Friday, December 19, 2014

Some resources for trying to understand the SPE hack

If you're trying to make sense of it all, here are some fairly well-reasoned essays, from a variety of smart people:

  • North Korea and the attack on Sony Pictures Entertainment
    In HPSR Security Briefing Episode 16, we profiled North Korea’s cyber threat landscape, highlighting the regime’s known capabilities and deficiencies in cyberspace. In that report, we noted North Korea’s initial response to The Interview. Based on our previous research of North Korean cyber capabilities, it is difficult to discern whether the regime acted alone. It is plausible that the actors responsible for this attack relied on the assistance of an insider.
  • FBI: North Korea to Blame for Sony Hack
    While the United States government seems convinced by technical analysis and intelligence sources that the North Koreans were behind the attack, skeptics could be forgiven for having doubts about this conclusion. It is interesting to note that the attackers initially made no mention of The Interview, and instead demanded payment from Sony to forestall the release of sensitive corporate data. It wasn’t until well after the news media pounced on the idea that the attack was in apparent retribution for The Interview that we saw the attackers begin to mention the Sony movie.
  • Lessons from the Sony Hack
    This could be any of us. We have no choice but to entrust companies with our intimate conversations: on email, on Facebook, by text and so on. We have no choice but to entrust the retailers that we use with our financial details. And we have little choice but to use cloud services such as iCloud and Google Docs.
  • Did the DPRK Hack Sony?
    Drawing positive conclusions from the public evidence is incorrect. The NSA and the CIA may (or may not) have many other details they'll never disclose. The much-ballyhooed language setting, for example, is completely useless.
  • Why it's possible North Korea was behind the Sony hack
    NSA analysts might start with what’s known as “flow records,” which are very similar to Netflow. Each of these records details a communication between computers and the ports they used to initiate said communication. It might read something like this: "Computer A, port X sent K bytes of data to computer B, port Y between T0 and T1". Although flow records are the simplest data collected by the NSA’s wiretaps, it’s a powerful tool for tracking online activity.
  • What is happening?
    It's not about a movie or even Sony, at all. When you build a nuclear program, you have to explode at least one warhead so that other countries see that you can do it. The same is true with Cyber.
  • goodbye horses
    I suppose the more nuanced point Dave is trying to make, is not so much that this is an Act of War, or even that it should be. But more that this Sony thing is not about Sony, it's about the US necessarily having to prepare for a future where it will have to politically and publicly address and respond to a game that up until very recently, was only played in the shadows.

No comments:

Post a Comment