Well, it did, but now it looks like North Korea's internet might be getting DDOSed. Interesting timing, given recent hacking by North Korea.
Also, a little troubling, if it’s a case of cyberwarfare. That can go both ways, you know, and a lot of countries, including small angry countries with a grudge against the US, have brilliant people who can do maliciously wicked things with computers.
I predict a surge of support for students interested in careers in computer security…
I wonder if an escalating computer hacking war might have the unintended consequence of minimizing North Korea’s access to the internet … or increasing such access. That second one is likely to have wide-ranging effects in a totalitarian system which needs to control information.
It could therefore play out negatively, very negatively, or positively. Or fizzle. I predict this.
Sastra @1,
You may be onto something. Perhaps it would be more effective to destabilize North Korea by finding a way to give their people more communications access to the outside world, rather than less.
PZ, in the OP
Maybe this can end the fad for the medical variety of criminal forensics TV shows and college courses.
I understand they have all of 1024 IP addresses.
Bearing in mind that it’s not been proven that North Korea was even behind the hacking of Sony, and in fact they have denied it. We’re basically taking the word of the folks behind NSA spying, CIA torture, and ongoing drone strikes against innocent brownish people.
On the whole, I can’t decide whose word is more credible–those guys’, or the North Koreans’.
I like The Register’s take on this (starting with their headline)… They point out that, depending on how good the controls on their border router are, anybody with a credit card could buy enough botnet time to take down the internet in to and out of North Korea. (And, one suspects, enough expertise to launch the attack for a modest surcharge.)
Gee, somebody wants to make it hard for the communist party members to download South Korean/Chinese soap operas from the internet. The real question is “why?”
Yes. Let’s all blindly trust the U.S. intelligence community and media about this. Their track record on informing us about the actions of demonized countries is spotless.
Read this and think, people!
https://www.schneier.com/blog/archives/2014/12/reacting_to_the.html
CSI:Cyber, coming March 4, 2015
(no, seriously)
Like Law and Order, the franchise will not die.
Well, if the series is as excruciatingly awful as the backdoor pilot episode, I’d be surprised if it lasts more than one season.
… of course, Scorpion’s putting up great numbers and that’s unwatchable, so who the hell knows.
Regarding the NK internet outage; As noted by whheydt, it doesn’t take much to knock North Korea offline, so it may not even have anything to do with the US. Anonymous apparently threatened retaliation at the weekend and seem to be taking credit under the #OpRIPNK hashtag.
PZ concluded:
I predict a surge of support for students interested in careers in computer security…
Actually, the SANS organization has been trying to promote this for quite some time. But I don’t think that this particular hack will do much in this direction. And Sony itself has been a victim of a major hack before, and they didn’t learn anything from that!
I’m sure that Marcus Raman, who comments here often, can provide more details.
George
I guess we’re in the farce part of the tragedy-farce cycle right now.
I haven’t tracked this story at all. From what I gather, the DPRK released sensitive internal data from Sony and threatened to release more. Then, when that didn’t appear to be sufficient, they threatened murder and mayhem. At some point Sony did determine that they wanted to pull the film – I’m not sure if that was about fear of more sensitive data releases or fear of releasing the movie and having no one go b/c of threats of violence (or, worse, having people go and having violence actually happen).
Cue the right wing going nuts about how a Japanese company isn’t “really American” b/cuz no US citizen has ever capitulated to blackmailers, or something.
While I’m not keen on cyber warfare – or any kind of warfare – a “proportionate” response would be to hack the DPRK(/real culprit) and spill DPRK(/real culprit) e-mails onto the internet.
If Jong Un ends up looking like an idiot in his e-mails, or this or that official appears corrupt, hey, cyber-blackmail works 2 directions.
But downing the internet? That’s not only far from proportionate, that’s idiocy: we want to increase the exchange of information both within the DPRK and through DPRK’s borders. This tactic is a torrent of stupid, in that the result merely inconveniences a few elites who are going to have pirated Blu-Rays and whatnot, and thus not need to use the internet to get their entertainment as a side effect of killing information flow to, from, and within the DPRK for all those people with enough education to critically evaluate and make leveraged use of such information.
One truly hopes the US government isn’t so stupid, and that this is instead a “brilliant” revenge plan concocted by teenagers who happen to be both Rogen fans and members of Anonymous.
We don’t know who is behind this hack. The data that’s been released that supposedly links the attack to North Korea is not conclusive. Remember: you’re trusting the same people that told you about WMDs in Iraq.
Some years ago, we learned (with some incredulity) that the Irakian army, under Saddam Hussein, was “the fourth army in the world”, and a formidable opponent.
Not long after that, the Irakian army collapsed ompletely.
Now we’re being told that North Korea is the country of expert Net hackers, who can steal ultra-secret data from the depths of any server on earth.
Yeah, right.
It really was the fourth-biggest army in the world. That just turned out not to mean much in practice.
