FBI reiterated North Korean Hackers Involved in Sony Hack
The FBI has reiterated its belief that the hacking of Sony pictures is ultimately the responsibility of North Korea. This is released in the face of continued criticism from researchers and independent organizations.
James Komi, a director at the FB I told the press that he had very high confidence that North Korea's responsible for this most recent hack. He suggested that the independent researchers that were disagreeing with the FBI's findings did not have the fact that they had and they have not seen with the FBI has seen in its research.
Call me justified his agency's suspicion with evidence that the attackers used a 12 digit IP that identifies the location of the remote computer in North Korea. Although proxy servers were used by the hackers for a great deal of the attack, which masked their true IP address, the FBI says they got sloppy on several occasions and reveal their own IP address which link them directly to North Korea.
The FBI restated its conclusion that the attack match previous attacks which have also been linked to North Korea. The FBI is not revealed all evidence associated with its investigation and some of it may never be shared publicly.
Many independent researchers and observers remain skeptical about the FBI's findings it is easy to spoof an IP address any evidence pointing to North Korea is far from conclusive.
Even if the evidence pointing to North Korea is accurate it is possible that the hackers are not exclusively associated with North Korea. Simply saying that one particular IP address being used is not saying that IP addresses that exist outside of North Korea legitimately were also being used the encoding language of the computers used for the hack are also being cited as evidence, and this is easily set manually.
One security researcher wrote that although it is possible to identify the origins of individual cyber attacks forensics experts generally require months of detailed analysis and investigation to come to any conclusions. The writer also suggested it's far too early to point the finger at North Korea or anyone for that matter.
Although many consider it too early to take action against any particular intruder, North Korean or otherwise, it is necessary to take action to protect corporate infrastructures in the United States. Regardless of where the attack came from it is clear Sony should have been ready and they were not.