Though it took the FBI less than a month to declare that the 2014 Thanksgiving cyber attack against Sony was the work of the North Korean government in retaliation for Seth Rogen’s Kim Jong Un-spoofing flick The Interview, five years later many in Hollywood are dubious of that conclusion—including Rogen himself.
“The fact that [co-director Evan Goldberg and I] were never really specifically targeted always raised suspicions in my head,” Rogen tells The Hollywood Reporter in its investigation of the massive hack, in which thousands of executive emails, trade secrets, and five full-length features were made public by a mysterious group calling itself Guardians of Peace. In its wake, most of the studio’s top management was wiped out, and the FBI was swift in declaring it the work of North Korea. To this day, many of those affected don’t buy that story.
“I never believed it had anything to do with The Interview,” says former Sony Pictures Television head Steve Mosko, who had his entire email account made public by GoP.
In fact, although Rogen wrote, co-directed, and starred in the film, when he hired a cyber investigation team to examine his and Goldberg’s devices and accounts, they found no one had even attempted to breach them.
Other theories that have made the rounds include that the culprit was a disgruntled former employee targeting top brass, or that the wife of a former rival studio head helped a friend get a job at Sony, and that friend “turned out to be Russian honeypot who gave hackers entry into the system.” Still others “believe it was the work of Russian hackers hired by a Sony investor looking to profit from a post-hack stock collapse.”
In early 2015, after the leaks were supposedly contained, a Russian hacker and former FBI informant named Max Popov supplied researcher Jeffrey Carr with stolen Sony documents from both before and after the breach, which he said were given to him by a Russian cyber associate. Carr passed them on to the FBI.
“I said, ‘Look, before you jump on the North Korea bandwagon, I’m getting these documents from a Russian hacker who seems to have unlimited ability to pull more documents, even after Sony’s network was down,'” Carr recalls. “The FBI doesn’t give you a response. They say, ‘Oh, thanks for sharing this information with us,’ and that’s the last you hear about it.”
Former FBI agent E.J. Hilbert, who used Popov as a source for years, says, “It is very likely that Mr. Popov got his hands on it. He knows people.” As for who Popov knows, Hilbert says he never heard of him dealing with North Koreans. “With North Koreans, no. With Iranians and Russians, yes.”
Don’t expect Popov to clarify matters—according to Carr, he enlisted with the Ukrainian military and is deployed on the eastern front.
“The Sony attack was just so loud and so clownish,” Carr says. “There was nothing sophisticated about it. It’s not what you think about with a nation-state that has a military arm that does cyberattacks.”
Former News Corp. security chief Hemanshu Negam concurs: “North Korea would have needed someone on the ground—an almost impossible-to-imagine scenario that also contradicts the criminal complaint—in order to exfiltrate that much data […]without anyone noticing at Sony. From day one, I didn’t believe this had the hallmarks of a nation-state, and I still don’t. Pointing the finger at an enemy is the easy way out.”
Stay on top of the latest in L.A. food and culture. Sign up for our newsletters today.