Researchers speculate that Sony hack was an inside job
Posted by: Timothy Weaver on 12/24/2014 11:07 AM
[
Comments
]
Security researchers are starting to speculate that the recent hack of Sony Pictures was perpetrated by an insider.
However, an executive at computer security firm Norse stated: "Sony was not just hacked, this is a company that was essentially nuked from the inside."
This week, Norse executive Kurt Stammberger claimed that his firm had identified a woman called "Lena" associated with the GOP who worked for Sony in Los Angeles for a decade before leaving the company last year.
Stammberger told CBS News: "This woman was in precisely the right position and had the deep technical background she would need to locate the specific servers that were compromised."
He added that "[t]here are certainly North Korean fingerprints on this but when we run all those leads to ground they turn out to be decoys or red herrings."
CloudFlare security researcher and Defcon head of security Marc Rogers argued: "Hard-coded paths and passwords in the malware make it clear that whoever wrote the code had extensive knowledge of Sony's internal architecture and access to key passwords. While it's (just) plausible that a North Korean elite cyber unit could have built up this knowledge over time and then used it to make the malware, Occam's razor suggests the simpler explanation of a pissed-off insider."
However, an executive at computer security firm Norse stated: "Sony was not just hacked, this is a company that was essentially nuked from the inside."
This week, Norse executive Kurt Stammberger claimed that his firm had identified a woman called "Lena" associated with the GOP who worked for Sony in Los Angeles for a decade before leaving the company last year.
Stammberger told CBS News: "This woman was in precisely the right position and had the deep technical background she would need to locate the specific servers that were compromised."
He added that "[t]here are certainly North Korean fingerprints on this but when we run all those leads to ground they turn out to be decoys or red herrings."
CloudFlare security researcher and Defcon head of security Marc Rogers argued: "Hard-coded paths and passwords in the malware make it clear that whoever wrote the code had extensive knowledge of Sony's internal architecture and access to key passwords. While it's (just) plausible that a North Korean elite cyber unit could have built up this knowledge over time and then used it to make the malware, Occam's razor suggests the simpler explanation of a pissed-off insider."
Comments
