More skepticism arises on source of Sony cyberhack
As CBS News reported last week, cybersecurity experts are questioning whether or not North Korea was actually behind the cyberattack of Sony Pictures.
Now the skepticism is getting stronger about the U.S. government's original theory of where the hacks came from.
The FBI was briefed Monday by a security firm who believe the signs point to former Sony employees as responsible for the hacking. The briefing was first reported by Politico and later confirmed by CBS News Monday night.
Researchers with Norse, a cybersecurity firm say their information points to both hackers working with a piracy group and a laid-off, disgruntled worker.
That's the same version that Norse gave CBS News' Ben Tracy in a story reported Dec. 23.
The skepticism from experts comes despite the FBI publicly blaming North Korea for the massive attack. North Korea has denied having anything to do with the hack, which crippled the movie company, and caused it to at least temporarily cancel the release of the film "The Interview," a comedy about two reporters sent to assassinate North Korean leader Kim Jong-Un.
Evidence had shown hackers directed by North Korea's cyber unit used aggressive "data-wiping" malware to steal Sony's corporate secrets and then erase the company's computer files.
But Kurt Stammberger, a senior vice president with Norse, which is not involved in the Sony case but is conducting its own probe, told CBS News in a story last Tuesday that data they found disputed earlier findings of the FBI that the cyberattacks originated in North Korea.
"We are very confident that this was not an attack master-minded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history," said Stammberger.
His company's information pointed toward a woman calling herself "Lena," claiming to be a member of the hacking group "Guardians of Peace." Norse believe the woman worked for Sony for 10 years before leaving the company in May.
However, according to Reuters, investigators in the United States believe Pyongyang hired hackers who came from outside of the country to be part of the attack on Sony Pictures. An official said to be close to the investigation said North Korea does not have the capabilities needed to carry out such an elaborate hacking scheme, so it had to bring in outsiders to do its dirty work.
U.S. officials are continuing to investigate the possibility of an outsider role in the cyberattack, but the FBI is continuing to stand by its position that North Korea was responsible.
"The FBI has concluded the Government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment," the agency said in a statement to Reuters.
However, others believe the United States moved too fast before all the facts were in.
"I think the government acted prematurely in announcing unequivocally that it was North Korea before the investigation was complete," said Mark Rasch, a former federal cybercrimes prosecutor told Reuters. "There are many theories about who did it and how they did it. The government has to be pursuing all of them."