Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Escapist logo header image

Security Firm: Sony Pictures Hack was Inside Job, Not North Korea

This article is over 9 years old and may contain outdated information

Norse Security says its investigation points to six suspects, and no involvement by North Korea.

While the FBI maintains that North Korea is the prime suspect in the recent Sony Pictures computer network hack, a respected security firm monitoring the breach has come to radically different conclusion.

Norse is a security firm with offices in Silicon Valley, and St. Louis, and while the firm has not been retained by Sony in any way, it has nonetheless conducted its own independent investigation of the network breach. So far, Norse says it has connected six people around the world to the hack, including one former Sony Pictures employee that was laid off in May 2014.

Five of these suspects have been tied to specific locations — one in Canada, one in Singapore, one in Thailand, and two in the United States.

Norse used some of the publicly leaked data to conduct its investigation, including lists of SPE employees laid off in April and May 2014 during a company restructure. Operating under the premise that the hack was assisted by a current or former employee, Norse investigators found one laid off employee with deep technical background. Norse then tailed the suspect online, looking at social media posts, and IRC (Internet Chat Relay) chat communications made by the suspect. Monitoring IRC activity led to conversations between the suspect, and various hackers and hacktivist groups based in Europe and Asia.

As the Norse investigation is independent, the firm has shared its findings with the FBI, who met with the investigation team in Norse’s St. Louis offices. “They’re the investigators,” said Norse senior VP Kurt Stammberger to The Security Ledger. “We’re going to show them our data and where it points us. As far as whether it is proof that would stand up in a court of law? That’s not our job to determine, it is [the FBI’s].”

The theory set forth by Norse is the latest to challenge the FBI’s assertion that North Korea was behind the Sony Pictures hack. Others have pointed to evidence that key leaked data was possibly taken off the network via local storage (a flash drive or external hard drive), while linguistics experts say whoever was communicating on behalf of the involved hacker group (identified as Guardians of Peace, or GOP), is a native Russian speaker.

While North Korea is sure to remain in the FBI’s crosshairs, mounting evidence for alternate theories is becoming more difficult to ignore by the day.

Sources: Norse | The Security Ledger

Recommended Videos

The Escapist is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission.Ā Learn more about our Affiliate Policy
Author