North Korea has issued a new threat against the US over its accusation that Pyongyang was behind the hack of Sony Pictures. But while the diplomatic fallout has North Korea set to boycott today's UN Security Council meeting over the country's human rights record, it remains unclear whether Pyongyang was truly responsible for the attacks, cybersecurity experts say.
In a wordy statement released by the state Korean Central News Agency on Monday, North Korea's National Defence Commission claimed that the country is "fully ready to stand in confrontation with the US in all war spaces including cyber warfare space."
"Our toughest counteraction will be boldly taken against the White House, the Pentagon and the whole U.S. mainland, the cesspool of terrorism, by far surpassing the 'symmetric counteraction' declared by Obama," the statement said, referring to the president's comments on CNN Sunday that the US would "respond proportionally" to the "cybervandalism" against Sony.
BBC News Korea correspondent Stephen Evans noted that the statement "has weight because it comes from the most powerful body in North Korea, the National Defence Commission, which is chaired by Kim Jong-un." Mr. Evans adds that the statement "has two arguments – essentially 'we didn't do it' and 'whoever did do it was right'."
In part of the Sony hack furor, North Korea has refused to appear at the UN Security Council today, where the council is set to discuss Pyongyang's human rights record for the first time, The Associated Press reports.
The council has had North Korea’s nuclear program on its agenda for years, but Monday’s meeting opens the door to wider discussion of abuses alleged in the recent inquiry, including starvation and a harsh political prison camp system of up to 120,000 inmates. Pyongyang rejects the inquiry’s findings but never allowed it into the country.
Two-thirds of the Security Council this month formally requested that North Korea’s human rights situation be placed on the agenda for ongoing debate, saying rights violations “threaten to have a destabilizing impact on the region.”
China and its veto power as a permanent council member could block any action against its traditional but troublesome ally, but the mere threat of damage to Kim Jong Un’s image has outraged the North Korean government.
On Monday, China condemned the cyberattacks on Sony, but argued there was no proof of North Korea's hand in the attacks. "Before making any conclusions there has to be a full [accounting of] the facts and foundation," Reuters quotes a foreign ministry official as saying. "China will handle it in accordance with relevant international and Chinese laws according to the facts."
Though North Korea has a long history of ties to criminal activity, some cybersecurity experts are skeptical over Washington's accusations against Pyongyang. The Christian Science Monitor's Passcode, which covers cybersecurity, reports that many said the evidence provided Friday by the FBI was neither new nor convincing.
The [FBI] statement mentions the similarities between deletion malware used in the Sony hack to deletion malware previously used by North Korean hackers; it refers to tools used in the Sony attack that were similar to ones deployed in a North Korean attack on South Korean media and banks; and the agency pointed out that infrastructure hardcoded into the malware (including IP addresses) matched infrastructure identified as North Korean in the past.
Even with this information, many in the cybersecurity industry see these links as tenuous at best. All of the technical watermarks can and are frequently falsified or mimicked by hackers.
“We know that hackers share malware on forums. Every hacker in the world has all the source code available,” says [Rob Graham, chief executive officer of research firm Errata Security].
Passcode also reports that the speed with which Washington accused North Korea raises questions, as cybercrime investigations can take months, if not years, to conduct.
Security experts who spoke with Passcode before the FBI statement had noted how these kinds of investigations can typically take months to piece together, especially one following a major hack such as the Sony attack.
For instance, US indictments against five members of the People’s Liberation Army of China on various hacking-related charges earlier this year, came only after years of painstaking effort following digital breadcrumbs. ...
“It’s not against the law of physics,” to attribute an attack with certainty on somebody, says Bruce Schneier, a noted security expert and author. “But it is highly unlikely,” in the case of the Sony attack given the time frame, he says.