Toronto Mike

The Sony Hack and North Korea

You've likely heard that North Korea hacked and threatened Sony because of The Interview, a Seth Rogen and James Franco comedy that was due to be released later this month.  It's all over the place, but I don't believe that's what's happened here.

Yes, I believe Sony was hacked. By the sounds of it, they were super hacked, if that's a thing. 100 terabytes of data has been stolen from Sony servers, but I don't believe North Korea is behind that and I don't believe it had anything to do with The Interview.

Here's a good timeline of events. You'll see this all started on November 24. There was absolutely no link made between the cyber attack and The Interview until Sony Pictures made the inference in a report five days later.

Marc Rogers, a whitehat hacker and security evangelist, explains why this most likely has nothing to do with North Korea. He points to the broken English that "reads to me like an English speaker pretending to be bad at writing English" and the changing of language/locale of the computer before compiling the code. He makes a compelling argument, and combined with what we know about North Korean computing, it seems rather unlikely that North Korea could pull this off.

Then, there's this:

It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as.
Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless. Likewise, I find it hard to believe that a “Nation State” which lives by propaganda would be so willing to just throw away such an unprecedented level of access to the beating heart of Hollywood itself.

But what about Sony's claim, soon to be supported by the United States government, that North Korea is behind these attacks in an effort to stop The Interview from being released? Sorry, but that's far too convenient for everyone involved.

Sony is under immense scrutiny for their massive security failure, and blaming North Korea is the easiest way out for management. Tying this threat to North Korea also helps with the US political agenda. Everybody wins with this convenient spin.

And meanwhile, there's this lousy* comedy that was sure to be a dog with fleas and is suddenly the water cooler topic of the day. At some point, Sony can release The Interview and it will become an American's patriotic duty to see it.  Talk about taking very sour lemons and making lemonade!

interview

To summarize, I believe the hack was real, but it had nothing to do with The Interview and North Korea is not behind it. I'm basing this on everything I've read on the subject, and we'll see if I'm right.

Meanwhile, Sony is fucked. Security matters, and they just found out the hard way.  What do you think of this developing story?

* I haven't seen this movie, and cannot confirm it's lousy, but I did see an account from one person who saw a screening who thought it was "lousy", but maybe that person thought Airplane was lousy.

Author image
About Toronto Mike
Toronto
I own TMDS and host Toronto MIke'd. Become a Patron.