FBI Claims North Korea Behind Sony Hack Attack
So the cat is out of the bag. After weeks of nerve wrecking speculation, the FBI has confirmed that North Korea is behind the attack that has spun Sony Pictures Entertainment around.
In a press release published on Friday, the FBI concluded that the attack was presumed to be committed by North Korea, based on certain similarities with the previous attacks the country has made before.
The conclusion was derived by looking at the technical similarities to be precise – coding, encryption algorithms, data deletion techniques, and the networks compromised. All of these factors match against North Korea’s history of such operations.
While an unknown hacking group “Guardians of Peace” had claimed responsibility for the attack, the FBI claims the United States considers this attack as a nation-state operation.
The attack on Sony Pictures is being stated as the most embarrassing cyber-attack to record. The company suffered huge losses as the hackers stole private information – in terabytes – and deleted their data from the systems.
The attack then moved on from just the Sony executives and employees to even movie theaters and moviegoers as the group threatened of violent attacks which led to Sony taking off its movie “The Interview” from theaters. The movie was a satirical story of two journalists who somehow team up with the CIA to attack the North Korean leader.
Under the light of this revelation, President Obama called a press briefing:
They caused a lot of damage and we will respond, we will respond proportionally and we will respond in a place and time we choose. We cannot have a society in which some dictator someplace can start imposing censorship in the United States.
The attack has also revealed the lack of security Sony had displayed. Administrators at Sony Pictures appear to have left passwords in a folder on one of the company’s systems. Moreover, the company’s security team consists mostly of management, instead of a proper skill set.
FBI however was impressed that Sony took rapid action on time by informing the concerned authorities.
“We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there,” the FBI stated. “Further, North Korea’s attack on SPE reaffirms that cyber-threats pose one of the gravest national security dangers to the United States.”
But then again, pointing fingers at a country and accusing them without 100% assurance is still not the best option, because technical evidence can be faked, according to Adam Kujawa, head of malware intelligence at endpoint security firm Malwarebytes:
“What we know about [North Korea] is that they like to brag when they do something, yet they have announced, not only to the world but also to their own information-censored country that they didn’t do anything,” Kujawa said. “Until we know all the facts, and I seriously doubt we will ever know them all, making quick assumptions and jumping the gun is ill-advised.”