Sony pictures hackers connected to breaches in China, India, Japan

The perpetrators of the 2014 cyber attack on Sony photos amusement were now not activists or disgruntled personnel, and in all likelihood had attacked different goals in China, India, Japan and Taiwan, in line with a coalition of protection groups that together investigated the Sony case for more than a yr.

The coalition, prepared by security analytics employer Novetta, concluded in a file launched on Wednesday that the hackers were government-backed but it stopped brief of endorsing the reputable U.S. view that North Korea turned into to blame.

The Obama management has tied the attack on Sony Corp's (6758.T) movie studio to its launch of "The Interview," a comedy that depicted the fictional assassination of North Korean chief Kim Jong Un.

Novetta said the breach "become now not the paintings of insiders or hacktivists." 

"That is very a good deal supportive of the idea that that is countryside," Novetta leader executive Peter LaMontagne advised Reuters. "This group was more lively, going farther lower back, and had extra talents and attain than we thought."

Novetta worked with the most important U.S. protection software seller Symantec Corp (SYMC.O), top Russian protection firm Kaspersky Lab and as a minimum 10 other institutions on the investigation, an extraordinary collaboration involving so many agencies.

They decided that the unidentified hackers were at paintings considering at the least 2009, 5 years earlier than the Sony breach. The hackers were able to attain lots of their dreams despite modest abilities due to the inherent problem in setting up an inclusive cyber safety defense, the Novetta institution stated.

LaMontagne stated the report turned into the primary to tie the Sony hack to breaches at South Korean facilities consisting of a power plant. The FBI and others had formerly stated the Sony attackers reused code that were utilized in detrimental attacks on South Korean goals in 2013. 

The Novetta group said the hackers had been likely additionally answerable for denial-of-service attacks that disrupted U.S. and South Korean websites on July 24, 2009. The group stated it found overlaps in code, tactics and infrastructure between the attacks.

Symantec researcher Val Saengphaibul stated his enterprise connected the hackers to attacks overdue final 12 months, suggesting the exposure of the Sony breach and the risk of retaliation via the usa had not silenced the group.

The coalition of protection groups disbursed technical indicators to assist others decide in the event that they have been targeted through the identical hackers, which Novetta dubbed the Lazarus institution.