An independent investigation of the Sony hacking scandal has revealed what RadarOnline.com first reported: It was an inside job.
Cybersecurity firm Norse Corp has concluded that “Lena,” a woman formerly employed by the studio, was aided by five hackers spread out internationally to pull off last month’s massive security breach that saw executives embarrassed after revealing email leaks, and led to the studio’s swerving strategy regarding the release of the controversial comedy, The Interview.
A former worker in the Unites States with “extensive knowledge of the company’s network and operations” was at the helm of the operation, the security firm told The Security Ledger Sunday. The ex-employee was aided by hackers spread out from Canada to Thailand to Singapore, according to Norse.
The firm’s senior vice president, Kurt Stammberger, said all six individuals had “direct involvement in the hack,” noting that the former Sony worker is connected to the hacking group that claims credit for the breach, Guardians of Peace. Stammberger said “Lena” was laid off this past May after more than ten years of employment with the studio.
“This woman was in precisely the right position,” Stammberger told CBS News, “and had the deep technical background she would need to locate the specific servers that were compromised.”
As RadarOnline.com reported two weeks ago, a source said that the FBI was taking a long look at the company’s I.T. staff as the source of the damaging leak.
“Even though Guardians of Peace group has taken responsibility for breaking into Sony’s servers,” the insider said, “the FBI believes that the group had to have help from someone familiar with the infrastructure.”
The security firm conducted its investigation separate of ongoing probes by the FBI and the studio itself, and used human resources documents that spilled out in the leak as a chief source.
“When the FBI made this announcement, just a few days after the attack was made public, it raised eyebrows in the community because it’s hard to do that kind of an attribution that quickly -- it’s almost unheard of,” Stammberger told Bloomberg. “All the leads that we did turn up that had a Korean connection turned out to be dead ends.”