US Media Goes Into Overdrive Blaming North Korea for the Sony Hack: Is It Justified?

The US will sanction North Korea by an executive order signed by President Obama, which will target ten North Korean officials and three government entities. The sanctions are in response to the December hack on Sony that the US blamed on North Korea.

The White House Press Office has released the following statement:
The President issued an Executive Order (EO) authorizing additional sanctions on the Democratic People’s Republic of Korea. This EO is a response to the Government of North Korea’s ongoing provocative, destabilizing, and repressive actions and policies, particularly its destructive and coercive cyber attack on Sony Pictures Entertainment.

The EO authorizes the Secretary of the Treasury to impose sanctions on individuals and entities associated with the Government of North Korea. We take seriously North Korea’s attack that aimed to create destructive financial effects on a US company and to threaten artists and other individuals with the goal of restricting their right to free expression.

The identity of the Sony hackers is still unknown. Yet President Obama, in a December 19 press conference, announced: “We can confirm that North Korea engaged in this attack.” He then vowed: “We will respond…We cannot have a society in which some dictator some place can start imposing censorship here in the United States.”

The US Government’s campaign to blame North Korea actually began two days earlier, when The New York Times said, ‘American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North’s leader that is believed to have led to the cyberattack.

Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was debating whether to publicly accuse North Korea of what amounts to a cyberterrorism attack. Sony capitulated after the hackers threatened additional attacks, perhaps on theaters themselves, if the movie, “The Interview,” was released’.

With virtually no skepticism about the official accusation, reporters David Sanger and Nicole Perlroth at the International New York Times deemed the incident a “cyber terrorism attack” and devoted the bulk of the article to examining the retaliatory actions the government could take against the North Koreans.

Other than noting in passing, deep down in the story, that North Korea denied responsibility, not a shred of skepticism was included by Post reporters Drew Harwell and Ellen Nakashima. Like the NYT, the Washing Post devoted most of its discussion to the “retaliation” available to the US.

The NYT and Post engaged in this stenography in the face of numerous security experts loudly noting how sparse and unconvincing was the available evidence against North Korea. Kim Zetter in Wired - literally moments before the NYT laundered the accusation via anonymous officials - proclaimed the evidence of North Korea’s involvement “flimsy.” About the US government’s accusation in the NYT, she wisely wrote: “they have provided no evidence to support this and without knowing even what agency the officials belong to, it’s difficult to know what to make of the claim. And we should point out that intelligence agencies and government officials have jumped to hasty conclusions or misled the public in the past because it was politically expedient.”

Numerous cyber experts subsequently echoed the same sentiments. Yet none of this expert skepticism made its way into countless media accounts of the Sony hack. Time and again, many journalists mindlessly regurgitated the US Government’s accusation against North Korea without a shred of doubt, blindly assuming it to be true, and then discussing, often demanding, strong retaliation. Coverage of the episode was largely driven by the long-standing, central tenet of the establishment US media: government assertions are to be treated as Truth.

Unsurprisingly, the most egregious and darkly amusing “report” came from Vox‘s national security reporter Max Fisher. Writing on the day of Obama’s press conference, he announced that, “evidence that North Korea was responsible for the massive Sony hack is mounting…North Korea’s decision to hack Sony is being widely misconstrued as an expression of either the country’s insanity or of its outrage over The Interview.”

It’s tempting to say that the US media should have learned by now not to uncritically disseminate government claims, particularly when those claims can serve as a pretext for US aggression. But to say that, at this point, almost gives them too little credit. It assumes that they want to improve, but just haven’t yet come to understand what they’re doing wrong. But that’s deeply implausible. At this point - eleven years after the run-up to the Iraq War and 50 years after the Gulf of Tonkin fraud - any minimally sentient American knows full well that their government lies frequently. Any journalist understands full well that assuming government claims to be true, with no evidence, is the primary means by which US media outlets become tools of government propaganda.

However, cyber security experts are divided as to whether or not North Korea was truly behind the attacks with some of the most recent evidence pointing towards a disgruntled former Sony employee possibly having played a role in the hack.

Business Insider:      First Look:   NYT

 

« Malaysia Airlines flight MH370 theories: 17 possible explanations that could reveal fate of plane
Mass Surveillance: The Internet’s best engineers are fighting back »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

ECOMPLY

ECOMPLY

ECOMPLY is an all-in-one GDPR Compliance Solution. Efficient data protection management system for businesses and DPOsomply.

Desec Security

Desec Security

Desec's training platform allows professionals around of the world to acquire knowledge and practical experience in Information Security.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Level39 (L39)

Level39 (L39)

Level39 is the world's most connected tech community, with over 200 tech startups and scaleups based onsite.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

FiVerity

FiVerity

FiVerity provides financial institutions with cyber fraud defense to combat a dangerous and growing threat - the convergence of fraud-related theft with sophisticated, high-volume cyber attacks.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.