Sony hack could have been work of disgruntled ex-employee: report
US cyber-sec firm floats alternate theory as experts question FBI’s N Korea findings
A US-based cyber-security research company claims that last month's cyber-attack on Sony Pictures Entertainment could have been the work of a disgruntled ex-employee and five co-conspirators, despite the FBI's insistence that the crippling raid was organised by the North Korean government.
According to tech site Security Ledger, digital protection specialist, Norse, has conducted its own investigation into the 22 November attack on Sony's US film studio. Norse says it has uncovered evidence that six individuals took part in the cyber-heist that disabled Sony Pictures' network for more than a week and included the theft of as much as 100 terabytes of data. At least one of the attackers is thought to be an ex-employee of Sony Pictures, fired during a restructuring in May after 10 years of service. The employee had worked in a technical role, according to Norse, and had inside knowledge of the company's network architecture.
The Security Ledger said Kurt Stammberger, a senior vice president at Norse, claimed his company identified the team responsible for the attack. While two are based in the US, another lives in Canada, one in Singapore and one in Thailand.
Norse's investigation was conducted by concentrating on individuals that might have had a grudge against Sony. After discovering the technically inclined ex-employee, Norse said it was able to access IRC (Internet Relay Chat, a secure form of Web-based communication favoured by the hacking community) forums and other sites where the individual communicated with hacktivist groups in Europe and Asia. It is not clear if one of these groups was Guardians of Peace.
Continues on next page>>