In the run-up to what some expect to be significant news from the FBI director on the Sony cyber attack investigation, authorities continue to probe a series of threats directed at media organizations, according to law enforcement sources.
Federal investigators are still looking at a Tennessee man who claimed last week that he was behind a prank that sparked an FBI warning of a possible cyber attack on an American news media outlet, sources tell The Intercept. In a separate incident, FBI officials told The Intercept Tuesday that they are now investigating the hack of a CBS affiliate and the Albuquerque Journal newspaper; both organizations had their Twitter feeds hacked, and the CBS affiliate’s website was taken over by a group claiming allegiance to the Islamic State.
The news comes as multiple sources told The Intercept that FBI Director James Comey is expected Wednesday to reveal more details about how the FBI determined that North Korea was behind the Sony breach, and respond to a growing wave of public criticism by information security professionals who have questioned the FBI’s attribution to North Korea. Comey is scheduled to speak at the International Conference on Cyber Security at Fordham University.
As the FBI fends off criticism of its allegation against North Korea, the agency faces new questions stemming from a recent warning it distributed about possible cyber attacks on media organizations. An FBI and Department of Homeland Security report, dated Dec. 24 and obtained by The Intercept last week, warned that the hackers who infiltrated Sony Pictures Entertainment’s computer servers had threatened a subsequent attack on “a news media organization,” and that the threat “may extend to other such organizations in the near future.”
But David Allen Garrett Jr., a 30-old blogger from Knoxville, Tenn., says he believes he was the one who started the chatter about attacking a media organization. He says it was a joke that went viral and that he notified the FBI when media outlets began speculating that federal authorities were taking his online post as a serious threat against CNN.
Garrett’s claim—whether true or not—underscores how difficult attribution can be when it comes to online threats. And if, in fact, he was responsible for the CNN threat, his “prank” kicked off an FBI investigation that has been ongoing for weeks.
The bulletin specifically referenced a Dec. 20 post on the website pastebin, which the FBI said was made by Guardians of Peace, the group that claimed responsibility for the Sony breach. But Garrett says he wrote the pastebin posts as a joke, and he is not associated in any way with Guardians of Peace.
“I’d like to let you all know that it was a joke,” he says he wrote to the FBI after a journalist, Matthew Keys, found a Dec. 20 Pastebin post mentioning CNN that appeared to match the details of the threat referenced in the FBI bulletin. Garrett says he became concerned when Gawker picked up Keys’ story.
Garrett says the Pastebin post, modeled after an earlier one in which Guardians of Peace taunted the FBI, read: “The result of the investigation by CNN is so excellent that you might have seen what we were doing with your own eyes,” and “P.S.You have 24 hours to give us the wolf.”
“I always make fun of Wolf Blitzer just because, and I in no way intended this to become what it has,” Garrett told The Intercept.
He insists he is not a hacker and is not linked to anyone involved in the recent Sony attack. He says he asked the FBI to contact him with any questions, adding, “I’m sorry if I caused any confusion.”
Knoxville FBI agents appeared to be “mostly interested in what media I had talked to” before he’d spoken to the FBI. (Garrett had been responding to questions from numerous journalists on Twitter and had detailed email conversations with The Intercept.)
“It was just a joke. I didn’t think too much about it, but I did mention it on my personal Facebook so that in case something did happen, I could go back and show that it was a joke,” he wrote.
An FBI spokesman told The Intercept, “We do not have any new information to provide at this time on this topic. If that changes, however, I will certainly reach out.”
A spokesman for the Knoxville police department said it had not been informed of or involved in any aspect of the federal investigation, and that it had not been asked to run a records check on Garrett.
“I can understand looking into it, but taking it as serious and a threat is ridiculous,” Garrett said. “Maybe in this day and age we should be more vigilant, but come on, asking someone to hand over Wolf Blitzer is clearly a joke.”