US investigators are considering multiple suspects, including North Korea, in their investigation into a cyber attack on Sony Pictures Entertainment that knocked out the company’s computer systems for over a week, according to a US national security official with knowledge of the investigation.
The official, who asked to remain anonymous, told Reuters on Tuesday that the forensic investigation is in its early stages, and that no clear suspects have emerged.
But the official said multiple suspects are being assessed, including the North Korean government, other nations and private parties.
The hack, which was launched Nov. 24, caused Sony Pictures Entertainment to shut down its internal computer network. Employees had to resort to using paper and pen to conduct their business.
Spokesmen with the FBI and Department of Homeland Security, which are investigating the breach, declined to comment.
Representatives with the Sony Corp California-based entertainment unit have declined to comment on the extent of the breach or discuss who they suspect is behind the attack.
The technology news site Re/code reported Nov. 28 that Sony was investigating whether hackers working on behalf of the North Korean government were responsible for the attack as retribution for the company’s backing of the film “The Interview.”
The movie, which is due to be released in the United States and Canada on Decmber 25, is a comedy about a CIA plot to assassinate North Korean leader Kim Jong Un. Pyongyang denounced the film as “an act of war” in a letter to UN Secretary-General Ban Ki-moon in June.
The FBI warned US businesses on Monday that hackers have used malicious software to launch a destructive cyberattack in the United States, in a private report that cybersecurity experts say described the malicious software used in the Sony attack.
The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea.