Hacks & Hackers Archives

Hacks & Hackers

White House Backs Raft of New Cyber Security Laws

January 12, 2015 Paul Roberts

President Obama used a speech at the Federal Trade Commission on Monday to call for a raft of new laws and reforms that would protect the privacy and online security of U.S. citizens and corporations. Speaking at the FTC, President Obama highlighted a number of policies that he will propose in his State of the Union address to Congress. They include new laws aimed at endemic problems like identity theft and online tracking of consumer behavior. The visit was notable for being the first time a sitting President has visited the FTC in 80 years, since 1937 and the administration of Franklin D. Roosevelt. Obama, who has been highlighting issues and ideas he will unveil in his State of the Union Address, said the address is one of a series of talks he will give this week focused on computer and online privacy. The President said he will follow his speech aimed at […]

Sony: A Game Changer for Cyber Attribution

January 10, 2015 Paul Roberts

We’ve been writing a lot about the issue of cyber attribution in recent weeks, following the attack on Sony Pictures Entertainment in November. That incident has become something of a Rorschach Test for those in the information security field: revealing as much about the individual attempting to explain the Sony hack as about the attack itself. Rid and a Ph.D student, Ben Buchanan, have authored a paper in the Journal of Strategic Studies. In their paper, Rid and Buchanan note that one of the biggest challenges of cyber attribution: bridging the technical and political or cultural issues that often surround cyber attribution. As Rid notes: the individuals doing the basic forensic work on the incident may not have a grasp of the larger cultural or political issues at play. That’s a dynamic we’ve seen at play (in spades) in recent news about the hack of Sony Pictures. In this podcast, Rid […]

FBI Director: Sloppy Sony Hackers Exposed North Korea

January 8, 2015 Paul Roberts

The Director of the FBI James Comey offered his most direct retort to date to those who doubt the Bureau’s case against the Democratic Peoples Republic of Korea (DPRK), saying that the hackers who pillaged Sony Pictures Entertainment were “sloppy” and revealed the source of the attack – IP addresses linked to the reclusive government, Ars Technica reports. Comey was speaking at ICCS, the International Conference on Cyber Security in New York City on Wednesday. He said that, while the Sony attackers largely concealed their identity by using proxy servers, on several occasions they “got sloppy” and connected directly to Sony’s network, revealing their own IP address in the process. Those slip-ups provided evidence linking North Korea to the attack on Sony’s network, he claimed. The IP address isn’t the only evidence, however. (Thankfully.) Comey also said that “analysts at the FBI found the patterns of writing and other identifying data […]

U.S. Sanctions 10 For Sony Hack, Keeps Mum on Evidence

January 2, 2015 Paul Roberts

As the New York Times reports, the Obama administration doubled down on its recent allegation that the Democratic Peoples Republic of North Korea (DPRK) was behind the hacking of Sony Pictures, announcing sanctions on 10 senior North Korean officials and several organizations in response to the incident. Paradoxically, the administration acknowledged that there is no evidence that the 10 officials took part in either ordering or planning the Sony attack. Instead, they described them as “central to a number of provocative actions against the United States,” the Times reported. Those ‘provocative actions’ were not described. The actions mirror the Administration’s controversial decision, in May, to charge five Chinese military officers in May, 2014, for their connection to computer hacking and cyber espionage campaigns directed at U.S. firms in the nuclear power, metals and solar products industries. In the case of the Chinese nationals, however, the FBI cited evidence linking the five military officers to […]

Two Step: FBI Says North Korea Acted Alone, Had Help

December 31, 2014 Paul Roberts

The official line on perhaps the biggest security story of the year shifted noticeably this week following a report by the security firm Norse Corp. that cast doubt on the official explanation of the devastating November hack: that it was a state-sponsored operation carried out by hackers working for the government of the Democratic Peoples Republic of Korea, or DPRK. Two reports in recent days – both citing officials close to the Sony hack investigation – suggest that the FBI believes – simultaneously – that the DPRK did not act alone and that it was the only actor responsible for the attack on Sony Pictures Entertainment.