Sony hackers sound like al-Qassam Cyber Fighters; and where's the gloating, Guardians of Peace?
What you won't be doing on Christmas Day
Two quick thoughts about the Sony hack today. First: Haven't we all seen (or, not seen) this movie before? The one where a corporation is brought to its knees, allegedly by hackers from a foreign enemy upset about an offensive movie? And second: Where's the gloating? The hackers' silence right now is intriguing.
1. Haven't we all seen this movie before? A hacker group with a pop-culture name hacks a huge corporation, demanding that a culturally offensive video be squashed. there's confusion over "attribution," with U.S. officials calling it cyvberwar by a nation-state, but cyber experts are so sure Where have we seen this before? Oyea: two years ago when the 'al-Qassam Cyber Fighters," were knocking U.S. banks offline seemingly at will, for days at a time. Bank of America, Capital One, Citibank, PNC Bank, and Wells Fargo, were hit, just to name a few. (Read up on that hack: Visit the Red Tape Chronicles archive here.)
"Censor yourself — or else." That's how jihadwatch.org put it back then.
The group posted a series of message on Pastebin.com -- sound familiar? -- saying the attacks would continue until the controversial film "Innocence of Muslims" was removed from YouTube. That movie, you might recall, was initially blamed for the Benghazi attack. The al-Qassam Cyber Fighters used an old-fashioned denial of service attack to temporarily separate Americans from their money, but the attacks were not child's play. Even with advance warning, banks and their service providers seemed incapable of stopping them for many months.
Sure, their attack vectors are very different -- but creating cyber-chaos and using an alleged international offense to wildly amplify its impact make these attacks quite similar.
Reaction to al-Qassam attacks was dramatic. Both Sen. Joe Lieberman, I-Conn., and Defense Secretary Leon Panetta openly blamed the attacks on Iran, with Panetta calling the incident a "pre 9/11 moment." Several intelligence officials told NBC News at the time that they believed Iran was behind the attacks. On the other hand, there was disagreement behind the scenes between traditional spooks (intelligence folks) and cyber/forensic folks. Attributing cyber-attacks is incredibly difficult, as it's easy to lead investigators astray with false digital cookie crumbs. It would be easy to make an attack appear as if it had something to do with Iran, or North Korean, if a hacker wanted to leave that impression.
So, nation-state conducting cyberwar or hackers on a joyride for profit? Trouble is, there's a third possibility that's probably a lot closer to the truth. It lands lands somewhere in between. Governments can certainly hire freelance hacker groups. Or, they can go along for the ride along when they see a hacker/hackivist group doing something they support, offering tacit support. That could come in the form of money, technical support, or even just encouragement. Statecraft also makes it only sensible for the North Korean government to allow Americans to believe it was behind the attacks, even if it had nothing to do with them. It's a dream to created that kind of confusion for your enemy without lifting a finger.
Eventually, al-Qassam just went away. Why? Probably because banks eventually figured out how to filter out their denial of service attacks. Or because the hackers got bored. Or, because they were paid off. Which leads me to point number 2.
2. Where is the gloating? For all the brazen communications the Guardians of Peace have indulged in so far, you'd think they'd be out there declaring victory by now. Unless there's a reason the group has suddenly become shy. My curiosity clock is ticking on that. Contrary to what you've heard, corporations do pay extortion demands to hackers; that's certainly a possibility here, as we know the attackers have already made financial demands.
There's plenty of other reason for the (so far, short-term) silence. Heck, they could just be on a drinking binge celebrating their status as having committed potentially the most influential, an maybe even the most expensive, hacking caper in history. Only time will tell.
Sign up for updates: Subscribe to Bob Sullivan's free email newsletter.