Expert: Fired employee may have been behind Sony hack

An executive with the security firm Norse said researchers there have a suspect in the Sony Pictures hack -- a former employee fired in a reorganization.

By Frances Burns
Expert: Fired employee may have been behind Sony hack
A security expert argues that the hacking of Sony Pictures was the work of a former employee angry over being fired. The FBI blamed the hack on the North Korean government, calling it a reprisal for the movie "The Interview." UPI/Jim Ruymen | License Photo

WASHINGTON, Dec. 30 (UPI) -- A former employee angry over being fired may have organized the hacking of Sony Pictures' computer network, a security expert says.

The FBI has blamed the government of North Korea, allegedly as reprisal for the movie The Interview. The movie depicts a talk show host and producer who score an interview with North Korean leader Kim Jong Un and are then recruited by the CIA to assassinate him.


But Kurt Stammberger, a senior vice president with the security firm Norse, told the Security Ledger researchers there believe the hacking was an inside job. Stammberger said the team has even identified one possible perpetrator, a woman who worked for Sony for 10 years before losing her job in a recent reorganization.

The woman has a "very technical background" and has posted angry messages online, Stammberger said. He said a total of at least six people appear to have been involved in the hacking, with the others including two in the United States and others in Canada, Singapore and Thailand.

RELATED North Korea sets up task force to block 'The Interview'

Norse had a meeting Monday with the FBI.

"They're the investigators," Stammberger said. "We're going to show them our data and where it points us. As far as whether it is proof that would stand up in a court of law? That's not our job to determine, it is theirs."


The FBI said that IP addresses involved in the hack were North Korean and the software involved has been used by that country in other cyberattacks. Scott Petry, a security analyst with Authentic8, said those are not definitive proof of North Korean involvement.

RELATED 'The Interview' makes over $15 million in online sales, pirated as much as paid for

"The fact that data was relayed through IPs associated with North Korea is not a smoking gun," Petry told National Public Radio. "There are products today that will route traffic through IP addresses around the world."

Mark Rasch of Rasch Technology and Cyberlaw said the technical details of the hack point away from North Korea -- as does the information that was released. He told Security Ledger the perpetrator appears to have a sophisticated knowledge of the movie industry and of what information would be most damaging to Sony if it became public.

RELATED North Korea's Internet back online

RELATED New Sony leak shows the next James Bond could be Idris Elba

RELATED Amy Pascal and Scott Rudin apologize after Sony hack exposes racial comments regarding Obama

Latest Headlines


Follow Us