Dec 29, 2016

There's also an independent investigation called "Operation Blockbuster", detailed results here: https://www.operationblockbuster.com/wp-content/uploads/2016...

That report does not specifically attribute the Sony hacks to a particular nation-state. It does demonstrate the hack was not the result of a disgruntled employee, but rather an APT group the report refers to as "The Lazarus Group."

In the interests of full disclosure, I worked with the people involved in that operation.

Jul 27, 2016

The attribution of the DNC hack to a Russian APT group has some backing from security professionals. Crowd Strike, based on analysis of the malware used, came to this conclusion (https://www.crowdstrike.com/blog/bears-midst-intrusion-democ...). This conclusion has been corroborated by Fidelis (http://www.threatgeek.com/2016/06/dnc_update.html) and Threat Connect (https://www.threatconnect.com/tapping-into-democratic-nation...). It's early days, but the evidence is there.

FYI, the Sony hack was very likely not committed by an insider (https://www.operationblockbuster.com/wp-content/uploads/2016...). DISCLAIMER: I worked with the team who did operation blockbuster.