North Korea and cyberterrorists won big in Sony hack, researcher says

It looks like the great cyber-war with North Korea has begun, at least by proxy. The entirety of North Korea was knocked off-line today by a distributed denial of service attack—not a difficult feat, considering that all of North Korea is connected to the global Internet by a single connection. And while Americans are undoubtedly carrying out the attacks, it’s doubtful that they are taking direction from the government at this point (unless you think Anonymous and Lizard Squad are directed by the National Security Agency).

It’s an interesting dichotomy, because the evidence presented thus far by the US government that North Korea is indeed responsible for the attack is extremely weak. None of the Internet Protocol addresses embedded in the malware used in the attack were in North Korea, and most of them were exploited systems that could have been (and probably were) used by any number of cybercriminals and black hat hackers. All of the IP addresses were clearly acting as proxy servers, and some were used for spam and malware distribution.

Only the similarity to other attacks that were apparently launched by North Korea, the apparent motive, and Occam's Razor suggest that the Guardians of Peace were in the employ of the Democratic People’s Republic of Korea, rather than some random group of laid-off employees or supporters of Kim Dotcom. But if what was done to Sony Pictures Entertainment was in fact North Korean directed cyber-terrorism, it was extremely effective.

Read 17 remaining paragraphs | Comments