Was It North Korea?
By now, we are all familiar with the attribution problems inherent in cyberspace. Notwithstanding, I have been provisionally willing to accept the FBI's assertion of North Korean responsibility for the Sony hack, if only because I assumed that it was premised on significant classified information to which we were not privy and that neither the FBI nor any other agency would be willing to make such a pub
Published by The Lawfare Institute
in Cooperation With
By now, we are all familiar with the attribution problems inherent in cyberspace. Notwithstanding, I have been provisionally willing to accept the FBI's assertion of North Korean responsibility for the Sony hack, if only because I assumed that it was premised on significant classified information to which we were not privy and that neither the FBI nor any other agency would be willing to make such a public accusation unless it's evidence was pretty close to rock solid, given the potential for embarrassment and blow back if they were proven to have been in error. Those factors still lead me to believe the FBI has it right ... But it is worth considering the opposing view. This collection of information and links from Fabius Maximus [HT: Spaf] has overtones of conspiracy theory to it, but it nonetheless presents a fairly significant compilation of reasonably responsible commentary that is worth reviewing.
All of which emphasizes two other points: First, in the post-Watergate/post-Snowden world the USG can no longer simply say "trust us." Not with the US public and not with other countries. Though the skepticism may not be warranted it is real. Second, you can't be a little bit exposed -- if the USG is going to speak to the issue at all it has to release information that persuades. Otherwise it should stand silent and act (or not) as it sees fit without trying to justify it's actions. That silence will come at a significant cost, of course -- in even greater skepticism. But if the judgement is to disclose, then it must be more fulsome, with all the attendant costs of that as well.
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.