FBI Director James Comey said the hackers who breached Sony Entertainment in November last year were â€œsloppy,â€ according to Dark Reading. The â€˜Guardians of Peaceâ€™ (GOP) didnâ€™t permanently use proxy servers to hide their identity, leaving clues about their North Korean roots.
â€œSeveral times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using… were exclusively used by the North Koreans,â€ James Comey said at a university event in New York. â€œThey shut it off very quickly once they saw the mistake, but not before we saw where it was coming from.â€
Technical errors werenâ€™t the only clues that led the FBI to point fingers at North Korea. The bureauâ€™s Behavioral Analysis Unit designed psychological profiles of the Sony hackers, and red team simulations also revealed their country of origin.
â€œThere is not much in this life that I have high confidence about,â€ Comey said. â€œI have very high confidence in this attribution, as does the entire intelligence community.â€
While Comey called the Sony hackers â€œsloppy,â€ the Director of National Intelligence said North Koreans have no sense of humor. The head of National Intelligence mentioned a dinner meeting with a North Korean official who pointed his finger at his chest.
â€œThey are deadly, deadly serious about affronts to the supreme leader, whom they consider to be a deity,â€ James Clapper said.
In November 2014, the Sony hackers demanded the cancellation of â€œThe Interview,â€ a comedy about a plot to assassinate North Korean leader Kim Jong-un. The movie is now screening at hundreds of theaters across the United States, though not at thousands as originally planned.
The attack shook up Sonyâ€™s reputation and business, as hackers leaked personal information of employees and their families, executive salaries at the company, copies of unreleased films, and even celebrity information.
In December 2014, Sony Entertainment urged the media to stop digging for juicy news in the leaked data, as that is still private information.