Expert: Sony Hack Most Likely An Inside Job
[su_right_ad]It wasn’t North Korea that hacked Sony, says Marc Rogers at The Daily Beast, but rather the work of a disgruntled former employee.
I may be biased, but, as the director of security operations for DEF CON, the world’s largest hacker conference, and the principal security researcher for the world’s leading mobile security company, Cloudflare, I think I am worth hearing out…
The first piece of evidence described in the FBI bulletin refers to the malware found while examining the Sony Picture’s network after the hack…
This may be the case—but it is not remotely plausible evidence that this attack was therefore orchestrated by North Korea.
What they are saying is that the Internet addresses found after the Sony Picture attack are “known” addresses that had previously been used by North Korea in other cyberattacks.
To cyber security experts, the naivety of this statement beggars belief. Note to the FBI: Just because a system with a particular IP address was used for cybercrime doesn’t mean that from now on every time you see that IP address you can link it to cybercrime. Plus, while sometimes IPs can be “permanent”, at other times IPs last just a few seconds.
It isn’t the IP address that the FBI should be paying attention to. Rather it’s the server or service that’s behind it.[su_csky_ad]