New Evidence in Sony Hack Suggests an Insider Influence
Written by Editor
Nigerian Guardian
NEW evidence emerging in the Sony Pictures cyberattack suggests that the hackers may have been far closer to home than North Korea.
News broke Monday that a security firm working with the FBI has come up with a list of six people who may have been closely involved with the hack. One of the individuals investigated by the firm also happens to be a disgruntled former Sony employee.
According to Business Insider, the security company Norse used HR documents leaked as part of the hack to narrow down a list of people who may have been involved. It seems the company was looking for a list of people who were fired from Sony between April and May 2014.
Security Ledger reports that Norse investigated a Sony employee known only as “Lena,” viewing messages that she posted on social media and group chats. She worked at Sony for over a decade, performing an IT role with a “very technical background.”
The messages posted online by Lena suggest that she was angry with Sony Pictures, as she complained about layoffs and the company, chatting online with hackers and “hacktivist” campaigners with knowledge of hacking.
Even more evidence suggests that an insider may have used a USB stick or hard drive to steal data from Sony’s servers and that the messages posted by the Guardians of Peace hacker group originate from Russia, not North Korea.
A former federal prosecutor has also cast doubt on the FBI’s assertion that North Korea was involved with the Sony hack. Mark Rasch of Rasch Technology and Cyberlaw says the claim that North Korea was behind the hack is “doubtful” and that the attack seemed to be carried out by someone with close knowledge of how Hollywood works, leaking only data that was embarrassing to Sony executives.
Many security researchers have been doubtful over the FBI’s assertion since the agency announced on Dec. 19 that it was blaming North Korea for the Sony hack. The official US government position is that hackers affiliated with North Korea carried out the attack in retaliation for Sony’s releasing the movie “The Interview.”
Meanwhile, US banks may have embarked upon a hacking campaign of their own, allegedly disabling servers used by Iran in a series of 2012 cyberattacks.
Bloomberg is reporting that the FBI is investigating whether US financial institutions have started fighting back against hackers.
US Rep. Michael McCaul (R-Texas) has described the state of cyberattacks as “kind of a Wild West right now,” remarking that US companies have been launching cyberattacks without government permission.
It’s reported that JPMorgan Chase proposed to the FBI that the bank work from offshore locations to disable the servers used to launch denial of service attacks against its website. But attendees of the meeting dismissed the idea over concerns of its legality.
Despite ruling out the proposed hack, Bloomberg reports that US investigators found that a third party had carried out the attack after all. Now the FBI is investigating whether US companies broke the law in ordering the hack against the Iranian servers.
Sony Pictures, the movie studio targeted by hackers, allegedly used Amazon Web Services to try to disrupt people downloading the files leaked as part of the hack.
Korean People's Army in Pyongyang. |
Nigerian Guardian
NEW evidence emerging in the Sony Pictures cyberattack suggests that the hackers may have been far closer to home than North Korea.
News broke Monday that a security firm working with the FBI has come up with a list of six people who may have been closely involved with the hack. One of the individuals investigated by the firm also happens to be a disgruntled former Sony employee.
According to Business Insider, the security company Norse used HR documents leaked as part of the hack to narrow down a list of people who may have been involved. It seems the company was looking for a list of people who were fired from Sony between April and May 2014.
Security Ledger reports that Norse investigated a Sony employee known only as “Lena,” viewing messages that she posted on social media and group chats. She worked at Sony for over a decade, performing an IT role with a “very technical background.”
The messages posted online by Lena suggest that she was angry with Sony Pictures, as she complained about layoffs and the company, chatting online with hackers and “hacktivist” campaigners with knowledge of hacking.
Even more evidence suggests that an insider may have used a USB stick or hard drive to steal data from Sony’s servers and that the messages posted by the Guardians of Peace hacker group originate from Russia, not North Korea.
A former federal prosecutor has also cast doubt on the FBI’s assertion that North Korea was involved with the Sony hack. Mark Rasch of Rasch Technology and Cyberlaw says the claim that North Korea was behind the hack is “doubtful” and that the attack seemed to be carried out by someone with close knowledge of how Hollywood works, leaking only data that was embarrassing to Sony executives.
Many security researchers have been doubtful over the FBI’s assertion since the agency announced on Dec. 19 that it was blaming North Korea for the Sony hack. The official US government position is that hackers affiliated with North Korea carried out the attack in retaliation for Sony’s releasing the movie “The Interview.”
Meanwhile, US banks may have embarked upon a hacking campaign of their own, allegedly disabling servers used by Iran in a series of 2012 cyberattacks.
Bloomberg is reporting that the FBI is investigating whether US financial institutions have started fighting back against hackers.
US Rep. Michael McCaul (R-Texas) has described the state of cyberattacks as “kind of a Wild West right now,” remarking that US companies have been launching cyberattacks without government permission.
It’s reported that JPMorgan Chase proposed to the FBI that the bank work from offshore locations to disable the servers used to launch denial of service attacks against its website. But attendees of the meeting dismissed the idea over concerns of its legality.
Despite ruling out the proposed hack, Bloomberg reports that US investigators found that a third party had carried out the attack after all. Now the FBI is investigating whether US companies broke the law in ordering the hack against the Iranian servers.
Sony Pictures, the movie studio targeted by hackers, allegedly used Amazon Web Services to try to disrupt people downloading the files leaked as part of the hack.
No comments:
Post a Comment