Sony hackingCyber whodunnit: North Korea prime suspect but there are many potential culprits

By Alan Woodward

Published 16 December 2014

Many suspect North Korea to be behind the attack on Sony Pictures. North Korea quite possibly has motive, means, and opportunity to carry out this attack on Sony, but as with any successful prosecution, that isn’t enough. We need evidence. We will have to wait for the detailed forensic work to complete before we stand a realistic chance of knowing for certain. That may or may not be forthcoming, but in the meantime we should consider what this event tells us about the balance of power in cyberspace. In a world in which major disruption can be caused with scant resources and little skill, all enemies are a threat. North Korea might be the rogue state that everyone loves to hate but there are plenty of others who could have done it. There is no longer a tiered approach of superpowers fighting proxy wars in smaller, developing nations. Now those developing nations can fight back, and you might not even know it was them.

The recent cyberattack on Sony Pictures was so extensive there were notices placed on the entrance doors telling staff not to log in to the company’s network when they reached their desks.

Sony’s entire network had to be taken down as the film company tried to deal with a sustained attack by hackers threatening to release sensitive documents to the public unless a ransom was paid. Since then, files and ripped films have appeared online.

The clear-up continues and Sony has employed a leading U.S. cyber-security company to seek out the smoking gun. Meanwhile, speculation is rife as to who was responsible. Conspiracy theories have been fuelled by the FBI, which issued a flash alert, warning that cyber-attackers were launching malware that could destroy whole networks and result in total data loss.

At the moment, any accusations about who carried out the Sony attack are pure speculation. Like a good crime novel, people are combining motive, means and opportunity to identify the culprit.

That’s how they’ve landed on North Korea. Its motive is rage about a forthcoming Sony film “The Interview,” which parodies Kim Jung Un. North Korea has already said it considers the release of the film to be an act of war. The national government has also apparently written to the UN secretary-general, Ban Ki-moon, to express its annoyance about the film and has refused to comment when asked if the attack was launched from its shores. All this has been sufficient to convince some people of North Korea’s guilt.

But let’s just take a step back for a moment. Is there really no one else that could have a motive for this attack? What about a competitor? Hiring hacks as a service has become a growing trend and many cyber-criminals even advertise online, offering to do some form of cyber-damage to your commercial competition for the right price. And what about criminals hunting for content they can then pirate? Copyright theft is one of the fastest-growing crimes online — and the financial gains for the criminals are enormous.

Then comes means. Could North Korea really launch such a sophisticated attack? The short answer is yes. We don’t know for certain but it is indeed possible that it has the capability. The Internet has levelled the playing field when it comes to crime and warfare. You no longer need an army, just a relatively small group of skilled people and some