This article is from the source 'guardian' and was first published or seen
on .
It last changed over 40 days ago and won't be checked again for changes.
North Korea may have hired outside hackers for Sony attack, says US
Sorry - this page has been removed.
(3 months later)
US investigators believe that North Korea most likely hired hackers from outside the country to help with last month’s cyber-attack against Sony Pictures, an official close to the investigation has said.
This could be because it launched early, our rights have expired, there was a legal issue, or for another reason.
The official said that since North Korea lacked the capability to conduct some elements of the sophisticated campaign by itself, American investigators were looking at the possibility that Pyongyang “contracted out” some of the work.
The attack on Sony Pictures is regarded to be the most destructive against a company on US soil because the hackers not only stole huge quantities of data but also wiped hard drives and brought down much of the studio’s network for more than a week.
For further information, please contact:
While US officials investigate whether North Korea enlisted help from outside contractors, the FBI stood by its previous statement that Pyongyang was the prime author of the attack.
“The FBI has concluded the government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment,” it said in a statement.
North Korea has denied it was behind the attack and has vowed to hit back against any US retaliation.
The people who claimed responsibility for the hack have said on internet postings that they were incensed by the Sony Pictures film The Interview, a comedy about a fictional assassination of the North Korean leader, Kim Jong-un.
Because of the hackers’ threats, many US cinema chains refused to show the film. Last week Sony struck deals with 320 independent cinemas to distribute The Interview and also made the film available online.
Some private security experts have begun to question whether Pyongyang was behind the Sony cyber-attack at all. The consulting firm Taia Global said the results of a linguistic analysis of communications from the suspected hackers suggested they were more likely to come from Russia than North Korea. The cybersecurity firm Norse said it suspected a Sony insider might have helped launch the attack.
“I think the government acted prematurely in announcing unequivocally that it was North Korea before the investigation was complete,” said Mark Rasch, a former federal cybercrime prosecutor. “There are many theories about who did it and how they did it. The government has to be pursuing all of them.”
The FBI said its determination that North Korea was behind the hack was based on information from a variety of sources, including intelligence sources, the US Department of Homeland Security, foreign partners and the private sector. “There is no credible information to indicate that any other individual is responsible for this cyber incident,” the agency said.
Kevin Mandia, whose security firm was hired by Sony to investigate the attack, said the only way to know who the culprits were was to trace the network traffic from the infected machines back to the hackers’ machines. Only the government and internet service providers had that kind of visibility, he added.
“I don’t have the data that they have to come up with that conclusion,” Mandia, chief operating officer of FireEye Inc, said in a video interview with Reuters. “Every attack loops through numerous machines,” he said. “You have to peel that onion all the way back. It isn’t an easy thing to do.”
Mandia, who has supervised investigations into some of the world’s biggest cyber-attacks, said the Sony case was unprecedented. “Nobody expected when somebody breaks in to absolutely destroy all your data, or try to anyway, and that’s just something that no one else has seen,” he said.
