Last July sites in the US and South Korea were bought down by an attack which appeared to come from the North.
But authorities are still scratching their heads over the DoS attacks.
Early analysis pointed to North Korea as the likely starting point because code used in the attack included Korean language and other indicators.
It is starting to look however that no nation actually ordered it.
Now the fingers are pointing at South Koreans activists, who are concerned about the threat from North Korea and would be looking to ramp up antagonism.
Ironically this is the sort of thing that the North Koreans say happen all the time. So much so that when a South Korean warship was sunk with a North Korean torpedo, Dear Leader claimed it was a similar set up.
Don Jackson, director of threat intelligence for SecureWorks told AP that “it’s a dead end as far as who did it. I don’t think we’ve ever gone past that.”
Those responsible, he said, “pulled it off so well, managed it so well — this was someone who has experience at running these types of attacks.”