{"id":110746,"date":"2017-11-30T14:35:00","date_gmt":"2017-11-30T14:35:00","guid":{"rendered":""},"modified":"2023-01-08T11:03:40","modified_gmt":"2023-01-08T11:03:40","slug":"traced-to-pyongyang","status":"publish","type":"post","link":"https:\/\/cvnextjob.com\/index.php\/2017\/11\/30\/traced-to-pyongyang\/","title":{"rendered":"Traced to Pyongyang"},"content":{"rendered":"
<\/div>

<\/h3>\n
<\/div>\n

When Sony Pictures was hacked late last year, there was considerable speculation as to the groups–or nation–that was responsible for the cyber-attack.<\/p>\n

After the FBI became involved, the agency quickly announced that North Korea was behind the hack, citing the use of malware associated with previous cyber-strikes conducted by Pyongyang.  But other security experts disagreed, claiming the “evidence” offered by the FBI was skimpy, at best, and suggested that “hacktivist” groups might be responsible. <\/p>\n

We took a slightly different approach<\/a>, noting that the bureau had access to information unavailable to other experts. <\/p>\n

Fact is, the FBI maintains a close working relationship with NSA on cyber-security issues and can draw upon that agency’s vast expertise in that field.   In fact, some members of the FBI’s cyber division are stationed at NSA HQ at Fort Meade, MD, to facilitate liaision efforts between the organizations.  It’s a safe bet the FBI’s “North  Korea”  analysis was based, at least in part, on data provided by NSA, and so far, the feds have said virtually nothing about the role of the SIGINT agency in the Sony investigation. If the assessment is based on NSA data, it would add more credence to the North Korean angle.<\/span><\/span><\/p>\n

In fact, the NSA has active partnerships with a number of tech firms, allowing it to probe for potential weaknesses and monitor activity from various hacker groups, including those sponsored by nation-states.  Author Shane Harris recently detailed the extent of these relationships in his book @War: the Rise of the Military-Internet Complex: <\/i><\/span><\/span><\/span><\/p>\n

The NSA helps the companies find weaknesses in their products. But it also pays the companies not to fix some of them. Those weak spots give the agency an entry point for spying or attacking foreign governments that install the products in their intelligence agencies, their militaries, and their critical infrastructure. Microsoft, for instance, shares zero day vulnerabilities in its products with the NSA before releasing a public alert or a software patch, according to the company and U.S. officials. Cisco, one of the world\u2019s top network equipment makers, leaves backdoors in its routers so they can be monitored by U.S. agencies, according to a cyber security professional who trains NSA employees in defensive techniques. And McAfee, the Internet security company, provides the NSA, the CIA, and the FBI with network traffic flows, analysis of malware, and information about hacking trends. <\/p>\n

Companies that promise to disclose holes in their products only to the spy agencies are paid for their silence, say experts and officials who are familiar with the arrangements. To an extent, these openings for government surveillance are required by law. Telecommunications companies in particular must build their equipment in such a way that it can be tapped by a law enforcement agency presenting a court order, like for a wiretap. But when the NSA is gathering intelligence abroad, it is not bound by the same laws. Indeed, the surveillance it conducts via backdoors and secret flaws in hardware and software would be illegal in most of the countries where it occurs.  <\/span><\/span><\/span><\/p>\n

Today’s edition of The New York Times<\/i><\/a> offered additional insights into the NSA’s cyber-capabilities, disclosing that the spy agency first penetrated North Korea’s on-line networks as early as 2010<\/a>:  <\/span><\/span><\/span><\/span><\/p>\n

Spurred by growing concern about North Korea\u2019s maturing capabilities, the American spy agency drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies, according to former United States and foreign officials, computer experts later briefed on the operations and a newly disclosed N.S.A. document<\/a>.<\/span><\/div>\n

<\/span><\/p>\n