Category Archives: NSA Spying

Obama Giving Allies Away, Putin Winning Them

Posted on by

In Eastern Europe:

Hungary, a NATO member whose prime minister recently named Putin’s Russia as a political model to be emulated. Or NATO member Slovakia, whose leftist prime minister likened the possible deployment of NATO troops in his country to the Soviet invasion of 1968. Or NATO member Czech Republic, where the defense minister made a similar comparison and where the government joined Slovakia and Hungary in fighting the European Union’s sanctions against Russia. Or Serbia, a member of NATO’s “partnership for peace” that has invited Putin to visit Belgrade this month for a military parade to celebrate the 70th anniversary of the Red Army’s “liberation” of the city. Then there is Poland, which until recently was leading the effort within NATO and the European Union to support Ukraine’s beleaguered pro-Western government and punish Putin’s aggression. This month its new prime minister, Ewa Kopacz, ordered her new foreign minister to urgently revise its policy.

Russia recruits U.S. allies in Eastern Europe by raising doubts about security commitment

Russia is trying to slowly strip away U.S. allies in Eastern Europe by playing up fears that Washington will not come to their aid, as promised nearly a decade ago, because of a lack of foreign strategy and commitment to the region, analysts say.

Russian President Vladimir Putin has authorized a string of provocative moves from the Arctic to the Black Sea in recent months in an attempt to intimidate NATO allies along the border for the old Soviet Union, including Hungary, Romania and Latvia, and boost allies of Moscow living in those countries.

Last year, a Russian-friendly party won the largest number of votes in Latvia’s parliamentary elections amid reports that a mayor of a city in eastern Latvia voiced concerns that activists were engaged in door-to-door campaigning in support of the communities’ secession from Latvia to join Russia.

Hungarian Prime Minister Victor Orban, who helped engineer his country’s successful application for membership in NATO in 1999, now seems to be cozying up to Russia by making large deals with Moscow and criticizing Western sanctions.

In November, Hungary authorized construction of the South Stream pipeline, a Russian-backed project that will bypass Ukraine to funnel natural gas exports to Europe and elsewhere, to the dismay of the European Union. Ukraine is engaged in a fierce political and military standoff with Russian-based separatists.

The fact that some countries along the tense border with Russia may be tempted to switch sides suggests a broader problem of a lack of trust in the U.S. commitment to protect them if they are attacked, said Matthew Rojansky, director of the Kennan Institute at the Woodrow Wilson International Center for Scholars.

“Why don’t they feel that deterrent effect of America’s commitment to defend them?” he said. “They clearly don’t think that we are committed to that commitment. That’s really where the problem is. They’re doubting the American security commitment.”

NATO’s famous Article 5 declares that an attack against any of the 28 countries in the alliance will be considered an attack against all. As a result, countries that have signed the treaty must come to the defense of others that are threatened or attacked.

Mr. Rojansky likened the U.S. commitment to these countries to life insurance: A 25-year-old healthy person generally has no trouble getting a life insurance policy because the company knows it likely won’t have to pay up soon. A 67-year-old with a history of heart disease, however, could have trouble obtaining a policy and face high premiums.

Seven countries — including Latvia, Lithuania and Estonia — became NATO members in 2004. Because the threat of a Russian attack wasn’t a serious consideration at that time, there was no lengthy debate on the wisdom of letting these Baltic states join, Mr. Rojansky said.

Now that Russia under Mr. Putin has taken a far more aggressive stance in Ukraine, Georgia and elsewhere, the situation has changed, he said.

“We’ve given them the policy coverage, but we gave it to them in a totally different circumstance, and that’s creating doubts on their part about if we’ll honor the policy,” Mr. Rojansky said.

Saber-rattling

Both sides have engaged in saber-rattling in recent weeks, leading to talks on both sides of the European divide of a potential new cold war.

Russian fighter jets have grown increasingly brazen in challenging U.S. and allied surveillance flights, and Sweden this fall scrambled ships and helicopters to track a Russian submarine that was believed to have surreptitiously entered Swedish waters. Planes from Russia’s Northern Fleet this week have begun anti-ship exercises in the Barents Sea.

