"... Like the neocons who were desperate for a pretext to invade Iraq, the Obamaites have an agenda of their own: targeting North Korea and citing the alleged threat of a 'cybernetic Pearl Harbor' in order to gin up public support for 'cyber-security' legislation that would give the government greater power to regulate the Internet as a 'public utility.' They’ve been agitating for this for quite a while and clearly see the Sony hack as their doorway to success. ..."
The Sony Hack Fraud
A classic case of confirmation bias
... A rising chorus of independent cyber-security professionals are virtually unanimous in the opinion that the Obama administration muffed it. The North Koreans, they say, didn’t hack Sony – and our "retaliation" is looking more and more like unprovoked aggression. As [computer security expert Jeffrey] Carr writes:
"Under international law, ‘the fact that a cyber operation has been routed via the cyber infrastructure located in a State is not sufficient evidence for attributing the operation to that State’ (Rule 8, The Tallinn Manual). The White House must responsibly evaluate other options, such as this one, before taking action against another nation state. If it takes such action, and is proved wrong later, which it almost certainly will be, the reputation of the U.S. government and the intelligence agencies which serve it will be harmed."
Eviscerated is more like it.
So, if it wasn’t the North Koreans, then who are the hackers – and what was their motive? Marc Rogers, principal security researcher at Cloudflare, gave us a clue early on:
"Hard-coded paths and passwords in the malware make it clear that whoever wrote the code had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s (just) plausible that a North Korean elite cyber unit could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of a pissed-off insider. Combine that with the details of several layoffs that Sony was planning and you don’t have to stretch the imagination too far to consider that a disgruntled Sony employee might be at the heart of it all."
It looks like Rogers was right on the money. An independent investigation carried out by Norse Security, a respected Silicon Valley company, came up with what they regard as conclusive evidence as to the identity of at least one of the hackers – a ten-year Sony employee with major technical skills who was recently laid off, a woman called "Lena" in news accounts. According to Norse Vice President Kurt Stammberger, the group consists of six people residing in Thailand, Canada, Singapore, and the US. How did Norse arrive at this conclusion? As a writer for Slashdot put it: "
"Rather than starting from the premise that the Sony hack was a state sponsored attack, Norse researchers worked their investigation like any other criminal matter: starting by looking for individuals with the ‘means and motive’ to do the attack."
The hackers, it seems, outed themselves when they released that massive data dump, which included files from Sony’s human resources department. Last spring Sony fired an awful lot of people – and the Norse team traced their virtual footprints. The culprits had an intimate knowledge of the structure of Sony’s computer system, and this was therefore the logical place to look. Norse uncovered posts on social media where ex-employees vented their anger at being let go, and uncovered Internet Relay Chat forums where these disgruntled types got in touch with known hackers – including one person linked to a server on which the original version of the malware had been constructed in the summer of this year.
The Norse team has met with the FBI and presented their findings, but the feds don’t seem too interested. They are sticking by their totally debunked story, at least so far. Just like the neocons who maintain to this day that Saddam Hussein really did have those "weapons of mass destruction" – and that we were right to invade Iraq and murder more than half a million Iraqis in cold blood.
Indeed, the Obama administration’s absurd "investigation" seems to have been modeled on the Bush administration’s propaganda campaign in the run up to the Iraq war, in which every possible bit of pseudo-"evidence" was twisted to conclude that Saddam Hussein was building "weapons of mass destruction." Starting with apreordained conclusion, they proceeded to construct a case based on factoids that seemed to confirm it.
Like the neocons who were desperate for a pretext to invade Iraq, the Obamaites have an agenda of their own: targeting North Korea and citing the alleged threat of a "cybernetic Pearl Harbor" in order to gin up public support for "cyber-security" legislation that would give the government greater power to regulate the Internet as a "public utility." They’ve been agitating for this for quite a while and clearly see the Sony hack as their doorway to success.
Can the Obama administration "stay the course," as the Bushies used to say, and ignore the rising tide of skepticism? We’ll see. I somehow don’t think they’ll be backing down and offering that apology demanded by Kim Jong-un.
In any case, the lessons of the Sony hack harken back to basic libertarian principles:
1) Never take the government’s word for anything – they always have an agenda and will make up "facts" to fit the occasion.
2) The private sector is invariably more efficient than the public sector – the government’s phony investigation was and is bullshit, while it took independent Internet entrepreneurs to uncover the truth.
3) Government-connected companies are just as bad as the government itself – as Jeffrey Carr puts it:
"Federal agencies’ demand for cyber threat intelligence is voracious and they pay well. That demand is frequently met by companies like Mandiant, now part of FireEye – the company handling Sony’s incident response. The problem is that these companies have no oversight and no standardized vetting of sources."
I wrote about Mandiant and the great "cyber-war" scam here, but there’s another angle not mentioned by Carr: the enormous amount of government money that goes into "cyber-security" is incentive for these companies to tell the feds only what they want to hear. The result is an echo chamber effect that blinds both parties to reality.
Which brings us back to the Iraq model and the causes of the “intelligence failure” that enabled the neocons to lie us into war. The simple fact of the matter is that our rulers aren’t interested in the truth because they believe they can create their own reality. As one top Bush administration official told journalist Ron Suskind during the run-up to the war:
"The aide said that guys like me were ‘in what we call the reality-based community,’ which he defined as people who ‘believe that solutions emerge from your judicious study of discernible reality.’ … ‘That’s not the way the world really works anymore,’ he continued. ‘We’re an empire now, and when we act, we create our own reality. And while you’re studying that reality – judiciously, as you will – we’ll act again, creating other new realities, which you can study too, and that’s how things will sort out. We’re history’s actors…and you, all of you, will be left to just study what we do.’"
This is precisely what the "mainstream" media has been doing all throughout this episode: studying the pronouncements of government officials and relaying this new "reality" to the American people with the kind of shameful subservience once only found in totalitarian countries. The result is that even if the government’s narrative is definitively debunked, the average person – who isn’t following this story as closely as the computer experts – will continue to believe Sony was hacked by those evil North Koreans, and that we have to take "defensive" measures like bringing down Pyongyang’s Internet and empowering the government to regulate the online world. As George W. Bush once put it: Mission accomplished.