A Silicon Valley research firm, Norse, alleges that the massive Sony hacks carried out last month may not have been the work of North Korea after all, but a disgruntled employee being called “Lena.” The general public was quick to jump on Pyonyang as the likely culprit when it was revealed that hackers known as the “Guardians of Peace” wanted to stop the release of The Interview. The FBI followed shortly after, confirming in an official statement that they believed North Korea to be behind the attacks.
Norse senior vice president Kurt Stammberger revealed some details that could turn the story upside-down to Gawker media over the phone yesterday, including information on the mysterious “Lena” herself and who she may have been working with.
“Lena” was an employee of ten years at Sony in Los Angeles, working in a “key technical” position at the company, and axed during the company’s brutal layoffs this past May. Even if she’d departed the company months before the attack, she would have remained “very well placed to know which servers to target,” and “where all the sensitive information in Sony was stored.” (A preliminary search of my own through leaked Sony data reveals no one by the name of Lena, though Stammberger says it could’ve been an alias—he also could not tell me how he arrived at that name, or the names of any other suspected hackers.)
He also went on to say that the group was brought together by a “mutual hatred of Sony,” who were likely also laid off during the same time as “Lena.”
Being that Stammberger either can’t, or won’t, reveal any more information about what his firm knows leaves his accusations at not much more than speculation to the general public. But according to Stammberger, his firm spent countless hours watching and following the Sony hacks in real time and collected gigabytes of data to come to their conclusions. This data was later shared with the FBI, but Stammberger promised not to reveal the evidence elsewhere, so we’re left without much solid evidence for ourselves.
At the time of this writing, the FBI is still publicly backing its initial claim that North Korea is behind the attacks, and that the hackers “used digital techniques to steal the credentials and passwords from a system administrator who had maximum access to Sony’s computer systems.”
Last Updated on November 27, 2018.