In reality, there are several possibilities to consider:…
— This is the work of hackers who had no idea that there was a North Korean connection to Sony until they read about it in the media. Sony, after all, is a company that hackers have loved to hate for a decade. The most compelling evidence for this scenario is that the explicit North Korean connection—threats about the movie The Interview—were only made by the hackers after the media picked up on the possible links between the film release and the cyberattack. There is still the very real possibility that the hackers are in it just for the lulz, and that this international geopolitical angle simply makes the whole thing funnier.
— It could have been an insider—Sony’s Snowden—who orchestrated the breach. I doubt this theory, because an insider wouldn’t need all the hacker tools that were used. I’ve also seen speculation that the culprit was a disgruntled ex-employee. It’s possible, but that employee or ex-employee would have also had to possess the requisite hacking skills, which seems unlikely.
— The initial attack was not a North Korean government operation, but was co-opted by the government. There’s no reason to believe that the hackers who initially stole the information from Sony are the same ones who threatened the company over the movie. Maybe there are several attackers working independently. Maybe the independent North Korean hackers turned their work over to the government when the job got too big to handle. Maybe the North Koreans hacked the hackers.
Join the conversation as a VIP Member