There is some speculation that the hacker of Sony Pictures was a disgruntled employee. They've done it before and this attack has some characteristics of an inside job.
A professional in the field gives some insight about this in the Daily Mail.
Cybersecurity expert Hemanshu Nigam told the Hollywood Reporter that he finds it hard to believe that North Korea is the perpetrator and instead thinks it is more probable that it was the actions of an employee or ex-employee with administrative access privileges.
"For the studio — which has laid off hundreds of employees over the past year in an effort to contain costs — the possibility of a disgruntled employee wreaking havoc is very real.
If terabytes of data left the Sony networks, their network detection systems would have noticed easily," explains Nigam.
"It would also take months for a hacker to figure out the topography of the Sony networks to know where critical assets are stored and to have access to the decryption keys needed to open up the screeners that have been leaked.
Hackers don't use such things as Hushmail, Dropbox and Facebook when they want to engage in what amounts to criminal activity. Real hackers know that these sites collect access logs, IP addresses and work with law enforcement. It is possible that North Korean-sponsored hackers were working with someone on the inside. But it is more likely a ruse to shift blame, knowing the distaste the North Korean regime has for Sony Pictures."
READ ENTIRE ARTICLE