FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator — another example of the continuing whodunit blame game around the devastating attack.
Even the unprecedented decision to release details of an ongoing FBI investigation and President Barack Obama publicly blaming the hermit authoritarian regime hasn’t quieted a chorus of well-qualified skeptics who say the evidence just doesn’t add up.
Researchers from the cyber intelligence company Norse have said their own investigation into the data on the Sony attack doesn’t point to North Korea at all and instead indicates some combination of a disgruntled employee and hackers for piracy groups is at fault.
The FBI says it is standing by its conclusions, but the security community says they’ve been open and receptive to help from the private sector throughout the Sony investigation.
Norse, one of the world’s leading cyber intelligence firms, has been researching the hack since it was made public just before Thanksgiving.
Norse’s senior vice president of market development said that just the quickness of the FBI’s conclusion that North Korea was responsible was a red flag.
“When the FBI made the announcement so soon after the initial hack was unveiled, everyone in the [cyber] intelligence community kind of raised their eyebrows at it, because it’s really hard to pin this on anyone within days of the attack,” Kurt Stammberger said in an interview as his company briefed FBI investigators Monday afternoon.