http://www.businessinsider.com/us-official-north-korea-hacked-sony-and-china-may-have-helped-2014-12#ixzz3MMgSYrV8