Hackers used tools in a devastating cyber attack on Sony Pictures Entertainment that were based on ones used in similar attacks conducted against South Korea by North Korea, a person familiar with the company's investigation said on Wednesday.
The person, who was not authorised to publicly discuss Sony's probe into the attack which is being led by FireEye's Mandiant forensics unit, said that investigators made the connection to North Korea as they reviewed evidence left by the hackers.
The technology news site Re/code reported earlier on Wednesday that Sony intends to name North Korea as the source of the attack, which exposed massive volumes of internal company data and shut down its computer systems for a week.
The hacking into one of Hollywood's biggest studios has alarmed the government and cyber security experts, who say this is the first major attack on a US company to use a highly destructive class of malicious software that is designed to incapacitate computer networks. The FBI issued a warning to US businesses on Monday.
The attack launched on November 24 came a month before the entertainment unit at Sony Corp. is due to release The Interview, a comedy starring James Franco and Seth Rogen as two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un.
The Pyongyang government denounced the film as "undisguised sponsoring of terrorism, as well as an act of war" in a letter to UN secretary-general Ban Ki-moon in June.
Details of the announcement from Sony about a North Korean link were still being finalised and could be released as early as Wednesday. But when asked about the Re/code report, a Sony spokeswoman, said no announcement from the studio was coming.
US national security officials said government agencies still could not confirm media and private sector reports that North Korea was responsible for the Sony Pictures attack.
One official said that numerous governments, groups and individuals are capable of mounting sophisticated hacking attacks, and that at this point the offensive on Sony Pictures did not appear particularly unique. Another official said that it was still too soon after the hack to make definitive assessments of responsibility.
Sony has struggled to get all of its systems back up nine days after the attack and studio co-chiefs told staff in a memo on Tuesday that they still didn't know the "full scope of information that the hackers might have or release."
They said personnel and business information was compromised, without giving further details, while encouraging employees to use identity protection services offered by the company.
The attack is another blow for Sony Pictures, which produces the blockbuster James Bond and Spider-Man franchises. In the past year, the company laid off staff and cut costs after pressure from activist investor Daniel Loeb to improve profitability. That followed expensive 2013 flops such as After Earth and White House Down.