Tuesday, May 16, 2017

Bullshit mountain: North Korea created the Wannacry virus?

In Arthur Penn's classic 1970 movie Little Big Man, Allardyce Merriweather tries to teach Dustin Hoffman's title character the honorable profession of snake oil salesman:
Listen to me, a two legged creature will believe anything, and the more preposterous the better: whales speak French at the bottom of the sea. The horses of Arabia have silver wings. Pygmies mate with elephants in darkest Africa. I have sold all those propositions. 
Well, I've got one that's even better: North Korea was behind's last Friday's computer virus attack.

Just think about the proposition: why would North Korea do that? To get a few thousand dollars in bitcoin? To piss off everyone in the world even more against them? Why???

But there's an even bigger problem. North Korea has neither the technology nor the culture that would allow it to develop a hacker attack team.

Hacking --first and foremost in its original meaning-- is a playful fascination with technology and how it can be shaped, shifted and re-used for other ends. It starts with neither science nor an art but an attitude. It has contempt for formalities, walls and barriers, it loves breaking rules, or even better, gaming them so they become irrelevant.

That culture developed on a large scale in the United States with the baby boom generation. The first product of the two Steves --Wozniak and Jobs-- who gave us Apple computer was a little box that allowed people to make free long-distance phone calls, at a time when the AT&T government imposed monopoly extorted you for the equivalent of $11 for a three minute call to a town 150 miles away. And yeah, it was illegal, a crime. The little box, I mean, not the monopoly.

But in addition to that sort of attitude, you need other things, an area where the technology is available to play with and where you have mentors to get you started. You had that especially in the Northern California and Boston areas in the 1960s and early 70s, which were also centers of the youth rebellion and counterculture, and where the personal computer and Internet were born.

Now consider North Korea's Internet prowess. 
  • Of the more than 4 billion Internet addresses, North Korea has laid claim to 1,024. 
  • Of the more than one billion web sites in the world, North Korea boasts 28. 
  • The Falkland Islands has a population of 2800. North Korea, 25 million, 9,000 times as many. The Falkland Islands has twice the Internet traffic that North Korea does.
Two things:
  • Thing one: North Korea doesn't have enough infrastructure so you could learn how to hack
  • Thing two: The North Korean government is so paranoid you'd end up in prison if you tried
And hacking --whether white hat or black-- is not something you study in college. It is creative, akin to an art form or smuggling whiskey in the 1920s.

Now, some stories say it was North Korea, but operating from China. But why would the government that runs the Great Firewall of China be interested in letting North Korea fuck up tens of thousands of its own computers? And perhaps set off another demented demand from Trump?

The scientific principle of Occam's razor says the simplest answer is usually the right one.

This attack was built on a virus that someone stole from the National Security Agency. (How could this happen? Because you need hackers to develop the viruses in the first place. And see what I said about hacker culture above.) 

The attack was (allegedly) offered for sale and (supposedly) delivered via the Internet in mid-April.

I don't think your need to write a Cold War spy thriller for this one.

Well ... except for "one more thing," as Steve Jobs used to say. 

The attack was incredibly easy to bring to a screeching halt.

Why would genuine black hat hacker-criminals put that kill switch into their code? That sounds to me like something that someone who had a different objective than collecting ransom money would do.
Suppose, for example, you were a spy agency. And suppose you wanted to plant some really nasty spying hack. Why not create a virus epidemic as cover and to distract people from what you are doing. But won't people suspect it is you? Not if the virus was already "stolen."

Sure, five million or fifty million people might be affected but you only want to make sure the five or fifty you have especially targeted get it. As for the rest, you can't make an omelet without breaking a few eggs. Sorry about that, British hospital patients.

I'm not saying I'm certain that's what happened but it is a lot more credible than saying it was the work of a mighty army of North Korean hackers.

No comments:

Post a Comment