Experts doubt N Korea hacked Sony

But cyber-security expert Lucas Zaichkowsky said: “State-sponsored attackers don’t create cool names for themselves like Guardians of Peace and promote their activity to the public.”

He said the details he has seen point instead to “hacktivists”, who break into computers to make a political point, often one involving the free exchange of information on the internet. Hacktivists have targeted Sony in the past.

The Interview comes out at Christmas and over the summer, North Korea warned that the release of the comedy would be an “act of war that we will never tolerate” and the US would face “merciless” retaliation.

FBI spokesman Joshua Campbell would not comment on whether North Korea or another country was behind the attack. The FBI is investigating.

It would be unusual if North Korea was behind the breach, said Darren Hayes, director of cyber-security at Pace University’s computer science school.

“However, there are numerous hackers for hire” in some of the shadowy corners of the internet, he said. “If Kim Jong Un has developed his own rank-and-file cyber-attack unit, with sophisticated capabilities, then we should be very concerned.”

Sony Pictures has not said how the hackers breached its system. But such attacks often start with “phishing” attempts, a compromised website or a malicious insider, said cyber-security researcher Craig Young at Tripwire, a security software company that works with such businesses as Visa, Mastercard, Walmart and Starbucks.

Given that the hackers were apparently able to obtain unreleased movies as well as personnel records, social security numbers, passport photos, technical documents and other material, Young said it is unlikely they used just a single point of access.

“It’s much more likely that attackers were able to exploit a series of vulnerabilities, mis-configurations and poor network architecture to continuously increase their level of access over time,” Mr Young said.

A security expert who was part of the South Korean government’s investigation into March 2013 cyber-attacks blamed on North Korea said there was not enough evidence to point the finger at the North for the Sony incident even though there were similarities.

The unnamed expert said that when South Korean authorities concluded that Pyongyang was behind the attacks that paralysed servers at financial institutions and media companies, they had not just malicious computer code but also IP addresses and other evidence.

“We cannot rule out the possibility that some other groups have imitated” North Korea’s cyber-attacks, he said.

The increased dependence on cloud technology by nearly all major businesses to store their information has made them more vulnerable, said Carson Sweet, CEO of data-protection firm CloudPassage.

Sony workers last week logged on to see a message on their computer screens that said “Hacked by £GOP”, which may be the initials of a group calling itself Guardians of Peace, according to Variety.

Some unreleased Sony movies such as Still Alice, ’Annie, ’Mr Turner and To Write Love on Her Arms were later distributed online, along with the still-in-cinemas Fury, though a direct connection to the hacking has not been confirmed.

Sony Pictures, based in Culver City, California, said on Monday that it was still dealing with the effects of the cyber-attack and was working closely with law enforcement authorities

Sony has brought in forensic experts from the Mandiant division of FireEye, a Silicon Valley cyber-security company, according to a person familiar with the case.

Mandiant helps companies determine the extent of breaches and repair the damage. It has worked on other high-profile computer break-ins, including the one at Target last year.