It’s often said there are two kinds of companies: Those that have been attacked by hackers and those that don’t yet know they have been attacked by hackers.
One that definitely knows it has is Sony Pictures Entertainment. In what is arguably the most high-profile computer crime ever perpetrated against a corporation, attackers tied to North Korea are believed to have penetrated that company’s computer networks, stolen whatever data they could find and then destroyed the computers on the way out.
Once Sony realized what had happened, it called Kevin Mandia, who runs the Mandiant incident response division of the computer security company FireEye. Mandia talked about what happened at Sony and what it means for the rest of the world at our Code/Enterprise Series: San Francisco last week.
During the interview with Re/code’s Dawn Chmielewski and me, he shot back at critics who said there was no way that North Korea could have been responsible for the attack on Sony and that an attack by an insider familiar with Sony’s systems was more likely. “Definitely not an insider … nope,” he said.
Certain as he is, he did concede that the business of attribution — assigning blame for hacking attacks — is getting trickier as the bad guys take ever more complex steps to hide their tracks and even point investigators in multiple wrong directions. “Right now we’re starting to get more groups that we’re labeling unknown,” he said. “We have like 400 of them.”
You can hear him talk about all of this in the full video of our interview. In case you missed our San Francisco event, we’re holding another Code/Enterprise Series — with all new speakers — in New York on Sept. 29. We hope to see you there.
This article originally appeared on Recode.net.