Was Sony Pictures Breach an Insider Job?

For all the warnings from security consultants about insider threats, Sony may be learning this painful lesson first-hand. A security researcher at Norse Corp. is reporting that at least one ex-employee could have helped hackers carry out a cyberattack on Sony Pictures Entertainment. That means maybe it wasn't North Korea after all.

EUAn investigation into the massive breach at Sony has focused on a group of at least six individuals that may have worked to compromise the companyEUs networks, including at least one ex-employee who had the technical background and system knowledge to carry out the attack,EU Anthony Freed, senior editor of publications at Norse, said in a blog post.

Norse plans to offer the FBI a full brief on the status of its investigation this week, according to Freed. Where the FBI takes it from there remains to be seen, but Freed noted that his companyEUs research casts further doubt on the FBIEUs assertion that the Sony attack was carried out by state-sponsored actors under the control of North Korea.

FBI Stands Firm

Earlier this month, the FBI pointed the finger of blame for the Sony cyberattack directly at North Korea. In collaboration with other U.S. government departments and agencies, the FBI said it had enough evidence to conclude that the Communist nation was responsible for the attack.

The hackers compromised Sony Pictures' computer systems, stole data and intellectual property, and initially caused the movie giant to can its new comic film, "The Interview." The Sony-produced comedy starring Seth Rogen and James Franco, was thought to be the likely cause of the cyberattack. The movie depicts a fictional plot to assassinate North Korean dictator Kim Jong-un. Ultimately, Sony released the film online on December 24 and in some U.S. theaters on Christmas day.

The FBI cited a technical analysis of the data deletion malware...

Comments are closed.