Hackers who targeted Sony in late 2014 “got sloppy,” which allowed authorities to draw links between them and North Korea, according to FBI Director James Comey.
Comey said he has “not just high confidence, but very high confidence,” that North Korea was behind the hacking and that there were clear links between the Sony hack and malware used by North Korea last year to attack South Korean banks and media outlets. The same techniques were employed by the Guardians of Peace hacking group in their breach of Sony, according to Comey, who spoke Wednesday in New York at a cybersecurity conference.
Despite using proxy servers to disguise the hackers online identities when sending emails and posting threats, the hackers “got sloppy” several times, according to Comey, exposing IP addresses used exclusively by North Korea and giving the investigation its clearest indication of guilt.
He also addressed the skepticism by some in the cyber security community that North Korea was the culprit, saying “some serious folks have suggested we have it wrong. I’m saying they don’t have the facts we have, or see what I see.”
As the law enforcement and intelligence community scramble to respond to the growing number of cyberthreats facing America, Comey stressed the need to “impose costs” on nation-state actors and the most dangerous syndicates “where we can make the biggest impact.”
Ideally, imposing costs would lead to arrests or “laying hands on people,” he said. But if this can’t be accomplished, the FBI will “call out the actors so that no one gets freebies,” and he pointed to the recent round of sanctions placed on North Korea by the U.S. as a signal that they do not take the threats lightly.