LOS ANGELES (Variety.com) - The FBI announced on Friday that North Korea was "responsible" for the attack on Sony Pictures Entertainment.
"As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions," the bureau announced.
The FBI said it based its conclusion on "technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks."
It also cited "significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack."
The bureau added that there was "significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack."
President Obama is expected to address the attack at a press conference today at 10:30 a.m. PT. Some of the key questions will be what kind of action the U.S. will take in response, and whether it constitutes a terrorist attack or threat of terrorism. On Thursday, White House spokesman Josh Earnest said that the government was considering a "proportional" response.
"We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there," The FBI said. "Further, North Korea's attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior."
In their statement, the FBI also relayed the sequence of events that led to the hacking attack.
"The FBI has determined that the intrusion into SPE's network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees' personally identifiable information and confidential communications. The attacks also rendered thousands of SPE's computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the company's business operations.
"After discovering the intrusion into its network, SPE requested the FBI's assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber attack. Sony's quick reporting facilitated the investigators' ability to do their jobs, and ultimately to identify the source of these attacks."