Several bits of information about the Sony hack come to light. The attack apparently involved months of preparation: reconnaissance and planting of "time bombs." The attack code used in the campaign reportedly involved a great deal of recycled techniques and malware (which leads to lingering suspicion that Iranian suppliers may have been involved). And Sony is said to still suspect some insider collaboration with external attackers.
Voices of skepticism aside, the US sticks to its attribution of the attack (which President Obama characterizes as an act of cybervandalism as opposed to cyberwar) to North Korea. The DPRK, of course, denounces the attribution as "slander," and cheekily offers to help the Americans with their inquiry. That offer will obviously be declined, but the US is seeking help from China, specifically a blockade of DPRK Internet access. The "proportional" response the US is mulling could also include information operations, difficult enough in a country that's largely airgapped itself through censorship and a policy of poverty, but still something the Kim regime seems to fear.
Many observers continue to speculate that Kim's long game is infrastructure attacks (and indeed there was recently a successful hack of a South Korean nuclear power provider — attribution unclear, but nominally the work of anti-nuclear hacktivists), but its proximate effect has been to increase business fears of cyber-extortion.
Ordinary cyber criminals, naturally, remain active. Banking Trojans Vawtrak and Zeus circulate in evolved, dangerous variants. Gangs install ATM malware from within banks. Office retailer Staples discloses a point-of-sale breach.