Amid growing speculation by some cybersecurity experts that North Korea might not have been behind the hacking of Sony Pictures Entertainment, the Federal Bureau of Investigation on Monday dismissed the possibility that anyone else was to blame.
“There is no credible information to indicate that any other individual is responsible for this cyber incident,” the FBI said in a statement.
The agency stood by its conclusion that the North Korean government was behind the devastating attack on Sony, which resulted in the release of reams of sensitive data and personal emails.
When hackers threatened terrorist attacks on theaters that would show the movie “The Interview,” Sony’s planned Christmas release, the media giant halted the release of the comedy, which portrays a fictional plot to assassinate North Korean dictator Kim Jong Un.
The company then endured a wave of criticism for appearing to give in to the threats. President Barack Obama weighed in, suggesting that he wished Sony had talked to him first. The studio later reversed itself, announcing that the film would be available in a limited number of theaters and streaming online. It earned $18 million its opening weekend.
The FBI has said it can’t release all the evidence against North Korea because doing so would compromise sensitive sources. But the bureau’s statement Monday cited intelligence from the FBI, the U.S. intelligence community, the Department of Homeland Security, foreign partners and the private sector.
“The FBI is committed to identifying and pursuing those responsible for this act and bringing them to justice,” the statement said.
While the FBI’s investigation is ongoing, numerous cybersecurity professionals have raised doubts about North Korea’s role, instead suggesting the hack was an inside job. North Korea has denied involvement.
Marc Rogers, the principal security researcher for CloudFlare, a mobile security company, for example, wrote in The Daily Beast last week that the hack was “far more likely to be the work of one disgruntled employee facing a pink slip” than of an elite group of North Korean hackers. He pointed out that paths and passwords in the malware indicate that whoever wrote the code “had extensive knowledge of Sony’s internal architecture and access to key passwords.”
Given that Sony was planning layoffs, he wrote, “you don’t have to stretch the imagination too far to consider that a disgruntled Sony employee might be at the heart of it all.”
Rogers and other skeptical security experts argue that the FBI’s claim that the same piece of malware used in the Sony hack had been used by North Korea previously isn’t convincing because that malware has been leaked. They also point out that the hackers didn’t initially mention “The Interview” in their demands to Sony, and that focus on the movie might have been an attempt at misdirection.
The cybersecurity company Norse has publicized its own research tracing the hacking of Sony to six people, including at least one former Sony employee who was angry about being fired earlier this year. Norse executives contend that person allegedly had ties to the Guardians of Peace hackers group, which claimed responsibility for attacking Sony.
Kurt Stammberger, a Norse senior vice president, told The Security Ledger website that his company would brief the FBI on the theory Monday.
Asked about Norse’s theory, however, the FBI didn’t answer directly.
“No further information can be provided at this time,” the FBI statement said.