Dec 29, 2016

There's also an independent investigation called "Operation Blockbuster", detailed results here:

That report does not specifically attribute the Sony hacks to a particular nation-state. It does demonstrate the hack was not the result of a disgruntled employee, but rather an APT group the report refers to as "The Lazarus Group."

In the interests of full disclosure, I worked with the people involved in that operation.

Jul 27, 2016

The attribution of the DNC hack to a Russian APT group has some backing from security professionals. Crowd Strike, based on analysis of the malware used, came to this conclusion ( This conclusion has been corroborated by Fidelis ( and Threat Connect ( It's early days, but the evidence is there.

FYI, the Sony hack was very likely not committed by an insider ( DISCLAIMER: I worked with the team who did operation blockbuster.