Politics News

Sony Hack: Sloppy Clues Leave Little Doubt North Korea Was Responsible

U.S. investigators were likely convinced that the hackers of Sony Pictures were North Korean due to slip-ups and possibly deliberate clues meant to win domestic kudos, according to a former senior North Korean official and cybersecurity expert.

On Wednesday, James B. Comey, the director of the FBI, said North Korea was responsible for the attack on Sony in part because hackers did not mask their location when they gained access to the company’s servers, according to the New York Times.

Rather than routing attacks and messages through decoy servers, hackers sent them directly from known North Korean Internet addresses. According to FBI analysts, the hackers logged into both their Facebook account and Sony’s servers from North Korean IP addresses, then realized their mistake and backtracked to reroute attacks through decoy computers.

[quote text_size=”small” author=”– James B. Comey” author_title=”FBI Director”]

(There is) not much in this life that I have high confidence about. I have very high confidence about this attribution (against North Korea) — as does the entire intelligence community.

[/quote]

The FBI attributed the cyberattack to North Korea, a rare case of the U.S. government publicly accusing another government of carrying out a cyber crime. The bureau cited “technical analysis” of malicious software, which revealed links to other malware used in previous North Korean attacks, according to the Washington Post.

The head of a group of hacking experts that analyzed suspected North Korean cyberattacks on South Korea said a record of North Korean IP addresses was left in a 2013 attack on Seoul due to a detour through Chinese servers being suspended briefly, exposing the origin of the hackers. That attack targeted South Korean news media, credit card companies and banks, according to the Wall Street Journal.

Jang Jin-sung, a former official in North Korea’s propaganda unit, says it’s possible the North Koreans wanted to be known in the Sony attack, and they likely had incentive to leave some evidence as officials frequently secure promotions after a successful attack against an enemy.

South Korea’s Defense Ministry says North Korea has around 6,000 state hackers who compete to prove their loyalty to the government and leave proof when they succeed in an attack.

Click to comment
To Top

Hi - Get Important Content Like This Delivered Directly To You

Get important content and more delivered to you once or twice a week.

We don't want an impostor using your email address so please look for an email from us and click the link to confirm your email address.