GettySony Pictures CEO Michael LyntonNew evidence emerging in the Sony Pictures cyberattack suggests that the hackers may have been far closer to home than North Korea.
Yesterday news broke that a security firm working with the FBI has come up with a list of six people who may have been closely involved with the hack. One of the individuals investigated by the security also happens to be a disgruntled former Sony employee.
Security company Norse used HR documents leaked as part of the hack to narrow down a list of people that may have been involved. It seems that they were looking for a list of people who were fired from the company between April and May 2014.
Security Ledger reports that Norse investigated a Sony employee known only as "Lena," viewing messages that she posted on social media and group chats. She worked at Sony for over a decade, performing an IT role with a "very technical background."
The messages posted online by Lena suggest that she was angry with Sony Pictures, as she complained about layoffs and the company, chatting online with hackers and "hacktivist" campaigners with knowledge of hacking.
Even more evidence suggests that an insider may have used a USB stick or hard drive to steal data from Sony's servers, and that the messages posted by the Guardians of Peace hacker group originate from Russia, not North Korea.
A former federal prosecutor has also cast doubt on the FBI's claim that North Korea was involved with the Sony hack. Mark Rasch says that the FBI's claim that North Korea was behind the hack is "doubtful," saying that the attack seemed to be carried out by someone with close knowledge of how Hollywood works, leaking only data that was embarrassing to Sony executives.
Many security researchers have been doubtful over the FBI's claim since the agency announced it was blaming North Korea for the Sony hack on December 19. The official government claim is that hackers affiliated with North Korea carried out the attack in retaliation for Sony releasing the movie 'The Interview.'