As U.S. officials accused North Korea of the unprecedented cyber attack on Sony Pictures today, hackers hoping to learn from the attack – either to prevent or to commit future ones – continued to pour over the digital trail of the incident.
The FBI says it has gathered evidence which links the incident to the regime of North Korea's Kim Jong-un. The agency today cited technical similarities between the Sony hacking and past "malicious cyber activity" linked directly to North Korea.
"North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior," the FBI said in a statement.
While government investigators are examining the cyber attack, which stole a trove of emails and corporate secrets such as financial data from Sony's film studio, to figure out who's to blame, hackers are looking to see what can be learned, according to Chris Wysopal of the security firm Veracode, who has been monitoring hacker chatter.
Wysopal says hackers are trying to answer a number of questions: "What worked? How did you get in? How did you move around? How did you exfiltrate data? What had value?"
Hackers want to know which digital tools were used so they can adopt those tools, says Wysopal, adding that he's been hearing from worried chief information security officers.
"They're definitely concerned. This shows that there's attackers out there, and that they are ready to go out there for blood," Wysopal says.
"The hacker mindset is often to outdo others," and the Sony hack set a new standard, says Gabriella Coleman of McGill University who has written a book on hackers. "In this case, I do think it will compel some hackers to do something similar and perhaps even more audacious," Coleman says.
She expects there'll be more hacks aimed at sabotage, not just the leaking of information.