david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

Did Korea hacked Sony?

posted December 2014

According to the US government, yes they did:

the FBI now has enough information to conclude that the North Korean government is responsible for these actions

What do security experts think about that?

Here's a piece from Marc Roger called No, North Korea Didn’t Hack Sony. So you can guess what the director of security operations for DEFCON and principal security researcher of Cloudflare is thinking.

What about Schneier? Read about it here

I worry that this case echoes the "we have evidence -- trust us" story that the Bush administration told in the run-up to the Iraq invasion. Identifying the origin of a cyberattack is very difficult, and when it is possible, the process of attributing responsibility can take months.

What about Robert Graham? his article's title is as usual pretty straight forward: The FBI's North Korea evidence is nonsense

So there is some kind of consensus that the FBI's announcement is abrupt and shady...

To dig further... Nicholas Weaver posted an interesting article. Kurt Baumgartner as well.

Well done! You've reached the end of my post. Now you can leave me a comment :)