Maybe the ronery midget nutbag who runs the world’s worst country is not guilty after all:
FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator — another example of the continuing whodunnit blame game around the devastating attack.
Even the unprecedented decision to release details of an ongoing FBI investigation and President Barack Obama publicly blaming the hermit authoritarian regime hasn’t quieted a chorus of well-qualified skeptics who say the evidence just doesn’t add up.
Researchers from the cyber intelligence company Norse have said their own investigation into the data on the Sony attack doesn’t point to North Korea at all and instead indicates some combination of a disgruntled employee and hackers for piracy groups is at fault.
Out front on this aspect of the story has been Charles C. Johnson’s website, which now claims to have identified a “person of interest” in the hack. Meanwhile, the FBI is standing by its conclusions, but:
Security expert Bruce Schneier called the evidence “circumstantial at best” and considered a number of other possible explanations. CloudFlare principal researcher and DefCon official Marc Rogers wrote that the FBI’s indicators seem to rely on malware that is widely available for purchase and IP addresses easily hijacked by any bad guy. Errata Security’s Robert Graham also noted the hacker underground shares plenty of code, calling the FBI’s evidence “nonsense.”
So who done it? Was it an inside job?