Posted on 12/19/2014 9:04:38 AM PST by kristinn
Today, the FBI would like to provide an update on the status of our investigation into the cyber attack targeting Sony Pictures Entertainment (SPE). In late November, SPE confirmed that it was the victim of a cyber attack that destroyed systems and stole large quantities of personal and commercial data. A group calling itself the Guardians of Peace claimed responsibility for the attack and subsequently issued threats against SPE, its employees, and theaters that distribute its movies.
The FBI has determined that the intrusion into SPEs network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees personally identifiable information and confidential communications. The attacks also rendered thousands of SPEs computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the companys business operations.
After discovering the intrusion into its network, SPE requested the FBIs assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber attack. Sonys quick reporting facilitated the investigators ability to do their jobs, and ultimately to identify the source of these attacks.
As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Koreas attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Koreas actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attemptwhether through cyber-enabled means, threats of violence, or otherwiseto undermine the economic and social prosperity of our citizens.
The FBI stands ready to assist any U.S. company that is the victim of a destructive cyber attack or breach of confidential business information. Further, the FBI will continue to work closely with multiple departments and agencies as well as with domestic, foreign, and private sector partners who have played a critical role in our ability to trace this and other cyber threats to their source. Working together, the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests.
This could get real dicey...
RELEASE THE DAMN FILM!!!
Now, let's assume for the sake of argument that North Korea DOES have the infrastructure and intelligence to pull off the Sony Hacking.
Let's add to the argument that news broke today that North Korea has/had 5 crack-commando type squads in the U.S. in the 1990's to carry out attacks against our nuclear plants and to cause nuclear disaster on our own soil.
What does all this say about our abilities to defend our critical computing and infrastructure resources against countries like China and Russia who have REAL RESOURCES for these same types of attacks?
Now what are we going to do about it?
Nothing. Obama will be on TV shortly to apologize to NK for “past aggressions.”
You mount a 911 style attack and your asses are going back to the stone age.
Even if it is true (I just expressed my cynicism on another thread), isn’t it Sony’s responsibility to secure their computer network? And for their employees to just shut up about their personal snarky views online?
Dare the nuts to stop the release.
I hope this doesn’t hamper Obama’s vacation.. <sarc
Since North Korea has shown America is a useless Country I would literally cyber destroy the Country. Why the hell not. King Obama’s America is founded on communists and cowards.
This hack of Sony is awesome and a good thing.
Why, you say?
There are a finite number of ways to attack things, even computers. And the methods used tend to be derivative of one another, especially from groups like the Norks, China, and Pakistan.
So they used some very expensive and dangerous technology on a private company that made a movie mocking Kim Jong-un and his little limp penis.
Well, thanks!
We now know how this weapon works, can defend against it and variations of said weapon, and we will work to close this and similar vulnerabilities.
And we get the added benefit of reading emails (from fellow liberals) mocking Obama as a one-note bigot obsessed with race and find out the Angelina Jolie really is a no-talent bitch.
Sure beats them using this same tech to cause a nuclear meltdown or turning off the power during the Superbowl.
So anyway, thank you little fat Kim Jong-un for having such a fragile ego and limp penis that you were so bothered by a movie that you exposed years of espionage and probably billions of dollars of tech research to protect your vanity. Your fragile ego probably saved millions of lives!
So, Kim (may I call you Kimmy?) you did us a fantastic favor, and both amused us by your vanity and the fact that you exposed Hollyweirdos for what we thought they were.
Great job!
So we are blaming the victim now on FR? This could have been an electric company....or a major bank they shut down.
Does everyone take all of this at face value? The movie seems over-the-top ridiculous, a more professional version of the one that supposedly instigated Benghazi. We’ve got Obama-lover Clooney speaking out. We’ve got Krauthammer saying something like Americans are just going to have to tolerate NSA intrusion and trust they won’t overstep their bounds. I have no idea what really happened. I simply struggle to trust any of the parties involved here.
I don’t believe a word the federal government says. It lies about everything.
The last thing Kim Jong-Un remembers is visiting with Bill Cosby in his dressing room, before taking a sip of something and then blacking out...
I agree.. someone didn’t cover their tracks to well.
We are talking North Korea....this was done because Kim couldn’t take being mocked....its that simple...as someone just posted thank god the vane little bastard went after a movie and not the electric grid...or a nuke power plant.
If I have credit card info stolen, it's not the US govs responsibility to make things right, it's the company that was hacked. If the hackers broke the law doing that, it's a crime against the property stolen and the hackers.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.