Pentagon officials said Thursday that they were asking Russia to investigate an incident in early April in which a Russian fighter jet intercepted a U.S. reconnaissance plane in international airspace north of Russia and conducted multiple “unprofessional and reckless and foolish” maneuvers in proximity to the American plane.

Analysts in Moscow say the West has been just as provocative, with the U.S. holding joint exercises with Ukraine’s military, accelerating talks with Poland on a state-of-the-art missile defense system, staging a high-profile military convoy trip through six Eastern European nations, and deploying 12 A-10 Warthog planes to Romania as part of a theater-security effort to counter Russian moves in the region.

“The unit will conduct training alongside our NATO allies to strengthen interoperability and demonstrate U.S. commitment to the security and stability of Europe,” Pentagon spokesman James Brindle said this month in a statement about the action to Military.com.

Pentagon officials told the website that the deployment of the A-10s was part of NATO’s Operation Atlantic Resolve. The mission objective is, in part, to send a message to Russia about the U.S. commitment to NATO allies.

“Operation Atlantic Resolve will remain in place as long as the need exists to reassure our allies and deter Russia from regional hegemony,” Pentagon spokesman Maj. James Brindle said.

Pentagon officials strongly contested criticism that the Obama administration was having second thoughts about fulfilling the U.S. commitment to its allies in Eastern Europe now that Russia poses a significant threat.

“The U.S. thoroughly considered all aspects associated with establishing and joining NATO,” the official said. “The principles contained in opening paragraphs of the Washington Treaty remain as relevant today as they were 66 years ago.”

The U.S. needs to do more to reassure NATO allies of its commitment, including permanently basing troops in Eastern Europe, as well as more frequent and larger-scale deployments, said Boris Zilberman, deputy director of congressional relations at the Foundation for the Defense of Democracies.

The ultimate goal, he said, is to ensure that countries that have been allies remain on the side of the U.S.

At the same time, the U.S. must walk a fine line by increasing its presence enough to reassert its commitment to allies but not so much so as to give Mr. Putin political ammunition to escalate Russian aggression, Mr. Zilberman said.

“How much do we want to mirror image what they’re doing and give Putin a reason to keep doing it?” he said.

The U.S. is deploying small groups of service members to conduct drills in Baltic partner countries and has imposed sanctions on Russia, a policy that Defense Secretary Ashton Carter said is working.

“My observation is that this is having a real effect on the Russian economy and at some point the Russian people are going to ask themselves whether these kinds of adventures are worth the price,” Mr. Carter told reporters in a briefing Thursday.

 

 

 

 

Did Susan Rice Leak Classified Info on Purpose?

Posted on by

There was a profound moment when the Prime Minister of Israel gave a presentation at the United Nations on Iran’s readiness of their break-out period on their nuclear weapon using a cartoon as a prop. The Obama administration later used it as satire against Netanyahu.

Capture

Seems, a year or so later, the White House is agreeing….pigs fly…..

Did Susan Rice Disclose Classified Info on Iran?

Bloomberg’s Eli Lake reports Tuesday that the Obama administration kept secret until the beginning of April Iran’s two to three month breakout time for a nuclear weapon, saying “the administration only declassified this estimate at the beginning of the month, just in time for the White House to make the case for its Iran deal to Congress and the public.”

Energy Secretary Ernest Moniz, speaking to reporters on Monday, said that the administration has held this assessment for “quite some time.” Lake says that Brian Hale, a spokesman for the Office of the Director of National Intelligence, confirmed Monday “that the two-to-three-month estimate for fissile material was declassified on April 1.”

However, at least one member of the administration publicly spoke about the two-to-three-month breakout time frame prior to April. On March 2, 2015, National Security Advisor Susan Rice addressed the annual AIPAC meeting and said the following [emphasis added]:

This is my third point—a good deal is one that would verifiably cut off every pathway for Iran to produce enough fissile material for a nuclear weapon.  Every single one.

Any deal must prevent Iran from developing weapons-grade plutonium at Arak, or anywhere else.

Any deal must prevent Iran from enriching uranium at its nuclear facility at Fordow—a site we uncovered buried deep underground and revealed to the world in 2009.

Any deal must increase the time it takes Iran to reach breakout capacity—the time it would take to produce a single bomb’s worth of weapons-grade uranium.  Today, experts suggest Iran’s breakout window is just two to three months.  We seek to extend that to at least one year.

