Feds warn of 'evil layer cake' of online villainy – yes, reallyThe head of the NSA has confirmed his agency gave the FBI top-secret intelligence that led the Feds to blame North Korea for the Sony Pictures mega-hack.
The bureau has been strangely silent on how it came to finger the Nork government for the comprehensive ransacking of the Hollywood movie studio. So silent, in fact, seasoned computer security experts refused to believe the claims until they see more evidence.
Now it appears the FBI has been quietly handed high-level signals intelligence allegedly pointing towards North Korea.
"Sony is important to me because the entire world is watching how we as a nation are going to respond to [the attack on Sony]," NSA Director Admiral Michael Rogers told the International Conference on Cyber Security (ICCS) at Fordham University, Time reports. "If we don't name names here, it will only encourage others to decide, 'Well this must not be a red line for the United States.'"
The NSA had examined the malware used in the Sony hack, and had played a supporting role in the FBI investigation, he said, while declining to give more details.
Rogers said attacks in the online world won't necessarily have an online response, and he welcomed the new sanctions being brought against North Korea by President Obama, which were instituted after the FBI pointed the finger of blame. Rogers added that the NSA would be around to help with similar investigations in the future.
"I don't think it's realistic" for private companies "to deal with [cyberattacks] totally by themselves," he said.
Just what level of commercial hacking attack would be needed to bring NSA spies running wasn't specified by Rogers, nor what the price would be. But he made it clear that the NSA intends to be spending more time sorting out problems like Korea.
"I remain very confident: this was North Korea," Rogers stated, although many in the security industry are much more skeptical. But doubters should shut up, according to government officials also at the conference.
Lisa Monaco, President Obama's Homeland Security Adviser, said the many experts who dispute the government's claim of Norks nobbling Sony don't have enough evidence for their conclusions – and questioning the official FBI narrative was “counterproductive," the Wall Street Journal reports.
FBI director gets surrealThe NSA spymaster's comments came the day after the FBI Director also addressed ICCS and gave a somewhat bizarre presentation in which he asserted North Korea was behind the Sony hack, and was part of an "evil layer cake," of internet criminals.
Director Comey said the Sony hackers had been "sloppy." While they had used proxy servers to mask their location, there had been times when direct connections had occurred and been spotted, he claimed.
"Several times, either because they forgot or they had a technical problem, they connected directly—and we could see them," he said. "They shut it off very quickly before they realized their mistake, but not before we saw it and knew where it was coming from."
The attacks against Sony had begun in September, he said, with a flurry of tightly focused phishing attacks against key individuals. This was then used to gain full access to the company's servers and steal data.
Comey warned that North Korea was just the tip of the iceberg – or, as he put it, the topping on an "evil layer cake." The descending layers included terrorists, organized criminal actors, sophisticated worldwide hackers and botnets, “hack-tivists,” weirdos, bullies, pedophiles, and creeps, he said.
The problem for the FBI was miscreants' ability to attack globally, Comey explained. He likened it to the 1920s, when the invention of the automobile and paved roads (not to mention easy access to firearms) allowed the formation of inter-state bank-robbing gangs.
“[Cybercrime] is that times a million. Dillinger or Bonnie and Clyde could not do a thousand robberies in all 50 states in the same day in their pajamas, from Belarus. That’s the challenge we face today,” Comey told attendees.