Home / / Sony quiet on ransomware culprit as reports continue to name N Korea

Sony quiet on ransomware culprit as reports continue to name N Korea

FBI, Mandiant still hunt for clues, 10 days after network outage

Ransomware, Cyber crime, FireEye Incorporated (www.fireeye.com)

Sony Pictures has yet to name a culprit for the crippling ransomware attack that downed its servers 10 days ago, even as a report emerged it was about to name North Korea.

The US FBI and FireEye's forensics unit, Mandiant, continue to investigate the breach, which reportedly resulted not only in a prolonged network outage, but also in the theft of intellectual property and employee data.

Investigators previously confirmed that some of the software used by the attackers bore characteristics suggesting a Korean origin, and Reuters reported that hacking tools had been found that are similar to those used by North Korea in the past to attack South Korea.

Tech site Re/code yesterday claimed that Sony was ready to name North Korea as the perpetrator, but Reuters reported that, when quizzed about the report, a Sony spokesperson said no such announcement was planned.

The 24 November attack on Sony Corp's US media division occurred one month before it was due to release "The Interview", a comedy portraying two journalists recruited by the CIA to assassinate North Korea's leader Kim Jong-Un. Pyonyang showed its disapproval in a letter, sent in June to UN secretary-general Ban Ki-moon, in which it denounced the film as "undisguised sponsoring of terrorism, as well as an act of war".