Did North Korea hire outside hackers for Sony attack?

North Korea denies responsibility and some believe the hack was done by former Sony employees

Technology trends and news by Steven Loeb
December 30, 2014
Short URL:

Not to diminish the hacker attacks, but the ever-evolving story about who's behind them has become a soap opera.

For most of us, the story is likely over by now. Sony reversed its decision and released The Interview, ensuring that millions of us could watch it, and now we can all go back to our lives, content that we did our part to aid in the fight for freedom of expression. 

For the government, though, this story is just beginning since there is still the little matter of who, exactly, was behind the massive hacking that hit Sony last month. Even after all this time, the answer remains surprisingly muddled. 

Most of the finger pointing so far has been at North Korea, for obvious reasons. Both President Obama and the FBI have pinpointed the country as the main culprit behind these cyber attacks, even if the global perception was that of an underdeveloped country, likely without the capabilities to pull something like this off.

Now comes word that the government suspects what we all likely did: that North Korea may have had some help. Investigators now believe that the country likely hired hackers from outside the country to help pull off the attack, an unnamed government official told Reuters on Monday.  The source said that North Korea does not have the capabilities to do something this sophisticated, and that investigators are looking into whether or not Pyongyang "contracted out" the work. 

No possible collaborators were named, nor was it specified if the government believes the work was shopped out to hacking groups or to other countries. 

Apparently, though, the FBI is not entertaining the same thoughts, telling Reuters that it still believes that North Korea was entirely responsible for the hacking, saying in a statement, "The FBI has concluded the Government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment.”

North Korea has denied that it had any role in the hacking of Sony, of course, even going so far as to propose that it enter into a joint investigation with the United States to find the real hackers. The country even, as it often does, threatened violence if that proposal wasn't accepted, warning of "grave consequences."

Then there are those who are convinced that North Korea is actually telling the truth, and that the hacking was actually the work of one or more disgruntled employees.

The evidence presented by the FBI is not credible, said Marc Rogers, the director of security operations for hacker conference DEF CON, as well as the principal security researcher for Cloudflare, wrote in an op-ed for the Daily Beast last week.

For example, the government is basing their claims on malware that was found that resembled some similar malware that was previously attributed to North Korea, but the source code for  that had leaked and could have been used by anyone, said Rogers. 

He also poked holes in the government pointing to IP addresses as a piece of evidence.

"Note to the FBI: Just because a system with a particular IP address was used for cybercrime doesn’t mean that from now on every time you see that IP address you can link it to cybercrime," he wrote. "Plus, while sometimes IPs can be “permanent”, at other times IPs last just a few seconds."

Rogers also pulled out the old conspiracy theory line: that this was all a way to get us to give up more of our freedoms.

"You don’t need to be a conspiracy theorist to see that blaming North Korea is quite convenient for the FBI and the current U.S. administration. It’s the perfect excuse to push through whatever new, strong, cyber-laws they feel are appropriate, safe in the knowledge that an outraged public is fairly likely to support them," he wrote.

There is one thing that is 100% clear right now: this hack exposed pretty big holes and vulnerabilities in our systems, which could be exploited pretty easily by someone who knew what they were doing. Finding out who did it should be the easy part. The hard part will be making sure this never happens again.

(Image source:

Related news