FBI Certain North Korea Hacked Sony Pictures, Says Hackers Were 'Sloppy'
Officials from the FBI said all evidence point the attack into Sony Pictures Entertainment, which became public in November, was made by North Korea because the latter was "sloppy" in its hacking methods. FBI Director James Comey, while speaking at the International Conference on Cyber Security, said he is highly confident the hackers that attacked Sony Pictures came from North Korea. The hackers particularly came from North Korea's intelligence agency, the Reconnaissance General Bureau.
Calling themselves "Guardians of Peace," Sony's hackers did go through proxy servers to hide their identity. But then they weren't consistent enough to ensure all procedures are done to the letter so they won't get caught.
The hackers would send emails threatening Sony employees as well as post online various statements explaining their work, Comey said. In nearly every case, they would use proxy servers in sending those emails and posting those statements, he added. But then, several times they got sloppy. "Several times, either because they forgot or they had a technical problem, they connected directly and we could see it," Comey said.
The FBI director said the IP addresses that they saw "were exclusively used by the North Koreans." Later on, realising the error, the hackers would shut it off very quickly. They clearly knew it was a mistake. "It was a very clear indication of who was doing this... we saw them and knew where it was coming from."
Comey said the Guardians of Peace used VPNs to try and hide their real identities. But it was their "sloppiness" that eventually exposed hem. He said it's also likely they targeted e-mails with malicious code so they can enter Sony's networks. The spearfishing messages, Comey said, were sent to Sony as late as September.
The attack against Sony had something to do with "The Interview," a satirical movie about North Korean leader Kim Jong-Un. It features James Franco and Seth Rogen.
Investigators are also looking into the scenario that North Korea may have hired foreign hackers or enlisted the help of someone from right inside Sony to carry out the attack. James Clapper, U.S. Director of National Intelligence, also in the same conference, warned the hacking attacks will fuel North Korea to carry out more in the future for international attention and recognition.
Clapper said North Korea knew cyber is a powerful new realm that they can put themselves into, and exert maximum influence at minimum cost. The recent episode with Sony proved that to them. "If they get global recognition at a low cost and no consequence, they will do it again and keep doing it again until we push back."