North Korea Hacked Sony? Don’t Believe It, Experts Say
Many computer-security experts are doubt the validity of the claim that North Korea is behind the Sony Pictures Entertainment hack, citing a lack of strong evidence and the possibility of alternate scenarios.
“There’s no direct, hard evidence that implicates North Korea,” Sean Sullivan, a security researcher at Finnish security firm F-Secure, told Tom’s Guide. “There is evidence of extortion (the Nov. 21 email [to Sony executives which demanded money]) and the hackers only mentioned [the movie] The Interview after it was brought up in the press, which they then used to their advantage.”
“Is North Korea responsible for the Sony breach?” wrote Jeffrey Carr, founder and CEO of Seattle cybersecurity consulting firm Taia Global. “I can’t imagine a more unlikely scenario.”
Rather than an international incident of “cyberwar,” the Sony hack looks like an inside job, several skeptics say.
“My money is on a disgruntled (possibly ex) employee of Sony,” Marc W. Rogers, a security researcher at San Francisco-based Web-traffic optimizer CloudFlare, wrote on his personal blog. “Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down.”
For the most part, the doubters are undeterred by newspaper and television reports yesterday (Dec. 17) that a U.S. government agency, so far unnamed, would present its evidence for a North Korean connection today (Dec. 18). Kim Zetter, a longtime security reporter for Wired, posted a piece picking apart the Pyongyang hypothesis just before the leaks broke, yet continued to stand by her story.
“At risk of launching another Tweet storm, I’ll point out that intel[ligence] sources also claimed Brazilian blackouts were caused by hacker extortion,” Zetter tweeted yesterday, referring to a since-debunked allegation that was aired on CBS News’ “60 Minutes” a few years ago.
Skeptics pointed out that the hackers seem very familiar both with Sony Pictures’ internal network and with American news media — two things that would be unlikely in hackers operating from North Korea.