Rice’s disclosure suggests that either DNI spokesman Brian Hale is incorrect in his assertion that the assessment was declassified on April 1, or Rice revealed classified information.

The White House did not immediately respond to a request for comment on Rice’s March disclosure.

From HotAir:

Only a few short weeks later, that framework nuclear deal appears increasingly dubious. Iran has demanded that it sunset after only five rather than ten years. The Islamic Republic also wants to operate twice the number of centrifuges agreed to in Switzerland. The administration insists that it will provide sanctions relief to Iran in stages, but Tehran contends that it will have total relief right up front. According to The Wall Street Journal, the mullahs learned on Friday that they will receive billions in unfrozen funds once a deal is signed even as American and Iranian warships engage in a tense standoff off the coast of Yemen.

Few believe that the complex international sanctions regime in place today, a web of commitments that took years to assemble, could “snap back” in the event that Iran failed to live up to its end of the deal. “[O]nly a credulous sixth-grader could imagine that in the event that there is some evidence of Iranian cheating (and the evidence inevitably will be murky, incomplete, and subject to debate) that countries such as France and Germany, which are eager to do business with Tehran, much less countries such as China and Russia, which are not only cozy with Tehran but hostile to Western interests in general, will agree to reimpose sanctions,” Commentary Magazine’s Max Boot observed.

While Netanyahu might not have accurately assessed Iran’s nuclear capabilities in 2012, he was apparently correct when he insisted earlier this month that “Iran’s breakout time from start of deal will be near zero.” Today, Americans are learning that the administration knew Netanyahu was telling the truth about Iranian breakout times even as it was mocking him before an audience of the president’s sycophantic and naïve Twitter fans. As The Daily Beat’s Eli Lake wrote on Tuesday, Energy Secretary Ernest Moniz and a spokesman with the Director of National Intelligence’s office both confirmed that Iran could have the materials necessary to construct a fissionable device before the autumn.

“Here is the puzzling thing,” Lake wrote, “When Obama began his second term in 2013, he sang a different tune.”

He emphasized that Iran was more than a year away from a nuclear bomb, without mentioning that his intelligence community believed it was only two to three months away from making enough fuel for one, long considered the most challenging task in building a weapon. Today Obama emphasizes that Iran is only two to three months away from acquiring enough fuel for a bomb, creating a sense of urgency for his Iran agreement.

Back in 2013, when Congress was weighing new sanctions on Iran and Obama was pushing for more diplomacy, his interest was in tamping down that sense of urgency. On the eve of a visit to Israel, Obama told Israel’s Channel Two, “Right now, we think it would take over a year or so for Iran to actually develop a nuclear weapon, but obviously we don’t want to cut it too close.”

On Oct. 5 of that year, Obama contrasted the U.S. view of an Iranian breakout with that of Israel’s prime minister, Benjamin Netanyahu, who at the time said Iran was only six months away from nuclear capability. Obama told the Associated Press, “Our assessment continues to be a year or more away. And in fact, actually, our estimate is probably more conservative than the estimates of Israeli intelligence services.”

So, why mislead as this White House has misled when it invites an embarrassing rebuke like this? Because the lie is heard by all the right audiences, whereas the correction will languish in the obscure corners of the country where honesty remains a virtue.

Despite its mounting failures, the administration maintains its legitimacy by providing the smug and complacent reasons that justify their self-approbation. For many, the facts are fungible. So long as they believe in their hearts the president is brighter and more capable than his political opponents, no amount of demonstrable mendacity from the White House could shatter that belief. Even amid increasing evidence that this article of faith might not be true, the faithful will accept anything – even hastily constructed Twitter memes – so long as it affirms their creed.

“The trouble with our liberal friends is not that they’re ignorant,” Ronald Reagan said in a pivotal 1964 speech, “it’s just that they know so much that isn’t so.” And this White House hopes to keep it that way.

 

There is Spying, Espionage and Stupidity

Posted on by

The Virginia-based cyber security firm Mandiant recently released a report detailing one source of persistent cyber attacks, the Chinese People’s Liberation Army. Mandiant estimates that since 2006, a single Chinese army cyberattack unit has compromised “141 companies spanning 20 major industries, from information technology and telecommunications to aerospace and energy,” using a “well-defined attack methodology, honed over years and designed to steal large volumes of valuable intellectual property.”

