We’ve all heard about the massive security hack that Sony Pictures suffered just over a month ago and it seems like the whole mess just keeps getting worse. One thing I noticed in the general news is how little people understand about tracking down the culprits responsible for these types of attack.
On one national news station they brought in a spokesman from the FBI to try and explain things. Most of what the spokesman said was basically a dumbed down version of the events and most of it focused on what the criminals took and then reposted on sites around the world. He didn’t talk a lot about how the attack was carried out, the timelines or any details about the type of attack it was. I assume he didn’t talk about these things because they don’t really know.
And then the news commentator asked, ‘so how close are you to finding out who did this and can you give us any estimates on how long the investigation will take?’
As you would expect, the FBI spokesman began talking about how difficult it is to track these kinds of attacks back to their sources because hackers are very good at hiding their tracks by using fake addresses and spoofing and…
And he never really answered the question.
I strongly suspect that the real answer is they will never find out who did this. And it’s not because the FBI’s cyber-crime experts are idiots (even though they seem to need Apple’s and Google’s help to crack smartphones).
The fake addresses, spoofing and jumping from one site to the next and the next etc. are all very real and even a casual hacker who cobbles together attack code using other people’s bits and pieces can remove their tracks without too much effort. Once a hacker has gained access to a system they can dump all the data in one massive transfer that only takes a few minutes. Once the transfer is complete the hacker can erase the code and the addresses where the data was sent. Or they can store the data on the victim’s own servers and send it out in small chunks. Or they can store it then access it later using a stolen account.
No matter how they did it they can pretty much erase anything that might lead the authorities to their doorstep.
So the answer to the question posed to the FBI spokesman about when they might be able to crack the Sony case is probably right after they crack the celebrity selfie iCloud hack, the Home Depot hack and the Target hack – which will probably happen … um … never.