Surprise, surprise—North Korea did it.
In its first official statement on the Sony hacks, the FBI concluded that North Korea is responsible:
As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
After discovering the intrusion into its network, SPE requested the FBI’s assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber attack. Sony’s quick reporting facilitated the investigators’ ability to do their jobs, and ultimately to identify the source of these attacks.
Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
This corroborates a report that was released on Wednesday, just hours after Sony announced that they would not be releasing The Interview in response to threats of "9/11-style attacks" from the hackers.
North Korea had previously been suspiciously coy and vague about their part in the incident. When a spokesperson was asked about the country's involvement in the hacks in early December he responded, "Wait and see."
Welp, now we see. And now the chilling fact remains that we bent to the whims and desires of a dictatorship. Hopefully The Interview comes out anyways, just so as many people as possible can see fake Kim Jong-un's face blow up.