Mandiant explains that once these hackers have infiltrated an organization’s system, they “periodically revisit the victim’s network … and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists”. On average, access to a victimized network is maintained for nearly a year.

Now for the Chinese human operatives….

State Dept. contractor allegedly paid by Chinese agent to spy on Americans – yet no charges filed 

Newly unsealed court documents obtained by Fox News show a State Department contractor allegedly was paid thousands by an individual thought to be a Chinese agent in exchange for information on Americans — but despite an FBI probe, the Justice Department declined to prosecute.

A November 2014 FBI affidavit, filed in the U.S. District Court for the District of Maryland, shows the bureau investigated the contractor for her admitted contact with individuals she believed to be Chinese intelligence officers.

The affidavit from agent Timothy S. Pappa states the translator, Xiaoming Gao, was paid “thousands of dollars to provide information on U.S. persons and a U.S. government employee.”

According to the documents, she admitted these meetings took place in hotel rooms in China for years, where she reported on her “social contacts” in the U.S. to an individual who went by the name of “Teacher Zhao.”

The detailed affidavit even goes on to say the translator briefly lived, “for free,” with a State Department employee — who held a top-secret clearance and designed high-security embassies, including the U.S. compound in Islamabad, Pakistan.

The State Department employee, who was not named, initially told the FBI he didn’t discuss his job with Gao, but later changed his statement.

According to the documents, Gao also told the FBI — during interviews in 2013 — that she once told “Teacher Zhao” about the travel plans of an American and ethnic Tibetan. This person told the FBI he ended up being interrogated by Chinese intelligence officers during a trip to Tibet, and a member of his family was imprisoned.

Yet the U.S. attorney’s office in Washington, D.C., which oversaw the case, recently declined to prosecute, allowing the documents to be unsealed. The office offered no further comment. The FBI also is saying nothing beyond the court documents that were filed to search a storage unit in suburban Washington, D.C.

On its face, a former senior Justice Department official said the decision not to prosecute is perplexing, because the case was unlikely to reveal investigative sources and methods.

“It’s not clear to me, based on the court files that were unsealed, how a prosecution of this person could possibly have compromised U.S. intelligence gathering,” Thomas Dupree, former deputy assistant attorney general under the George W. Bush administration, told Fox News. “If it jeopardizes or threatens to disrupt relations with another country, so be it. That you have to draw the line somewhere, and that we need to send a message that this sort of conduct and activity simply will not be tolerated.”

The State Department confirmed Xiaoming Gao worked for the Office of Language Services over a four-year period beginning in June 2010. This would have covered the tenures of former Secretary of State Hillary Clinton and sitting Secretary John Kerry.

“She was employed as a contract interpreter until February 2014, is not employed here anymore. And so any additional questions on this, I’d refer you to the FBI,” spokeswoman Marie Harf said.

When told the FBI was referring Fox News’ questions back to State, Harf responded: “I’m referring you back to them.”

The documents do not fully explain Gao’s side of the story.

Emails and phone calls to the consulting firm, which the translator listed on the web as her employer, have gone unanswered. Fox News extended an invitation to discuss the allegations. No attorney of record was filed with the court.

 

The Cyber-Threats to SCADA Increasing

Posted on by
Dell has reached out to this site with updated/corrected links for the item below:

Please refer to https://www.quest.com and https://www.quest.com/solutions/network-security/

What is SCADA? A computerized system that controls all national infrastructure. This includes water, power grids, transportation and supply chains.

In 2012:

The last “INTERNET SECURITY THREAT REPORT published by Symantec reports that in 2012, there were eighty-five public SCADA vulnerabilities, a massive decrease over the 129 vulnerabilities in 2011. Since the emergence of the Stuxnet worm in 2010, SCADA systems have attracted more attention from security researchers.

Today, 2015 there is a significantly more chilling condition.

 

A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems.

The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year. Unfortunately, the majority of incidents occurred in SCADA systems is not reported. The experts confirmed that in the majority of cases the APT are politically motivated.

“Attacks against SCADA systems are on the rise, and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries,” the researchers explained. “We saw worldwide SCADA attacks increase from 91,676 in January 2012 to 163,228 in January 2013, and 675,186 in January 2014.”

