Although U.S. officials initially blamed North Korea for the hack on Sony’s computers, a new report suggests it may actually have been Russian hackers who carried out the cyber-attack. Several private security researchers are now questioning President Obama’s accusation of North Korea.
Questions about Sony hack
The New York Times reports that the researchers are skeptical because of the way the government based its findings in the investigation into the Sony hack. U.S. officials promised a “proportional response” only hours before North Korea’s internet access disappeared. Some security researchers are now comparing the Obama administration’s claims about the Sony hack to the claims made by the Bush administration before the Iraq war.
The researchers said the government based its findings on evidence that it won’t release. Officials said they must “protect sensitive sources and methods.” Although U.S. officials have never actually said they’re doing so, The New York Times reports that the National Security Agency is trying to infiltrate North Korea’s computer networks.
Where did the Sony cyber-attack originate from?
It is extremely difficult to figure out where a cyber-attack is coming from, so U.S. officials have been hesitant to blame anyone except in rare situations. As a result, it’s suggested that there may be some kind of classified information regarding the Sony hack that’s “more conclusive” than the information the FBI has made public so far.
Security researchers want to see more proof though because they don’t feel comfortable just taking the government at its word. They’ve been sifting through the evidence in an effort to prove whether the finger really can be pointed at North Korea.
Clues about the Sony hack
Those who are skeptical about the government’s claims note that the computers used in the Sony hack are located all over the world. One of the computers located in Bolivia was used by the same group of hackers to infiltrate computers in South Korea, but anyone could use that computer because it was publicly available.
Additionally, the hackers who attacked Sony built their malware on computers that were apparently configured with settings in the Korean language. However, researchers say the hackers could have changed those settings to hide their identity.
Another clue they noted was that the hackers seem to have a strong understanding of Sony’s computer network because the names of the company’s servers and passwords were coded into the malware. The Daily Beast suggested that it could have been an inside job or conducted by a disgruntled former employee, and The New York Times report suggests this is possible as well.
Was it Russia?
The report also talks about yet another theory, which comes from cyber-security consulting firm Taia Global. The firm conducted computational linguistics and said based on the phrasing and translation errors in the online messages sent by the hackers, they could actually be native Russian speakers rather than Korean speakers.
Researchers from the firm now say Russia was a more likely culprit than North Korea. Others noted that the hackers only started saying the infiltration was in retaliation for Sony Pictures’ film The Interview, which is about North Korea’s leader, after the media floated the suggestion. This could suggest that the hackers saw an opportunity to further hide their identity and took it.