There is never 100% accurate attribution. In this case the North Koreans have effectively claimed responsibility when they threatened further document dumps if Sony releases the film.
The only open question was whether the attack was also by North Korea. The FBI says there are similarities and they have more data available than we do.
I remember when I told people that my company had been hacked by Iran there was mostly skepticism. A few months later there was a far more significant attack that nobody disputes was from Iran.
Don’t take this as scaremongering, take it as an indication we should shut down the NSA cyber attack capabilities and reassign those people to defending their country rather than attacking others. Unfortunately the ‘defence’ department does not do defence and they spend their time sabotaging those of us who do.
North Korea only has an Internet because Kim Jong Un won’t drop his CompuServe subscription.
http://www.msnbc.com/rachel-maddow-show/the-interview-back
So, the movie “The Interview” is back, sort of.
Like others upthread, I am not convinced that the origin of the Sony hack has been definitively proven. Nor do we know who or what took down the North Korean internet service.
They threatened a physical attack, not a document dump. North Korea is officially denying having a role in the attack. The threat to leak more documents came through the same channels as the initial threats. We don’t know who made the threats or leaked the documents, and the reporting on this has been terrible.
I remember one analyst’s comment during the Gulf War: “The army of Iraq went from being the 4th largest army in the world to the 2nd largest army in Iraq in a matter of hours”.
The FBI knows all about “false flag” operations. Remember, when they turned over AntiSec founder “Sabu” (Javier Monsegur) the FBI kept feeding ideas to AntiSec, including attacking Brazilian Police agencies and oil exploration firms. I find it extremely funny that the FBI is:
a) crying “foul”!
b) claiming to know anything about who is behind the attacks
c) acting as if they have any moral high ground; the US having sufficiently invited retaliation from Iran (for Stuxnet) and North Korea, Germany, Afghanistan, Pakistan, and other countries for its having the NSA penetrate virtually all of their diplomatic and telephony systems
More to the point, if you look at the commonalities the FBI is claiming between the Sony attacks and other North Korean attacks (which may not have been North Korean, really) the main commonalities are in the malware used and the disk wiping tool used — in that case, whoever was behind the “shamoon” attacks on Saudi Aramco (probably Israel or Iran) is a more likely suspect than North Korea.
But everyone is falling for the “look, nothing up my sleeve!” misdirection and ignoring the massive attacks on Sony that took place in 2011. That attack was most likely launched by sociopathic internet denizens as a revenge attack for bad ethics in gaming journalism, or something, and – similarly to this one – appeared to be mostly destruction for its own sake. The current attack shares some important commonalities with an Anonymous or LulzSec style attack:
– Damage for its own sake
– Grandiose pronouncements and childish graphics and organization names
– Files being published on pastebin just for the sake of doing damage
– Rapid adoption of new excused as they come along
Remember that the break-in had been in progress for about 3 days before it suddenly became about the silly movie, and only then after the media started speculating that it might be about the movie. The “state sponsored” angle appears to have been grafted on as the attacks continued. The Korean angle appears to have been grafted on, as well – whoever built the malware enabled the Korean language pack and some comments in the code that are Korean from Google Translate.
There is no indication of it being a sophisticated attack or an inside job; it appears the initial penetration was via an SQL injection attack (a basic but common mistake in web code) followed by straightforward privilege escalation which allowed the attackers to take control of a configuration management/antivirus management console and push out their messages. If it’s the North Korean Elite Unit 121 doing this, they’re about as sophisticated as your average slymepitter, and the North Korean government needs to get their money back.
In this case the North Koreans have effectively claimed responsibility when they threatened further document dumps if Sony releases the film.
It was the attackers who claimed that, not the NK government.
I predict a surge of support for students interested in careers in computer security…
Information security is a popular field; I think it’s really getting a bit out of hand – basic security stuff ought to be covered in the appropriate specialization(s): system administration, network management, programming. Really, most security ought to be a subset of system reliability – programmers should no more code buffer overflows and injection attacks in their applications than they should program input windows to accept “-1” when expecting a positive integer. It’s just such a new world (relatively speaking) that safety is only starting to become a serious issue. Humans aren’t very good at most of what we make until we’ve done a lot of crashing and burning and then decided to take it seriously.
There are many universities with security programs, CERIAS at Purdue is just one that springs to mind. And there are a lot of trade groups that offer various training (SANS, MISTI, Black Hat … ) including a lot of “how to be a penetration tester” stuff. By the way, whenever you hear the US Government complain about how many hackers the Chinese have trained, or the North Koreans have trained, bear in mind that the vast majority of trained hackers, excuse me, penetration testers, are in the US and have been through programs like SANS or some “ethical hacker” certification. In terms of number of script kiddies who can click “GO” on Nessus and then fire up metasploit, the US is – as so often with offensive techniques – #1. USA! USA!!!