"This Joint Intelligence Bulletin (JIB) is intended to provide information on the late-November 2014 cyber intrusion targeting USPER1 and related threats concerning the planned release of the movie, 'The Interview.' Additionally. these threats have extended to USPER2—a news media organization—and may extend to other such organizations in the near future. This JIB is intended to support the activities of the FBI and DHS to assist federal, state and local government, cyber, counterterrorism, and law enforcement officials, first responders, and private sector security partners in effectively deterring, preventing, preempting, or responding to cyber and terrorist attacks against the United States."https://firstlook.org/...
Sony is “USPER1”and the news organization is “USPER2,”
Kurt Stammberger, a senior vice president with cybersecurity firm Norse, echoed many… statements in a separate interview, and said that given the severity of the hack it had to have been an inside job.
That’s not all either, as he says their research seems to be pointing them towards a woman named Lena who even claims be a member of Guardians of Peace.
Darn that internet - angry folks in the US can collude with angry folks in Russia to screw with North Koreans.
Security Ledger reports that Norse investigated a Sony employee known only as "Lena," viewing messages that she posted on social media and group chats. She worked at Sony for over a decade, performing an IT role with a "very technical background."
The messages posted online by Lena suggest that she was angry with Sony Pictures, as she complained about layoffs and the company, chatting online with hackers and "hacktivist" campaigners with knowledge of hacking.
Even more evidence suggests that an insider may have used a USB stick or hard drive to steal data from Sony's servers and that the messages posted by the Guardians of Peace hacker group originate from Russia, not North Korea.
http://www.businessinsider.com/...
All we need now is disinformation that Snowden is advising GoP...
But for every clue that seems to point to the involvement of the DPRK, there are others that point in other directions, as well. For example, recent analysis has focused on date and time stamps attached to the leaked Sony data. Researchers have used those time stamps to infer the speed with which the data was transferred off Sony’s network. Reports have suggested that the timestamp data points to a data leak within Sony’s enterprise network, for example: to a USB device or external hard drive.
Other analysis studied clues buried in statements made by the shadowy hacking crew, the Guardians of Peace or GOP, who claimed responsibility for the attacks. Email addresses and other ephemera from the GOP communications with Sony and the outside world have been read to reveal links to everything from Japanese anime and the Mighty Morphin Power Rangers television show to U.S. domestic disputes over politics and gender equality. Further, linguistic analysis of GOP’s online communications suggests they were penned by someone who is a native Russian speaker, not a native Korean (or English) speaker.
But the Norse account of the hack does answer some puzzling questions about the incident that are as yet unexplained, according to Mark Rasch, a former federal prosecutor and a principal at Rasch Technology and Cyberlaw. Among those questions: how hackers were able to obtain near-perfect knowledge of Sony Pictures’ network and, then, sneak terabytes of data off of the network without arousing notice.
“It has always been suspicious that it was North Korea,” Rasch said. “Not impossible – but doubtful…It made a lot more sense that it was insiders pretending to be North Korea.” https://securityledger.com/...