FBI confirms Sony hack was definitely North Korea - but maybe also China

 
Emma Haslett
Follow Emma
Sony withdrew the release of the movie altogether yesterday (Source: Sony Pictures)

The FBI confirmed today that a massive data breach at Sony's movie production arm was, indeed, rooted in North Korea.

North Korea seemed the obvious perpetrator, given the group behind the hack, Guardians of Peace, purported to take offence at upcoming movie Seth Rogen movie The Interview, which centres around a plot to kill North Korean leader Kim Jong-un.

However, there has been confusion over where the hack originated, after experts cast doubt on the idea it was North Korea.

But the US official confirmed today that its investigations showed North Korea had been behind it, alongside a possible Chinese link, which came in the form of either collaboration with Chinese agencies or using servers in China to mask the origination of the hack.

In a statement, it said:

Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods and compromised networks.

The FBI also observed significant overlap between the infrastructure of this attack and other malicious cyber activity the US government has previously linked directly to North Korea. For example, the FBI discovered that several internet protocol (IP) addresses associated with known North Korean infrastructure with IP addresses that were hardcoded into the data deletion malware used in this attack.

It added that the move was intended to inflict "significant harm" on US businesses.

Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attempt – whether through cyber-enabled means, threats of violence, or otherwise – to undermine the social prosperity of our citizens.

Yesterday, the company confirmed plans to withdraw the release of the movie altogether after threats by Guardians of Peace caused most major US movie theatres to decide against showing it.

White House spokesman Josh Earnest had said US officials were considering an "appropriate response" to the hack, under which thousands of gigabytes of data - including five movies, the script to the next James Bond film and thousands of personal emails - were leaked.

Related articles