Did North Korea Hack Sony? Some Experts Now Doubt the FBI's Story
That whole fracas over The Interview sure came and went, didn't it? After Sony was the victim of a large-scale hacking, and embarrassing executive emails were leaked alongside threats of violent retribution if the comedy film were to be released, it was quickly and sweepingly pulled from theaters. Then, just as quickly, it was back, after a little nudging from President Obama. But now a crucial assumption in the entire affair, backed up by the FBI, is being called into question — some experts now doubt North Korea really hacked Sony.
To be sure, if it actuality turns out that North Korea didn't have anything to do with the Sony hack, it'll be an embarrassing episode for the FBI, who announced as much back on Dec. 19. It was that finding which, to some extent, spurred President Obama's stern remarks on the matter, when he criticized Sony officials for caving to the ostensible North Korean pressure in his end-of-year press conference.
To say nothing of the considerable, pseudo-patriotic fervor the dustup caused. For a little while there, seeing The Interview, which has since been reviewed as a out-and-out flop (I haven't personally seen it, so I can't render judgment), was being portrayed as a vital act of resistance to a censorious tyrant.
At this point, however, the questions are beginning to mount, to some extent thanks to the patchy evidence the FBI has cited to support their conclusion — the use of a North Korean IP address, for example, in spite of the fact that IP addresses are well-known to able to run through different countries. Network security analyst Scott Petry raised this very objection to NPR Thursday.
The fact that data was relayed through IPs associated with North Korea is not a smoking gun. There are products today that will route traffic through IP addresses around the world. ... It's like saying 'my god, this bank robbery was conducted using a Kalashnikov rifle — it must be the Russians who did it!
The FBI also alleged that elements of the code used to hack Sony bore resemblances to past cyberattacks that have been blamed on North Korea. And of course, it's always possible that they're sitting on a more compelling piece of evidence. But analysis performed by the tech security company Norse backed up the notion that the hack couldn't be blamed on North Korea. The company's chief, Sam Glines, confirmed as much to CNN Saturday.
It's clear to us, based on both forensic and other evidence we've collected, that unequivocally they are not responsible for orchestrating or initiating the attack on Sony.
Gilnes specifically raised the possibility that an ex-Sony employee, named only as "Lena," stood out as one possible culprit — he claimed to CNN that the woman had links to the Guardians of Peace hacker group, and may have had high-level access to the very kinds of materials that the hackers eventually exposed.
Of course, that's still deeply speculative at this point. This story feels far from over, frankly, so it's worth taking things with a grain of salt, and a measure of hesitation. After all, if it turns out the FBI indeed wrongly pointed the finger at North Korea, all of us who took their announcement at face value will look rather silly, and it's worth learning a lesson from that.
Image: Getty Images