Dailydave mailing list archives
What is happening?
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 17 Dec 2014 22:28:48 -0500
The Sony Hack is not just fun and games (if it was, The Interview would have dropped as a .torrent long ago). It's not about a movie or even Sony, at all. When you build a nuclear program, you have to explode at least one warhead so that other countries see that you can do it. The same is true with Cyber. Iran did this exact same near-mortal blow to Saudi Aramco, as a way of demonstrating that they could and would. That's what just happened to Sony, but they didn't see it in time, and didn't realize they were going to have to fold. If you recognize the signature of this kind of nation-state attack, it is not hard to see ahead of time what is going to happen, and we at Immunity have gone on the record <http://www.aol.com/article/2014/12/05/sony-pictures-hack-included-celebrity-social-security-numbers/21003381/> weeks ago saying that this was North Korea, and Sony was going to have to pull the movie to survive. Kim Zetter wrote a Wired article <http://www.wired.com/2014/12/evidence-of-north-korea-hack-is-thin/> in which she called out our Business Insider <http://www.businessinsider.com/sony-hack-should-be-considered-an-act-of-war-2014-12#comments> piece as fantasy. She's since edited us out of the article, but it is ironic that she calls on the "Cutting Sword of Justice" as another hacker group, when in fact they are, like #opisrael, directly Iranian state-based efforts (to be specific, MOIS) - the very exact kind of operation people are failing to see here. Clearly, not all hacking (even very impactful hacking) by random hacker groups is war/terrorism, but when a nation state decides to take out a business in another country, it's hard for our policy team to find another word for it. You do not see the United States using cyber efforts to do this to businesses in other countries, and when Iran or North Korea, or even China, does it, that's stepping over the line. The United State's initial message was that they'd rather have the FBI handle it than the USAF or even JSOC... I guess what I'm saying is, you can learn more about cyber war at the bar at Infiltrate <http://infiltratecon.org>than in Wired so far. ;> -dave
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- What is happening? Dave Aitel (Dec 17)
- Re: What is happening? Arrigo Triulzi (Dec 18)
- Re: What is happening? Andre Gironda (Dec 18)
- Re: What is happening? Ivan .Heca (Dec 19)