Rumors that North Korea had a hand in a crippling cyber attack against Sony Entertainment’s (NYSE: SNE) computer network appear to be coming true as new evidence shows that Korean-language code found in the malware’s compiler as well as metadata.
According to reports, investigators from an external organization as well as Sony’s own internal security team have found Korean-language code within the source code of the malware. In addition, the language settings on the computer that compiled the code were Korean. Research firm Alienvault has also discovered that the code was compiled in late November, just days before the attack on Sony took place.
Ron Gula, chief executive officer for Tenable Network Security, was quoted by Bloomberg as saying that the attack had similar fingerprints to one that targeted South Korean banks and broadcasters in 2013. This attack is credited to a North Korean aligned group called “DarkSeoul”.
According to analysis, it appears that the attackers already had a login for Sony’s network when they delivered their payload.
In the aftermath of the attack, a number of Sony’s unreleased films hit the web. Reports say that Sony’s internal computer network is virtually crippled as well.
A spokesperson for North Korea is quoted in the press as saying that the country had nothing to do with the cyber attack, claiming the regime would “would follow international norms banning hacking and piracy.”