The countries with the greatest number of attacks are the Finland, the United Kingdom, and the United States, where online SCADA systems are widespread.

“In 2014, Dell saw 202,322 SCADA attacks in Finland, 69,656 in the UK, and 51,258 in the US” continues the report.

The experts noticed that buffer overflow is the vulnerability in SCADA system most exploited by hackers (25%), among other key attack methods there are the lack of input validation (9%) and Information Exposure (9%).

SCADA Attack methods Dell Report

 

Security experts speculate that the number of the attacks will continue to increase in the next years.

“This lack of information sharing combined with the vulnerability of industrial machinery due to its advanced age means that we can likely expect more SCADA attacks to occur in the coming months and years.” states the report.

 

The data published by Dell are aligned with the findings included in a report recently published by the ICS-CERT. The CERT responded to 245 incidents in Fiscal Year 2014, more than half of the incidents reported by asset owners and industry partners involved sophisticated APT.

Let’s closed with the suggestions provided by Dell experts to protect SCADA systems from attacks:

  • Make sure all software and systems are up to date. Too often with industrial companies, systems that are not used every day remain installed and untouched as long as they are not actively causing problems. However, should an employee one day connect that system to the Internet, it could become a threat vector for SCADA attacks.
  • Make sure your network only allows connections with approved IPs.
  • Follow operational best practices for limiting exposure, such as restricting USB ports if they aren’t necessary and ensuring Bluetooth is disabled.
  • In addition, reporting and sharing information about SCADA attacks can help ensure the industrial community as a whole is appropriately aware of emerging threats.

Iranian Hackers Eye U.S. Grid

Posted on by

iranhack4Cyber-savvy agents are stepping up their efforts to ID critical infrastructure that may compromise national security.

Iranian hackers are trying to identify computer systems that control infrastructure in the United States, such as the electrical grid, presumably with an eye towards damaging those systems, according to a new report from a cyber security firm and a think tank in Washington, D.C.

The researchers from Norse, a cyber security company, and the American Enterprise Institute, a conservative think tank that has been skeptical of the Iranian nuclear agreement, found that Iranian hacking against the U.S. is increasing and that the lifting of economic sanctions as part of an international agreement over Iran’s nuclear program “will dramatically increase the resources Iran can put toward expanding its cyberattack infrastructure.”

What’s more, the current sanctions regime, which has helped to depress Iran’s economy, has not blunted the expansion of its cyber spying and warfare capabilities, the researchers conclude.

The technical data underlying the report’s conclusions, while voluminous, aren’t definitive, and they don’t answer a central question of whether Iran intends to attack the U.S. Using data collected from a network of Norse “sensors” around the world made to look like vulnerable computers, the researchers tracked what they say is a dramatic escalation in spying and attacks on the U.S. from hackers in Iran, including within the Iranian military. The researchers also traced hacking back to a technical university in Iran, as well as other institutions either run or heavily influenced by the Iranian regime.

“Iran is emerging as a significant cyber threat to the U.S. and its allies,” the report’s authors say. “The size and sophistication of the nation’s hacking capabilities have grown markedly over the last few years, and Iran has already penetrated well-defended networks in the U.S. and Saudi Arabia and seized and destroyed sensitive data.”

That assessment tracks with the view of U.S. intelligence officials, who’ve been alarmed by how quickly Iran has developed the capability to wreak havoc in cyberspace. In 2012, officials say that Iranian hackers were responsible for erasing information from 30,000 computers at Saudi Aramco, the state-owned oil and gas production facility, as well as a denial-of-service attack that forced the websites of major U.S. banks to shut down under a deluge of electronic traffic. Earlier this year, Director of National Intelligence James Clapper said that Iran was responsible for an attack on the Sands casino company in 2014, in which intruders stole and destroyed data from the company’s computers.

The Norse and AEI researchers found that Iran’s cyber capabilities, which U.S. officials and experts say have been growing rapidly since around 2009, have accelerated in the past year. Attacks launched from Iranian Internet addresses rose 128 percent between January 2013 and mid-March 2015, the researchers found. And the number of individual Norse sensors “hit” by Iranian Internet addresses increased 229 percent. All told, the researchers conclude that hackers using Iranian Internet addresses have “expended their attack infrastructure more than fivefold over the course of just 13 months.”

