The United States is close to publicly blaming North Korea for the Sony cyberbreach. Could North Korea really pull off something like this when it can barely keep the lights on? A former American hacker who also attacked Sony is raising doubts, CBS News' Elaine Quijano reports.
Working under the code name Sabu, Hector Monsegur was responsible for some of the most notorious hacks ever committed. As he told "CBS This Morning" co-host Charlie Rose earlier this month, Monsegur began cooperating with the FBI after getting caught. He now works as a security researcher.
"For something like this to happen, it had to happen over a long period of time. You cannot just exfiltrate one terabyte or 100 terabytes of data in a matter of weeks," Monsegur said. "It's not possible. It would have taken months, maybe even years, to exfiltrate something like 100 terabytes of data without anyone noticing."
Administration officials believe North Korea was behind the hack.
"It could be. In my personal opinion, it's not," Monsegur said. "Look at the bandwidth going into North Korea. I mean, the pipelines, the pipes going in, handling data, they only have one major ISP across their entire nation. That kind of information flowing at one time would have shut down North Korean Internet completely."
Monsegur is confident they don't have the infrastructure to carry out this kind of attack.
"They don't have the technical capabilities," he said. "They do have state-sponsored hackers very similar to China, very similar to Russia and very similar to our good old USA."
However, former CIA deputy director Mike Morell said Thursday on "CBS This Morning" that North Korea has "significant cyber capabilities."
"They use them quite frequently against South Korea," Morell said. "For a backward state that might be a little surprising but they also have a nuclear weapon. So they're capable of achieving things when they focus on them."
Monsegur said there's also a chance the hack could have originated from China.
"I mean, it's possible," he said. "It might be a North Korean inside China."
Some of the investigators point to malware written in Korean, but Monsegur said that doesn't necessarily mean the hackers are Korean.
"Well, it doesn't tell me much. I've seen Russian hackers pretending to be Indian. I've seen Ukrainian hackers pretending to be Peruvian.There's hackers that pretend they're little girls. They do this for misinformation, disinformation, covering their tracks," he said. "Do you really think a bunch of nerds from North Korea are going to fly to New York and start blowing up movie theaters? No. It's not realistic. It's not about 'The interview.' It's about money. It's a professional job."
Monsegur thinks it's also possible this was an inside job, that an employee or consultant downloaded all the information from Sony's servers and then sold it to someone else.