North Korea

North Korea

N.S.A. Breached North Korean Networks Before Sony Attack – NY Times

The New York Times claims that the U.S. National Security Agency used intelligence gleaned from a clandestine operation to compromise North Korea’s cyber warfare unit to pin the blame for the Sony Pictures Entertainment hack on the reclusive Communist country. According to the story by David Sanger and Martin Fackler, the Obama Administration’s decision to quickly blame the hack on the DPRK grew out of a four year-old National Security Agency (NSA) program that compromise Chinese networks that connect North Korea to the outside world. The classified NSA program eventually placed malware that could track the internal workings of the computers and networks used by the North’s hackers and under the control of the Reconnaissance General Bureau, the North Korean intelligence unit, and Bureau 121, the North’s hacking unit, which mostly operates out of China. It has long been recognized that North Korea, which lacks a mature information technology infrastructure, does much of […]

Continue Reading

FBI Director: Sloppy Sony Hackers Exposed North Korea

The Director of the FBI James Comey offered his most direct retort to date to those who doubt the Bureau’s case against the Democratic Peoples Republic of Korea (DPRK), saying that the hackers who pillaged Sony Pictures Entertainment were “sloppy” and revealed the source of the attack – IP addresses linked to the reclusive government, Ars Technica reports. Comey was speaking at ICCS, the International Conference on Cyber Security in New York City on Wednesday. He said that, while the Sony attackers largely concealed their identity by using proxy servers, on several occasions they “got sloppy” and connected directly to Sony’s network, revealing their own IP address in the process. Those slip-ups provided evidence linking North Korea to the attack on Sony’s network, he claimed. The IP address isn’t the only evidence, however. (Thankfully.) Comey also said that “analysts at the FBI found the patterns of writing and other identifying data […]

Continue Reading
Obama Signing

U.S. Sanctions 10 For Sony Hack, Keeps Mum on Evidence

  As the New York Times reports, the Obama administration doubled down on its recent allegation that the Democratic Peoples Republic of North Korea (DPRK) was behind the hacking of Sony Pictures, announcing sanctions on 10 senior North Korean officials and several organizations in response to the incident. Paradoxically, the administration acknowledged that there is no evidence that the 10 officials took part in either ordering or planning the Sony attack. Instead, they described them as “central to a number of provocative actions against the United States,” the Times reported. Those ‘provocative actions’ were not described. The actions mirror the Administration’s controversial decision, in May, to charge five Chinese military officers in May, 2014, for their connection to computer hacking and cyber espionage campaigns directed at U.S. firms in the nuclear power, metals and solar products industries. In the case of the Chinese nationals, however, the FBI cited evidence linking the five military officers to […]

Continue Reading

New Clues In Sony Hack Point To Insiders, Away from DPRK

A strong counter-narrative to the official account of the hacking of Sony Pictures Entertainment has emerged in recent days, with the visage of the petulant North Korean dictator, Kim Jong Un, replaced by another, more familiar face: former Sony Pictures employees angry over their firing during a recent reorganization at the company. Researchers from the security firm Norse allege that their investigation of the hack of Sony has uncovered evidence that leads, decisively, away from North Korea as the source of the attack. Instead, the company alleges that a group of six individuals is behind the hack, at least one a former Sony Pictures Entertainment employee who worked in a technical role and had extensive knowledge of the company’s network and operations. [Read Security Ledger coverage of the hack of Sony Pictures Entertainment.] If true, the allegations by Norse deal a serious blow to the government’s account of the incident, which placed the blame squarely on […]

Continue Reading

Cyber Resilience? Sony Employees Back To Faxes and Face to Face

There’s a fascinating article on TechCrunch that cites a current (anonymous) Sony Pictures Entertainment employee talking about life at the company in the wake of a crippling November 24th cyber attack that wiped out thousands of computer systems and stole terabytes of data from the company. According to the story, Sony employees have resorted to using circa 1990s fax machines to transmit documents and – horror – having face to face communications in lieu of texting, e-mail or social networking, all of which are disabled within Sony’s environment. [Read more Security Ledger coverage of the Sony Pictures hack here.] “We had barely working email and no voicemail so people talked to each other,” the source tells TechCrunch. “Some people had to send faxes. They were dragging old printers out of storage to cut checks…It was crazy.” “That is what a major corporate security breach sounds like,” TechCrunch writes. “The squeal […]

Continue Reading
1 2 3 4