FBI: North Korea Responsible For Sony Hack

It’s official: The FBI says North Korea is to blame for the recent Sony Pictures Hack. According to an FBI press release, which NBC News tweeted in its entirety, U.S. investigators now have sufficient information to conclude that North Korea was behind the cyber attack. You can view the enormous tweet with complete details at the bottom of this page, but here are some highlights.

Administrators had previously declined to place the blame squarely on North Korea, instead saying they were weighing their options. In the official statement released by the FBI, federal officials stated that although they needed to protect sensitive sources and investigation methods, their conclusion is based in part on technical analysis of the data deletion malware that was used during the attack, which FBI knows North Korea-based hackers developed previously. Similarities in specific lines of code, data deletion methods, encryption algorithms, and compromised networks were detected.

In addition, the FBI observed a significant overlap between the infrastructure utilized in the Sony Pictures hack and other malicious cyber activity that the U.S. Government has linked directly to North Korea previously. For example, the FBI found that several internet protocol (IP) addresses known to be associated with verified North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used to carry out the attack.

Finally, the tools used in the Sony Pictures cyber attack have similarities to an attack North Korea carried out last year against several South Korean banks and media outlets.
The FBI is “deeply concerned” about the attack’s destructive nature.

“North Korea’s attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart.”

FBI went on to state that acts of intimidation, like those perpetrated by North Korea, fall outside the bounds of acceptable state behavior.

“The FBI takes seriously any attempt – whether through cyber-enabled means, threats of violence, or otherwise – to undermine the economic and social prosperity of our citizens.”

Homeland Security Secretary Jeh Johnson released a statement that said the Sony Pictures hack attack is “an attack on our freedom of expression and way of life.”


He went on to say that the North Korea cyber attack underscores the importance of good cybersecurity practices, stating, “Every CEO should take this opportunity to assess their company’s cybersecurity. Every business in this country should seek to employ best practices in cybersecurity.”

At the end of his statement, Johnson said that the Department of Homeland Security encourages all businesses and other organizations to use the Cybersecurity Framework to assess and limit cyber risks and protect against cyber threats.

According to the Huffington Post, the hackers responsible are taking a “victory lap,” stating it was wise for execs to cancel the release of The Interview, threatening further punishment, presumably from the government of North Korea, should “additional trouble” occur. Meanwhile, this could be just the beginning for the pampered hackers of North Korea, who may be planning action against utility grids and other infrastructure within the United States and other enemies.

[Image courtesy of jornadadiaria.com]