FBI director 'confident' North Korea behind Sony hack
Attackers failed to use proxies to hide NK IP addresses, says FBI director
The director of the FBI has said that he has "very high confidence" that the hack against Sony was perpetrated by North Korea.
Speaking at the International Conference on Cyber Security in New York yesterday, James Comey said that the attackers had gotten "sloppy" on several occasions and had forgotten to use proxy servers to hide their IP addresses. The Bureau said that this revealed attacks coming from IP addresses used exclusively by North Korea, according to InformationWeek's DarkReading website.
"Several times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using ... were exclusively used by the North Koreans," Comey said. "They shut it off very quickly once they saw the mistake, but not before we saw where it was coming from."
"There is not much in this life that I have high confidence about," Comey added. "I have very high confidence in this attribution, as does the entire intelligence community."
Many security researchers pointed out that the attacks did not necessarily originate in North Korea, but could have been routed through there, and that other IP addresses associated in other countries had been identified in the attack.
The FBI also asserted that it was confident North Korea was to blame as the Bureau's behavioral analysis unit has developed psychological profiles of the attackers, and also because of the results of ‘red team' cyber attack simulations.