Security researchers may have cracked the case—or at least dented it.
More than a year after the Sony Pictures Entertainment hack rocked Hollywood, new research suggests the attackers are still hustling.
In November 2014, a group called #GOP (Guardians of Peace) targeted Sony, and threatened to release “top secret” data if certain demands were not met.
The collective followed up by leaking some of Sony’s upcoming films, the Social Security numbers of employees and detailed contact information for actors, ongoing litigation and legal claims against the studio, “popularity polls” for A-list celebs, and other proprietary information.
Security experts pointed the finger at North Korea, citing possible retaliation over Sony’s film The Interview (pictured), which depicts a CIA plot to assassinate leader Kim Jong-Un.
Security researchers have been studying the attack for months, working to identify the person or people behind the devastating hack.
And it looks like they may have cracked the case, or at least dented it.
A Novetta-led team of industry partners calling themselves Operation Blockbuster connected the dots, finding clues that link more than 45 families of malware to the Lazarus Group—a reference to the biblical figure who comes back from the dead.
The hackers have been tied to malicious attacks as far back as 2009, including a 2013 campaign against South Korean TV stations and financial institutions,” the Washington Post reported.
And they’re still on the digital warpath: Operation Blockbuster claim to have evidence of campaigns targeting government, military, financial, media and entertainment, and critical infrastructure sectors in the U.S. and various Asian countries.
It remains unclear whether North Korea really is to blame. Novetta CEO Peter LaMontagne basically stopped short of accusing the country. “We believe the U.S. government assertion that [the Sony attack] was the work of a nation-state is far more likely than this being the work of a hacktivist group or a vindictive former employee,” he told the Post.