The United States Federal Bureau of Investigation has just issued an update to the Bureaus' ongoing investigation into the SONY [NYSE: SNE] breach, and the miscreants that committed the crime. The gist: North Korea has been implicated in the crime.
- Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
- The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
- Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea. - via the Federal Bureau of Investigation, released 19 December 2014
The Electronic Frontier Foundations' Secure Messaging Scorecard is our Must Read. In a nutshell, the EFF has graded the anti-surveillance efficacy of an impressive number of providers and software packages. Enjoy!
In a well wrought thought piece crafted by Ellen Branagh, and published by Cable.UK (A UK based cable television and broadband inter-networking industry site), in which, the good Ms. Branagh converses with Olaf Kolkman, ISOCs' CITO, regarding the true nature and benefits brought to the networking table by our favorite integrity-guarantor of DNS queries, non-other than DNSSEC.
Clerkendweller (aka Colin Watson) discusses an interesting ACM paper entitled 'Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals', presented last month at the ACM CCS 2014. The paper's authors, Frank Piessens, Tom Van Goethem, Nick Nikiforakis and Wouter Joosen present a fascinating take on the current crop of security seals, badges and what-not, attesting the security posture of whatever site the badges appear on.
Once again, Kim Zetters' superlative prose details the astounding story of Stuxnet; this time, in a new book titled 'Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon' [published by Crown Publishing Group a division of Random House]. Apparently, like many other 'infections' the vector [in this case] is the order-of-the-day... This month's MustRead.