FBI Director James Comey announced new details in the investigation into the cyberattack against Sony Pictures Wednesday, reaffirming the agency’s belief that North Korea was behind the hack.
Comey told a crowd at the International Conference on Cyber Security at Fordham University that the FBI was able to trace the attack back to Internet protocol addresses used exclusively by North Korea.
According to the director, the “Guardians of Peace” hacking group claiming responsibility for the attack was “sloppy” in its attempts to mask IP addresses through proxy servers in some instances, allowing the agency to follow emails and online postings to Internet connections “exclusively used by the North Koreans.”
“We know who hacked Sony. It was the North Koreans,” Comey said, according to Intercept reporter Jana Winter. “I have very high confidence about this attribution.”
In the FBI’s initial announcement last month blaming North Korea for the attack, the agency cited pieces of malware and global networks used in previous cyberattacks attributed to North Korea as the primary evidence, both of which have since come under scrutiny by private experts in the cybersecurity field — many of whom now allege a Sony insider was responsible. (RELATED: Cybersecurity Firm Identifies Six In Sony Hack — One A Former Company Insider)
“I know that some serious folks have suggested we have it wrong,” Comey said.
“They don’t have the facts that I have. They don’t see what I see,” he said, according to USA Today.
Internet access is relegated strictly to North Korea’s elite and regulated by Pyongyang, making it highly unlikely anyone in the country could execute any part of such an attack without the government’s knowledge.
While speaking at the same conference Wednesday, Director of National Intelligence James Clapper said the cyberattack against Sony was the “most serious” against U.S. interests yet. (RELATED: Clapper: Sony Hack ‘Most Serious’ Cyberattack Against U.S. So Far)
Despite rising doubt in the private sector and North Korea’s repeated denial of any involvement, the U.S. imposed a new round of sanctions against North Korea last week targeting the country’s primary intelligence agency, primary arms dealer, a defense trade organization and multiple businessmen, all of whom are barred from executing transactions over U.S. financial systems or with U.S. citizens.