Russian hackers have been quietly removing data from Sony Pictures’ networks for the last few months, security firm Taia Global said in a report released Wednesday.

“Sony Pictures Entertainment remains in a state of breach and is actively losing files to Russian mercenary hackers,” the report concluded.

{mosads}That could mean one of two things, Taia said. Either the Russians and the North Koreans were running separate yet simultaneous attacks against the film studio, or Pyongyang was not behind the Sony hack, as the U.S. government has alleged.

“Regardless of which possibility is correct, the attribution made in the Sony case failed to differentiate or even acknowledge that more than one state or non-state actor was involved,” said the report.

The government has boldly stood behind its accusation that North Korea ordered the digital hit on Sony Pictures in retaliation for the studio’s comedy “The Interview,” which depicts the assassination of North Korean leader Kim Jong Un.

The cyberattack has kept the studio’s networks offline since November, exposed troves of internal documents and emails and nearly caused the company to axe “The Interview” altogether.

Immediately after the government made its accusation in December, the security community lashed back, calling the evidence unconvincing and and arguing their data pointed toward different conclusions.

Many supported the theory that ex-Sony employees and hackers from several countries had coordinated the digital hit.

While the back-and-forth has mostly died down, Taia thinks evidence it received from a Ukraine-based hacker “proves that Russian hackers also breached Sony.”

The hacker apparently received Sony documents from Russian infiltrators as late as Jan. 14 and Jan. 23, long after the North Koreans were thought to have been kicked out. The documents provided were not part of the original hackers’ Sony data dump, and Taia said it was able to confirm the authenticity of the documents with employees.

“It became apparent that [Russian hackers] had ongoing access to Sony’s network despite the numerous companies and agencies involved in investigating the breach,” Taia said.

Taia calls its Ukraine hacker source “trusted,” although the origins of the evidence is sure to raise some doubts about the company’s conclusions.

The North Korean regime has repeatedly denied its involvement in the attack, inviting the U.S. to conduct a joint investigation into the incident.

The U.S. refused, and in late December imposed a new round of economic sanctions against the country as part of its promised proportional response for the cyberattack.


The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.

See all Hill.TV See all Video

Most Popular

Load more


See all Video