Sony Pictures refuses to blame North Korea for devastating attack

Sony Pictures has refused to identify North Korea as the origin of a devastating cyber-attack against the studio's internal systems which saw personal and financial information about its employees stolen and distributed online.

Earlier reports on Wednesday suggested Sony was going to name North Korea as the source of the attack, but in a statement to the AFP press agency, Sony said those reports were "not accurate" and that "the investigation continues into this very sophisticated cyberattack."

Sony Picture did confirm the validity of a memo which was sent to employees of the studio on Wednesday, and which was published by Variety.

The memo comes from the Michael Lynton and Amy Pascal, who head up Sony Pictures, who say they are "deeply saddened" by what they call a "brazen" attack.

It is now apparent that a large amount of confidential Sony Pictures Entertainment data has been stolen by the cyber attackers, including personnel information and business documents. The privacy and security of our employees are of real concern to us, and we are deeply saddened at this concerted effort to do damage to our company, undermine our morale, and discourage us.

Lynton and Pascal then go on to say that employees should assume that their personal information is compromised and says it will offer those affected identity protection services with third-party service provider, AllClear ID.

However the employees details are already being traded online, with huge global databases of Sony Pictures employees being made freely available on torrent sharing websites this week.

The hackers have also release five of Sony Pictures' latest movies onto torrent sites, including the yet-to-be-released Annie and the recently release Brad Pitt film Fury.

Iran-North Korea cooperation

For the last week, there has been rising speculating that the hackers behind the devastating hack on Sony Pictures were working on behalf of North Korea - but some evidence suggests that the hackers could in fact be linked to Iran.

The Washington Post, quoting sources within the investigation reported that the malware used was similar to that used in attacks in South Korea but also in the Middle East, and specifically against Saudi Aramco, the world's largest oil company, which knocked 30,000 computers offline.

That attack, which took place in 2012, has been linked to a group of Iranian state-sponsored hackers which were set up in the wake of the Stuxnet attack against a nuclear enrichment facility in Natanz.

This week the same Iranian group were revealed to be carrying out an on-going and sophisticated cyber-attack campaign against more than 50 organisations in the areas such as energy, military intelligence, hospitals, universities as well as specifically targeting airports and airlines.

The report into this campaign, dubbed Operation Cleaver, also says:

"In September 2012, Iran signed an extensive agreement for technology cooperation agreement with North Korea, which would allow for collaboration on various efforts including IT and security." This would suggest that a joint operation by the two countries using the skills of the Iranian hackers to target enemies of North Korea is a serious possibility.

The attack on Sony Pictures, which North Korea has failed to deny involvement in, is said to be related to the imminent release of the film The Interview, which depicts a CIA plot to assassinate North Korean leader Kim Jong-Un and stars James Franco and Seth Rogen.

Sony Pictures are working with security firm Mandiant as well as the FBI to investigate the attack.

The Sony Pictures memo in full read: