Everyone is familiar with the basic narrative of the Sony Pictures hack now. North Korea, furious at the upcoming release of “The Interview” starring Seth Rogen, hacked Sony Pictures and threatened them until they pulled the movie.
Everyone “knows” that, especially the FBI, but it’s not what happened. The narrative was manufactured largely after the fact, with an eye toward pinning the hack on North Korea. The evidence shows something different entirely.
The infiltration went on for months before the hackers crashed the Sony Pictures systems, and knew a remarkable lot about the internal workings of their corporate networks. The early statements from the hackers made no mention of North Korea, or “The Interview.”
Indeed, it was only after the US started mentioning that as a possibility, and media outlets started speculating about it, that the hackers latched on to the North Korea excuse and started mentioning any problem with the movie.
Early on, Sony’s own security was seeing the incident as a probable inside job, with a disgruntled former employee almost certainly involved in laying the groundwork for the attack.
Sony only abandoned the “insider” theory after the FBI started pushing the idea of North Korea being responsible, and the movie being the instigating factor. This was convenient for Sony, since it deflected attention from their own internal security failings by making it some huge nation-state attack they couldn’t possibly be expected to withstand.
The FBI, having raised the possibility of North Korea being responsible and under growing pressure to blame somebody, declared their wild guess to be proven fact, something which satisfied everybody, and set the stage for threats of US retaliation against people who, in all likelihood, had nothing to do with the hack.