US Media Goes Into Overdrive Blaming North Korea for the Sony Hack: Is It Justified?

The US will sanction North Korea by an executive order signed by President Obama, which will target ten North Korean officials and three government entities. The sanctions are in response to the December hack on Sony that the US blamed on North Korea.

The White House Press Office has released the following statement:
The President issued an Executive Order (EO) authorizing additional sanctions on the Democratic People’s Republic of Korea. This EO is a response to the Government of North Korea’s ongoing provocative, destabilizing, and repressive actions and policies, particularly its destructive and coercive cyber attack on Sony Pictures Entertainment.

The EO authorizes the Secretary of the Treasury to impose sanctions on individuals and entities associated with the Government of North Korea. We take seriously North Korea’s attack that aimed to create destructive financial effects on a US company and to threaten artists and other individuals with the goal of restricting their right to free expression.

The identity of the Sony hackers is still unknown. Yet President Obama, in a December 19 press conference, announced: “We can confirm that North Korea engaged in this attack.” He then vowed: “We will respond…We cannot have a society in which some dictator some place can start imposing censorship here in the United States.”

The US Government’s campaign to blame North Korea actually began two days earlier, when The New York Times said, ‘American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North’s leader that is believed to have led to the cyberattack.

Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was debating whether to publicly accuse North Korea of what amounts to a cyberterrorism attack. Sony capitulated after the hackers threatened additional attacks, perhaps on theaters themselves, if the movie, “The Interview,” was released’.

With virtually no skepticism about the official accusation, reporters David Sanger and Nicole Perlroth at the International New York Times deemed the incident a “cyber terrorism attack” and devoted the bulk of the article to examining the retaliatory actions the government could take against the North Koreans.

Other than noting in passing, deep down in the story, that North Korea denied responsibility, not a shred of skepticism was included by Post reporters Drew Harwell and Ellen Nakashima. Like the NYT, the Washing Post devoted most of its discussion to the “retaliation” available to the US.

The NYT and Post engaged in this stenography in the face of numerous security experts loudly noting how sparse and unconvincing was the available evidence against North Korea. Kim Zetter in Wired - literally moments before the NYT laundered the accusation via anonymous officials - proclaimed the evidence of North Korea’s involvement “flimsy.” About the US government’s accusation in the NYT, she wisely wrote: “they have provided no evidence to support this and without knowing even what agency the officials belong to, it’s difficult to know what to make of the claim. And we should point out that intelligence agencies and government officials have jumped to hasty conclusions or misled the public in the past because it was politically expedient.”

Numerous cyber experts subsequently echoed the same sentiments. Yet none of this expert skepticism made its way into countless media accounts of the Sony hack. Time and again, many journalists mindlessly regurgitated the US Government’s accusation against North Korea without a shred of doubt, blindly assuming it to be true, and then discussing, often demanding, strong retaliation. Coverage of the episode was largely driven by the long-standing, central tenet of the establishment US media: government assertions are to be treated as Truth.

Unsurprisingly, the most egregious and darkly amusing “report” came from Vox‘s national security reporter Max Fisher. Writing on the day of Obama’s press conference, he announced that, “evidence that North Korea was responsible for the massive Sony hack is mounting…North Korea’s decision to hack Sony is being widely misconstrued as an expression of either the country’s insanity or of its outrage over The Interview.”

It’s tempting to say that the US media should have learned by now not to uncritically disseminate government claims, particularly when those claims can serve as a pretext for US aggression. But to say that, at this point, almost gives them too little credit. It assumes that they want to improve, but just haven’t yet come to understand what they’re doing wrong. But that’s deeply implausible. At this point - eleven years after the run-up to the Iraq War and 50 years after the Gulf of Tonkin fraud - any minimally sentient American knows full well that their government lies frequently. Any journalist understands full well that assuming government claims to be true, with no evidence, is the primary means by which US media outlets become tools of government propaganda.

However, cyber security experts are divided as to whether or not North Korea was truly behind the attacks with some of the most recent evidence pointing towards a disgruntled former Sony employee possibly having played a role in the hack.

Business Insider:      First Look:   NYT

 

« Malaysia Airlines flight MH370 theories: 17 possible explanations that could reveal fate of plane
Mass Surveillance: The Internet’s best engineers are fighting back »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

AdNovum Informatik

AdNovum Informatik

AdNovum Informatik provides a full set of IT services, ranging from consulting, the conception and implementation of customized business and security solutions to maintenance and support.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Myra Security

Myra Security

The fully automated Myra DDoS Protection reliably protects web applications, websites, DNS servers, and IT infrastructures.

Cynash

Cynash

Cynash specialize in Machine Learning and Artificial Intelligence systems development for cyber and cyber physical systems.

Culinda

Culinda

Culinda secures medical IoT devices in hospitals with An Artificial Intelligence platform and security gateway.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

OAS Chain

OAS Chain

OAS Blockchain Renaissance Project presents three platforms that address the major challenges of public blockchain, private blockchain, and IoT security.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

Hackinsure

Hackinsure

Front Row Insurance’s Hackinsure provides protection against online hazards including Cyber Liability, Theft & Fraud, Business Interruption, Extortion & Ransomware, Forensic Investigation.

Astaara

Astaara

Astaara is an integrated insurance services and risk management advisory business incorporating cyber risk advisory, underwriting and analytics.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.