(mis)adventures in software development...

02 February 2015

The Who Hacked Sony Story

Category Technology

The recent Sony hack was notable for many reasons, not least of which is how devastatingly successful it was — hackers managed to get hold of huge amounts of sensitive data.

But one aspect that intrigued me in particular was the way it was reported, and how different angles of the story were emphasised (or de-emphasised) by different media outlets.

Obviously this story would be of some interest to those technically inclined, especially those working in areas of technology or cybersecurity. As such, there are some complex technical aspects, which might be of interest to a certain tech savvy demographic, but perhaps not so much to a more general mainstream audience. But while it’s one thing to tailor the amount technical detail in reporting to the level of your target audience, it’s another thing entirely to just regurgitate government propaganda without any attempt at providing context.

Yet, that increasingly became the nature of the reporting, especially in the weeks after the story first broke, as more details were made public. In a way, the more information that emerged, the more distorted that information became.

Pretty soon, the “official” narrative became that the North Korean government was responsible for hacking Sony. After that most major “mainstream” news sources just reported this as if it was a proven fact, without any attempt at context or nuance.

Anyone with just a passing interest in the story, who was getting their news only from popular mainstream news websites, would be left convinced that hacking Sony was all part of a cyberwar North Korea was waging on its perceived enemies in the West.

This is in stark contrast to the way this story was reported on technical news sites, and the way knowledgeable bloggers wrote about it.

The North Korea cyberwar narrative might make for a better story, and a more dramatic story, but it there’s a lot more going on than that.

Right from the start, many security experts considered it unlikely North Korea were the perpetrators. With these kinds of hacking attacks, attribution is notoriously difficult. So far, all the evidence linking it to North Korea is circumstantial at best. Sony is also a strange and rather low value target for a nation state. The case that Sony was targeted because of “The Interview” movie is weakened by the fact the attackers only mentioned the movie after the media started speculating about this possiblity. Surely these points are worth noting, if only in passing, in any objective reporting of the story? Even one aimed at a non-technical audience?

While it’s hardly surprising to see tech news reported badly or innacurately, it was still dissapointing — and disturbing — to see how pervasive the official government line became, that North Korea was responsible.

Especially considering the increasingly likely theory that the Sony hack was actually the work of disgruntled former employees, who may have planted malware software from the inside, stolen data, and handed over crucial details of Sony’s internal network to hackers.

I’m no security expert, but this seems like a far more likely scenario. The hackers were so successful that it seems inconceivable they could have achieved as much as they did without help from the inside. It’s astonishing that hackers might have managed to transfer so much data out Sony’s network without anyone noticing. If that is what happened, then Sony had some seriously inadequate network monitoring in place. Even so, isn’t it far more likely that some disgruntled employees copied huge amount of sensitive corporate data onto external USB drives, then just walked out the door with them?

Of course, the US government has officially blamed North Korea for the cyber attack on Sony. Which doesn’t mean it’s necessarily true. Sure, with all they spying the NSA is doing (along with other government agencies) it’s certainly likely that the US government knows a lot more than they are publicly revealing. But blaming North Korea is awfully convenient, considering we may never know for sure who is responsible.

After all, what’s more likely: That a secretive, poor, communist country with little internet infrastructure launched a phenomenally successful cyber attack against Sony because they were about to release a crappy Seth Rogen movie? Or that disgruntled employees planted malware, then handed over the details to some hacker group? My money is on the latter.

But most of the media went with the official government line.

So much for the internet setting truth free.

Anyone else remember when the internet first started to become mainstream? Remember the hype of the dot-com boom? We were entering a new age, we were told. Old media was now obsolete. The internet would obliterate all the old publishing empires, and bring in a glorios new age of self publishing. No more would media moguls and governments control the flow of information. Because information wanted to be free! The truth is out there!

Didn’t really turn out that way, did it? Maybe kinda sorta, if you squint real hard, and lower your expectations. There are still book publishers, record labels, newspaper companies. Sure, many of them struggling for profitability or relevance, but they’re still there. More importantly, a lot of the old media empires are still around, and still have substantial power and influence.

Even the advent of social media hasn’t really made it easier to find the facts. If anything, it’s made things worse. Social media provides just another outlet for governments and corporations to get their message out. We have access to far more media than ever before. But not necessarily more facts. It’s probably no coincidence that the more media there is, the more mis-information is out there. Who needs to censor the media, when you can just bury inconvenient truths in amongst a sea of mis-information and spin?

Which I think is the ultimate irony of the Sony hacking. Despite little evidence, large swathes of the media are happily reporting the official US government line that North Korea is responsible for the cyber attack on Sony.

North Korea, one of the last die hard vestiges of communism, is a country where few people have internet access, and the media is mostly government propaganda designed to keep its population misinformed.

By contrast, the supposedly democratic Western world enjoys a mind-boggling array of media options, from traditional news sources, to obscure news websites and blogs, to social media. Yet, ironically, this doesn’t always mean we are told the truth. Are the people in the western world any less mis-informed?

We might get more news, but it’s still filtered through layers of government spin, corporate PR, and news media bias. As much as the internet might hold potential to speak truch to power, it’s more often a vehicle for conspiracy theories, and outright mis-information. Not to mention cat pics.

The truth might be out there, online. But we usually have to wade through a big pile of shit to find it.