A growing number of web security experts are casting doubt on the theory that North Korea was behind the hacking attack that crippled Sony Pictures’ computers and possibly leaked unreleased movies online.
Speculation has been rampant that the hardline communist state sponsored last week’s hack in anger over the new Sony film The Interview, in which Seth Rogen and James Franco play television journalists assigned by the CIA to assassinate North Korean leader Kim Jong Un.
But cyber-security expert Lucas Zaichkowsky said: “State-sponsored attackers don’t create cool names for themselves like Guardians of Peace and promote their activity to the public.”
He said the details he has seen point instead to “hacktivists”, who break into computers to make a political point, often one involving the free exchange of information on the internet. Hacktivists have targeted Sony in the past.
The Interview comes out at Christmas and over the summer, North Korea warned that the release of the comedy would be an “act of war that we will never tolerate” and the US would face “merciless” retaliation.
FBI spokesman Joshua Campbell would not comment on whether North Korea or another country was behind the attack. The FBI is investigating.
It would be unusual if North Korea was behind the breach, said Darren Hayes, director of cyber-security at Pace University’s computer science school.
“However, there are numerous hackers for hire” in some of the shadowy corners of the internet, he said. “If Kim Jong Un has developed his own rank-and-file cyber-attack unit, with sophisticated capabilities, then we should be very concerned.”
Sony Pictures has not said how the hackers breached its system. But such attacks often start with “phishing” attempts, a compromised website or a malicious insider, said cyber-security researcher Craig Young at Tripwire, a security software company that works with such businesses as Visa, Mastercard, Walmart and Starbucks.