North Korean hackers left footprints when they breached Sony Pictures Entertainment late last year, the director of the FBI said Wednesday.
Despite some disagreement about the source of the cyberattack on Sony, FBI Director James Comey again pointed the finger at North Korea. Hackers “got sloppy” when attempting to mask their IP addresses, showing investigators that some emails from the hackers to Sony employees came from Internet connections used only by North Korea, Comey said at a cybersecurity conference in New York City.
The Sony attack had “clear links” to malware developed in North Korea, the Associated Press quoted Comey as saying. “I have very high confidence about this attribution to North Korea, as does the entire intelligence community,” the AP quoted him as saying.
Comey declined to offer many details about how the FBI assigned blame to North Korea, saying investigators must protect their methods and sources, according to news reports.
The FBI, in mid-December, assigned blame for the attack on North Korea, but some security researchers have questioned that conclusion.
Some security researchers have questioned North Korea’s ability to pull off the massive attack.
“North Korea has never before demonstrated any advanced hacking capabilities,” Scott Borg, director and chief economist of research group the U.S. Cyber Consequences Unit, wrote on CNBC.com last week. “More important, it has hardly any way of acquiring those capabilities. It has no high-tech business sector or local hacker community from which it can recruit talent.”
Still, early this month, the White House announced new sanctions against North Korea, in part because of the Sony attack. The government of North Korea has denied involvement in the attack, although it praised hackers for attempting to prevent the release of “The Interview,” a movie about a plot to kill North Korean leader Kim Jong Un.