North Korea not behind the Sony attacks?


Oh, this could be embarrassing. It seems Norse Security, discussed in a previous post, has found evidence that the extensive cyber attacks on Sony Pictures Entertainment were instigated by one or more disgruntled former Sony employees.

From The Security Ledger:

Kurt Stammberger, a Senior Vice President at Norse, said that his company identified six individuals with direct involvement in the hack, including two based in the U.S., one in Canada, one in Singapore and one in Thailand. The six include one former Sony employee, a ten-year veteran of the company who was laid off in May as part of a company-wide restructuring.

Stammberger said that Norse’s team of around nine researchers started from the premise that insiders would be the best situated to carry out an attack on the company and steal data. The company analyzed human resources documents leaked in the hack and began researching employees with a likely motive and means to carry out a hack.

One would hope the US government did not accuse the North Korean government of conducting the Sony attacks without irrefutable evidence. Yet, time and again, the private sector has proven more adept than the government at understanding, using, and exploiting computers and the Internet.

The Norse story certainly sounds plausible, doesn’t it?

CNN and other outlets were reporting similar possibilities two days ago.

10 thoughts on “North Korea not behind the Sony attacks?

  1. Good grief PT, that does sound plausible. But who can say what the truth is when the issue is so complex and confusing? My response, more and more these days, is a little like:

    1. That never crossed my mind, but there certainly does seem to be a lot of confusion about who’s responsible, who did what first, and who’s ultimately accountable. An angry ex employee … with Lizard Squad connections … which in turn was associated with the GOP and North Korean government … and all of them with motive of one kind or another.

  2. Who knows? I never heard the government say it was N Korea, only that the hack came out of N Korea. A true hacker has access to the underground internet which gives them all sorts of ability not available to your typical user. If it wasn’t N Korea themselves, the hack could have been routed thru the country thus giving the impression it was N Korea.

    I don’t know if I buy the story about a disgruntled employee. This seems pretty extravagant and requires some very skilled people. I think the media is partially making up this stuff as it goes since the public is eating it alive.

    In regards to N Korea’s internet going down, I don’t believe for one second we did that. It’s way too obvious and childish – even for the buffoons that help run our country. That was another “highly skilled” person, or most likely, group of people who just wanted to stir up some trouble. For hackers, it’s all a game. Most don’t care about what they find, they just want to be able to break through the security. But there was definitely some vengeance going on here. Who or why remains to be seen, if we ever find out.

    1. I think both Obama and the FBI said it was North Korea. And the disgruntled employee(s) story came from several different cyber security firms who started their investigations in the Sony HR department (see the linked stories). I agree we didn’t do anything as unsophisticated as take their Internet down for 6 hours or whatever it was. I suspect they have outages all the time, and everything they have comes through China. So lots of opportunity for hackers to mess with them.

    1. One of the stories I read mentioned a specific former female employer. Norse spoke generally of 5 or 6 former employees. Sorry I missed the “60 Minutes” coverage.

  3. Not that anyone had any particular reason to beseech A DRUM ROLL my reasoning; but I coulda told anyone at the time “N. Korea had nothing to do with it. It’s Orwellian boogeyman bullshit.”

... and that's my two cents