The FBI Officially Accuses North Korea of Successfully Hacking Sony

Earlier this week the news broke that the FBI was reportedly linking North Korea to the high level hacking of Sony and this morning the government agency issued a full statement that officially points the finger at that country's government. Even while under the sharpest of microscopes, the hackers who refer to themselves as Guardians of Peace, again reached out to Sony officials, sending another email overnight that made it clear that they weren't the least bit intimidated even if their identity has been outed.

Here is just a portion of what the FBI had to say on the record earlier today,

"As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:

  • Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
  • The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
  • Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.

We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea's attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attempt - whether through cyber-enabled means, threats of violence, or otherwise - to undermine the economic and social prosperity of our citizens."

So now that it has been officially confirmed that North Korea is behind the hacking we are left with even more questions and concerns. Disrupting Sony's day-to-day business is really a personal agenda that may have cost the studio billions, but in everyday life most Americans aren't directly affected. Who is to say that haven't already hacked into one of the U.S.'s larger banks or financial institutions? Sony's system analysts didn't realize that their whole network had been accessed and compromised until the hackers decided that it was time to clue them in. What if Sony was basically a testing ground for something more far-reaching?

The U.S. has already insisted that there has to be some sort of retaliation and response other than hackers making threats and Sony caving in to their demands. What kind of response should the U.S. actually have to North Korea? Tell us your thoughts in the comments below!

Tags
Sony, FBI, North Korea, Confirmed, The Interview, Canceled, Fear, Terrorist, Investigation
Join the Discussion
Real Time Analytics