It could be that the Korean company did not do enough to prevent its digital certificates from being stolen, and that it was pilfered by multiple hacking groups who have then used it in multiple, unrelated attacks. If not, it would be a strong indication that a single group is involved.
Anthem and law enforcement have yet to say who they believe may be responsible, and the Premera investigation is in its early stages. If an attacker is named, it could put further pressure on the U.S. government, which has shown less and less tolerance for what are classified as state-sponsored attacks.
In December, the U.S. government blamed North Korea for the devastating data breach against Sony Pictures Entertainment, one of the first times the government has so quickly and so directly attributed a single attack. The documents released included salary details, internal email and HR documents for employees. Other malicious code destroyed the hard drives of Sony computers.
In May 2014, U.S. federal prosecutors charged five members of the Chinese Army with stealing trade secrets from U.S. organizations over eight years in the first legal action of its kind. China, as is customary, denied the accusations.
Sign up for CIO Asia eNewsletters.