FBI Director James Comey, seemingly hell-bent on blaming North Korea for last year's cyberattack on Sony, made his case at a recent cybersecurity conference. Or did he? Many security researchers and experts still aren't fully convinced, saying the FBI ignores evidence that places blame for the incident away from North Korea.
In IT Blogwatch, bloggers remain skeptical.
Filling in for our humble blogwatcher Richi Jennings, is a humbler Stephen Glasskeys.
Grant Gross leaves footprints in the sand:
North Korean hackers left footprints when they breached Sony Pictures Entertainment late last year, the director of the FBI said Wednesday.
Despite some disagreement about the source of the cyberattack on Sony, FBI Director James Comey again pointed the finger at North Korea.
Comey declined to offer many details about how the FBI assigned blame to North Korea, saying investigators must protect their methods and sources. MORE
And Russell Brandom plays the blame game:
The FBI publicly attributed the Sony hack to North Korea last month, based on similarities...to previous attacks that had been attributed to North Korea. ... In the wake of the announcement, many have criticized the bureau's public evidence as flimsy, while others have questioned whether the FBI simply got the attribution wrong.
Still, Comey and others seem determined to hold North Korea accountable for the attack on Sony. MORE
Shielding his eyes, Lorenzo Franceschi-Bicchierai sees people exposing themselves:
Hackers often use proxies to hide their real Internet addresses. In this case, the hackers behind the attack "got sloppy" at times and exposed IP addresses used "exclusively" by North Korea, according to [Comey.] MORE
Jonathan Vanian examines forensic evidence:
This will undoubtedly not please the security experts who have been raising concerns about the U.S. government's story...claiming the little evidence the FBI has shown so far does not prove its case. Security firm Norse Corp. recently showed the FBI its own forensics on the Sony hack, which the FBI reportedly brushed aside.
Again, this seems to be a "take us at our word" situation with the FBI holding the details, [releasing occasional nuggets] to appease naysayers. MORE
So, Andy Greenberg signs a petition:
Following [Comey's] elliptical statements, the cybersecurity community demanded more information be released to prove North Korea's involvement. ... Well-known security blogger Bruce Schneier has compared the FBI's "trust us" mentality to the claims of the Bush administration about Saddam Hussein's nonexistent weapons of mass destruction in the run-up to the Iraq War. MORE
Meanwhile, Dan Gillmor still isn't convinced:
It's still "trust us" from feds regarding their pronouncement that North Korea hacked Sony MORE
You have been reading IT Blogwatch by Richi Jennings and Stephen Glasskeys, who curate the best bloggy bits, finest forums, and weirdest websites…so you don't have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or firstname.lastname@example.org. Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.