US Media Goes Into Overdrive Blaming North Korea for the Sony Hack: Is It Justified?

Uploaded on 2015-01-06 in GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, INTELLIGENCE--USA, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

The US will sanction North Korea by an executive order signed by President Obama, which will target ten North Korean officials and three government entities. The sanctions are in response to the December hack on Sony that the US blamed on North Korea.

The White House Press Office has released the following statement:
The President issued an Executive Order (EO) authorizing additional sanctions on the Democratic People’s Republic of Korea. This EO is a response to the Government of North Korea’s ongoing provocative, destabilizing, and repressive actions and policies, particularly its destructive and coercive cyber attack on Sony Pictures Entertainment.

The EO authorizes the Secretary of the Treasury to impose sanctions on individuals and entities associated with the Government of North Korea. We take seriously North Korea’s attack that aimed to create destructive financial effects on a US company and to threaten artists and other individuals with the goal of restricting their right to free expression.

The identity of the Sony hackers is still unknown. Yet President Obama, in a December 19 press conference, announced: “We can confirm that North Korea engaged in this attack.” He then vowed: “We will respond…We cannot have a society in which some dictator some place can start imposing censorship here in the United States.”

The US Government’s campaign to blame North Korea actually began two days earlier, when The New York Times said, ‘American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North’s leader that is believed to have led to the cyberattack.

Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was debating whether to publicly accuse North Korea of what amounts to a cyberterrorism attack. Sony capitulated after the hackers threatened additional attacks, perhaps on theaters themselves, if the movie, “The Interview,” was released’.

With virtually no skepticism about the official accusation, reporters David Sanger and Nicole Perlroth at the International New York Times deemed the incident a “cyber terrorism attack” and devoted the bulk of the article to examining the retaliatory actions the government could take against the North Koreans.

Other than noting in passing, deep down in the story, that North Korea denied responsibility, not a shred of skepticism was included by Post reporters Drew Harwell and Ellen Nakashima. Like the NYT, the Washing Post devoted most of its discussion to the “retaliation” available to the US.

The NYT and Post engaged in this stenography in the face of numerous security experts loudly noting how sparse and unconvincing was the available evidence against North Korea. Kim Zetter in Wired - literally moments before the NYT laundered the accusation via anonymous officials - proclaimed the evidence of North Korea’s involvement “flimsy.” About the US government’s accusation in the NYT, she wisely wrote: “they have provided no evidence to support this and without knowing even what agency the officials belong to, it’s difficult to know what to make of the claim. And we should point out that intelligence agencies and government officials have jumped to hasty conclusions or misled the public in the past because it was politically expedient.”

Numerous cyber experts subsequently echoed the same sentiments. Yet none of this expert skepticism made its way into countless media accounts of the Sony hack. Time and again, many journalists mindlessly regurgitated the US Government’s accusation against North Korea without a shred of doubt, blindly assuming it to be true, and then discussing, often demanding, strong retaliation. Coverage of the episode was largely driven by the long-standing, central tenet of the establishment US media: government assertions are to be treated as Truth.

Unsurprisingly, the most egregious and darkly amusing “report” came from Vox‘s national security reporter Max Fisher. Writing on the day of Obama’s press conference, he announced that, “evidence that North Korea was responsible for the massive Sony hack is mounting…North Korea’s decision to hack Sony is being widely misconstrued as an expression of either the country’s insanity or of its outrage over The Interview.”

It’s tempting to say that the US media should have learned by now not to uncritically disseminate government claims, particularly when those claims can serve as a pretext for US aggression. But to say that, at this point, almost gives them too little credit. It assumes that they want to improve, but just haven’t yet come to understand what they’re doing wrong. But that’s deeply implausible. At this point - eleven years after the run-up to the Iraq War and 50 years after the Gulf of Tonkin fraud - any minimally sentient American knows full well that their government lies frequently. Any journalist understands full well that assuming government claims to be true, with no evidence, is the primary means by which US media outlets become tools of government propaganda.

However, cyber security experts are divided as to whether or not North Korea was truly behind the attacks with some of the most recent evidence pointing towards a disgruntled former Sony employee possibly having played a role in the hack.

Business Insider:      First Look:   NYT

 

« Malaysia Airlines flight MH370 theories: 17 possible explanations that could reveal fate of plane
Mass Surveillance: The Internet’s best engineers are fighting back »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

SecurityScorecard

SecurityScorecard

SecurityScorecard provides the most accurate security ratings & continuous risk monitoring for vendor and third party risk management.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

Mphasis

Mphasis

Mphasis is a leading applied technology services company applying next-generation technology to help enterprises transform businesses globally.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

CY4GATE

CY4GATE

CY4GATE was conceived to design, develop and produce technologies and products that are able to meet the most stringent and modern requirements of Cyber Intelligence & Cyber Security.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.

Oak9

Oak9

Oak9's Security as Code platform dynamically secures Infrastructure as Code (IaC) and deployed cloud workloads, automatically.