Sony Hack: FBI Stands by Conclusion That North Korea Was Behind Attack

Sony Pictures Entertainment Studio Gate
Christopher Polk/Getty Images

With a major security firm casting doubt on whether the massive hacking attack on Sony Pictures Entertainment was carried out by North Korea, the FBI and the White House are standing by their assessment that the attack was a state-sponsored hit.

“There is no credible information to indicate that any other individual is responsible for this cyber-incident,” an FBI spokesman said in a statement on Tuesday. “The FBI is committed to identifying and pursuing those responsible for this act and bringing them to justice. While it remains an ongoing investigation, no further information can be provided at this time.”

A spokesman for the White House’s National Security Council said, “The administration stands by the FBI assessment.”

In recent days, the security firm Norse Corp. unveiled its assessment of the attack in which it raised the possibility that a former SPE employee with the technical background and knowledge helped carry out the attack, along with at least five others described as pro-piracy “hacktivists,” according to a Norse company blog post.

Norse officials met on Monday with the FBI to present their findings, according to CNN.

On Dec. 19, the bureau announced its conclusion that North Korea was responsible for the hacking attack. The FBI cited, among other things, links between the malware used in the attack to “other malware that the FBI knows North Korean actors previously developed.”

Since then, some cyber-security professionals have raised doubts about that assessment, in part because of the speed with which SPE’s network was breached, and because the release of information seemed to have an awareness of internal studio and Hollywood politics. Moreover, the initial messages in the attack made no mention of the movie “The Interview,” the movie cited as the source of North Korea’s motive for targeting the studio.

Norse cited an unidentified former employee, noting “angry posts she made on social media about the layoffs and Sony,” and her links to hacking groups in Europe and Asia, according to Security Ledger. One of the individuals was linked to a server with an early version of the malware used in the attack.

Norse officials said that it was up to federal authorities to follow through on their findings.

“As far as whether it is proof that would stand up in a court of law? That’s not our job to determine, it is theirs,” Kurt Stammberger, senior VP at Norse, told Security Ledger.

But the FBI spokesman reiterated that the bureau “has concluded the government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment. Attribution to North Korea is based on intelligence from the FBI, the U.S. intelligence community, DHS, foreign partners and the private sector.”