[xnull1guest]

Certainly false flag operations are a tactic that has seen reliable and regular use, especially in counterintelligence. But what purpose exactly would a false flag operation against SONY serve? Definitely not as a pretext to take action against North Korea - the US could much more easily justify actions against NK than it has many other nations in its history.

[archgoon]

Playing devils advocate here:

<devils advocate>

The NSA is arguably having a credibility problem at home in the US. It needs to convince the tech industry that there are enemies abroad who threaten their security, and attacks by nation states (who aren't the US) is something that is real.

North Korea is a great scape goat. They can deny it all they want, and we don't care about the diplomatic costs, because it can't get any worse. People can't demand sanctions, can't demand recall of ambassadors, the only thing anyone could demand would be going to war with them, but for the most part, we don't care. They're the crazy uncle of the world stage. So basically, the only problem would be if the NSA got caught lying about it.

</ devils advocate>

However, getting caught would probably be the worst possible thing for the NSA (remember, there is likely still a leaker inside); as it would jeopardize the main benefit from doing this in the first place. So I don't think the risk versus reward pans out. That said if North Korea IS behind it, the above motivation for speaking out is still valid.

[xnull1guest]

I similarly don't see the risk (and collateral damage) v. reward pan out. Plus there are so many legitimate cyber attacks against the United States, it would seem like a waste of resources. And it doesn't seem to me like the NSA would so joyously release the Lynton/Bennett/State Department emails. If they wanted to paint NK in a bad light this would seem so counter to that goal.

[researcher88]

Schneier said there are three. The 2nd leaking the Merkel and X-KEYSCORE and the third connected to NCTC.

Also one was supposedly raided by the FBI at the end of October but that story was never updated.

[Estragon]

It's certainly being used as a pretext to lock down legal control of independent computation. The proposed updates to the CFAA and Obama's siding with Cameron on the intolerability of government-opaque communications have more credibility as a result of it. And it lends credibility to the steady reports from "a government official with knowledge of the matter" that US infrastructure is only an exploit away from being disabled by a hostile nation state, and to possible anti-hacker propaganda like the movie "Blackhat."

[xnull2guest]

Can you link a reference? I haven't yet seen it being used to justify any such legislature.

[gmuslera]

They could use North Korea "attack" to justify more local measures, you know, banning encryption, tighter regulations, more penalties... more or less what has been happening last weeks.

[xnull1guest]

I absolutely believe that attacks are used as conveniences to justify legislative wishlists, but question whether such things are planned in advance like you are suggesting or are opportunistic responses to actual events.

Regarding encryption bans I've mostly seen justification referencing the Charlie Hebdo attacks (which are assuredly not a false flag).

Personally I believe that North Korean sympathizers were behind the SONY attacks given a number of pieces of evidence, but most heavily the #GOP leaks of emails detailing SONY collaboration with the US State Department and RAND Corporation that point toward The Interview being a strategic diplomacy product.

[lurchpop]

I think the recent re-introduction of CISPA and calls by world leaders to end encryption hint at the qui bono.

[xnull2guest]

Weren't the calls to ban crypto in response to the Charlie Hebdo attacks? Wouldn't the elimination of strong crypto make cyberattacks much worse?