There’s little debate about among U.S. officials and experts that Iran poses a credible and growing danger online. But the technical data underlying Norse and AEI’s conclusions came into question when the report was released on Thursday.

The researchers relied on “scans” of Norse sensors that may indicate some interest by an Iranian hacker, but don’t prove his intent or that he was planning to damage a particular computer.

 

“They talk about ‘attacks,’ but what they really mean are ‘scans,” which is more ambiguous, Robert M. Lee, a PhD candidate at King’s College London who is researching industrial control systems, told The Daily Beast. Industrial control systems are the computers that help run critical infrastructure.

Essentially, Iranian hackers are casing a neighborhood, but that doesn’t necessarily mean they’re going to rob houses. Lee, who is also an active duty Air Force cyber warfare operations officer, said he agreed with the report’s assessment that Iran is building up its cyber forces and poses a threat. But the underlying technical data in the report doesn’t directly support that claim, he said. “They reached the right conclusions but for the wrong reasons,” Lee said.

The researchers didn’t find that Iran had successfully penetrated any industrial control systems and caused machinery to break down.

While the report concludes that Iran will use the sanctions relief to fuel its growing cyber warfare program, other researchers have suggested that Iran is likely to back off its most aggressive operations—like those against the Saudi oil company and U.S. banks—and will instead focus on cyber espionage that doesn’t cause physical damage.

“They’ll be far more targeted and careful,” Stuart McClure, the CEO and president of cybersecurity company Cylance, told The Daily Beast in a recent interview. Since the U.S. and its international partners reached a tentative agreement with Iran on its nuclear program earlier this month, Cylance hasn’t tracked any attacks by an Iranian hacker group that it has been monitoring and documented in an earlier report (PDF).

But Norse’s conclusions are generally supported by Cylance’s research, which found that Iran had actually penetrated systems controlling a range of critical infrastructure in the U.S., including oil and gas, energy and utilities, transportation, airlines, airports, hospitals, telecommunications, and aerospace companies. The company’s report on those intrusions, which it said was based on two years of research, also didn’t attribute any failures of critical infrastructure to those Iranian intrusions.

“A lot of the work [the Iranians] were doing was quite sloppy, almost to the point that they wanted to get caught,” McClure said. He speculated that the Iranians may have been trying to send a signal to the U.S. and their partners in the nuclear negotiations that they were capable of inflicting harm if they didn’t get a favorable deal. “Coming to the table and knowing your adversary is in your house influences the negotiation.”

Iran still has a way to go to join the ranks of the cyber superpowers. Its “cyberwarfare capabilities do not yet seem to rival those of Russia in skill, or ofChina in scale,” the Norse and AEI report finds. There is still a relatively small community of high-end hackers in the country, and the regime hasn’t been able to build as robust a tech infrastructure for launching attacks as other nations whose capabilities are more advanced, the researchers found.

The report identifies the Iranian government as responsible for the malicious activity, concluding that the traffic originated from organizations “controlled or influenced by the government” or moved over equipment that is known to be monitored and manipulated by Iran’s security services.

That claim is also likely to raise objection from technical experts, who generally demand more precise evidence to attribute a cyber operation to a specific actor.

“We are emphatically not suggesting that all malicious traffic emanating from Iran is government initiated or government-approved,” the researchers said. However, they argue “that the typical standards of proof for attributing malicious traffic to a specific source are unnecessarily high” in this case, given that so much of the traffic they observed traversed systems either owned, controlled, or spied on by the Iranian government.

That’s ironic: Earlier this year, when Obama administration officials declared publicly that North Korea was responsible for hacking Sony Pictures Entertainment, Norse was one of the most prominent skeptics, arguing that the government was relying on imprecise technical data and leaping to conclusions.

Norse said its own research suggested that a group of six individuals, including at least one disgruntled ex-Sony employee, was behind the assault, which humiliated Sony executives and led to threats of terrorist attacks over the release of The Interview.

But that theory was undermined in January when FBI Director James Comey took the unusual step of publicly declassifying information that, he said, definitively linked North Korea to the attack. Current and former U.S. intelligence officials also told The Daily Beast that they’d been tracking the hackers behind the Sony operation long before it was ever launched.