Sony Hacking: FBI Blames North Korea

Feds say they have "enough information" to make that conclusion.

ByABC News
December 19, 2014, 1:52 PM

— -- The U.S. government has taken the big step of publicly branding the North Korean regime as the driving force behind the massive cyber-attack on Sony Pictures that has paralyzed the film company and raised fears of terrorist attacks inside the United States.

In a rare, official statement issued today, the FBI said it "now has enough information to conclude that the North Korean government is responsible for these actions.”

North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves” and seek economic and social prosperity,” according to the FBI statement. “Such acts of intimidation fall outside the bounds of acceptable state behavior.”

The statement lays out at least some of the evidence the U.S. government has uncovered tying North Korea to the attack.

The FBI says analysis of the malicious software used in the attack shows it is linked “to other malware that the FBI knows North Korean actors previously developed.”

“The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea,” the FBI statement continues. “Separately, the tools used in the [Sony] attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.”

This comes as a source close to Sony confirms that company executives received a new message laden with threats, saying, "Now we want you never let the movie released, distributed or leaked in any form of, for instance, DVD or piracy."

On Nov. 21, Sony executives received an email warning them not to release their new “movie of terror,” referring to the comedy “The Interview,” which depicts a fictional assassination of North Korean dictator Kim Jong Un. Soon thereafter, Sony was hit with the now-infamous cyber-attack, crippling its computer network and flooding the Internet with embarrassing internal emails and employees’ personal information.

Earlier this month, a North Korean official denied allegations that the government was involved in the hacking, calling it “wild speculation.” Still, the official described the attack as a “righteous deed,” according to a North Korean state news agency.

Then, on Tuesday, a message posted online warned of a 9/11-style attack on theaters showing the film. Sony then decided not to release the movie at all.

Identifying exactly who executed the attack has been a challenging and painstaking task for federal investigators. Based on evidence collected so far, federal sources told ABC News, they believe an individual or small group stationed outside North Korea may have punched the computers keys that launched the attack, which was then likely routed through at least six countries overseas -– Singapore, Thailand, Italy, Bolivia, Poland and Cyprus -– before hitting its target in the United States.

A group calling itself “Guardians of Peace” has claimed responsibility.

Last week, the head of the Justice Department's National Security Division, John Carlin, said the Sony hack “has our full attention.” Two days later, FBI officials held a meeting in New York with executives from across the entertainment industry to brief them on cyber-related threats to their companies, sources told ABC News.

In addition, just hours before Sony’s decision on Wednesday to pull the plug on its Christmas Day release of the movie, the FBI issued its first official message about the Sony hack to joint terrorism task forces across the country -– comprised of federal, state and local officials that the FBI describes as “our nation’s front line on terrorism.”

“The FBI’s investigative team believes these [latest threats] increase the threat level” inside the United States, according to the message. But, FBI officials emphasized, the threat to movie theaters was not deemed credible, and the message distributed Wednesday by the FBI was simply precautionary and informational.