14 DAY TRIAL // The controversy regarding the attribution of the Sony hack may have come to an end, as a project published on GitHub aims at offering a version that fits every opinion.
If someone is convinced that the author is North Korea, then Sony Hack Attribution Generator provides the data that supports this theory.
The tool includes details tying the incident to actors from Romania, Germany, Russia, China, the US, Pakistan, Brazil, Bulgaria, Syria, Turkey or Armenia.
Some indicators are pulled from real incidents
“Do you need a quick story you can pull out of your hat to explain the Sony hack at a party or job interview? Just fire this bad boy up and read the output,” reads the description of the project.
Kevin Thompson, the author of the tool, says that most of the data available on the page is fake. Indicators of compromise, as well as quotes, “are purely made up for flavor.”
However, some of the details are real, although they are not linked to the Sony hack. They represent aggregated information from the VERIS Community Database and Verizon’s Data Breach Investigations Report for 2014. These include real details about breach actors, be they part of organized crime, activists, or state-sponsored.
Anyone looking to have some fun could tweak Sony Hack Attribution Generator so that it loads data that fits their own theories regarding the perpetrators of the Sony hack.
The FBI plans to shed some light on Sony hack attribution
“Since it is unlikely that any further evidence on this case will be released to the public, it is really a guessing game now. At the very least, you can now have some data-driven guesses to share your own attribution story to the press,” Thompson says.
For demonstration purposes, attribution of the incident changes each time the project loads and different sources are quoted for every variant. As such, with every refresh there are different authors of the investigation that led to the discovery of the new information.
It is worth noting that the FBI officially attributed the hack to the government of North Korea and that director James Comey is expected to reveal more details from the investigation that led to this conclusion on Wednesday.
Mind that the page looks pretty real and it may fool even some security enthusiasts; especially since the IP addresses provided as proof for the attribution resolve to the countries they are listed to be from. A simple look at the malware indicators should make it clear that it is all a prank.
It is hard to believe that news outlets could fall for evidence fabricated with Sony Hack Attribution Generator, but it may happen, just as there have been articles based on information from anonymous online sources.
