CULVER CITY (CBSLA.com/AP) — A cyber attack on the computer system at Sony Pictures could be an inside job and not the work of a foreign country, according to reports.
Some cybersecurity experts downplayed initial suggestions that North Korea was behind last week’s hack that crippled Sony Pictures’ computers and possibly leaked unreleased movies online.
Speculation has been rampant that the hard-line communist state was behind the attack over the new Sony movie “The Interview,” in which Seth Rogen and James Franco play television journalists assigned by the CIA to assassinate North Korean leader Kim Jong Un.
Over the summer, North Korea warned that the release of the comedy “The Interview” would be an “act of war that we will never tolerate.” It said the U.S. will face “merciless” retaliation.
Sources told CBS News the malware code is written in Korean, and North Korean hackers have used a similar cyber weapon before in a 2013 attack on banks and broadcasters in South Korea.
FBI spokesman Joshua Campbell would not comment Tuesday on whether North Korea or another country was behind the attack. The FBI is investigating.
But as the Hollywood Reporter’s Matthew Belloni told KNX 1070 NEWSRADIO, more insiders now suspect that a current or former disgruntled employee at the Culver City-based studio was behind the leak.
Belloni said the breach is potentially very damaging to Sony because rivals now have company secrets like salaries and reasons why people were fired.
“I don’t think this is something were, at least not yet, people are saying they were negligent, but I know that all around Hollywood everyone else is looking at their own security protocols saying whether it’s enough,” he said.
Sony Pictures hasn’t said how the hackers breached its system. But such attacks often start with “phishing” attempts, a compromised website or a malicious insider, said cybersecurity researcher Craig Young at Tripwire, a security software company that works with such businesses as Visa, Mastercard, Walmart and Starbucks.
Given that the hackers were apparently able to obtain unreleased movies as well as personnel records, Social Security numbers, passport photos, technical documents and other material, Young said it is unlikely they used just a single point of access.
“It’s much more likely that attackers were able to exploit a series of vulnerabilities, misconfigurations and poor network architecture to continuously increase their level of access over time,” he said.
The increased dependence on cloud technology by nearly all major businesses to store their information has made them more vulnerable, said Carson Sweet, CEO of data-protection firm CloudPassage.
Sony workers last week logged on to see a message on their computer screens that said “Hacked by (hash)GOP,” which may be the initials of a group calling itself Guardians of Peace, according to Variety.
Some unreleased Sony movies such as “Still Alice,” “Annie,” “Mr. Turner” and “To Write Love on Her Arms” were later distributed online, along with the still-in-theaters “Fury,” though a direct connection to the hacking hasn’t been confirmed.
(TM and © Copyright 2014 CBS Local Media, a division of CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2014 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.)