The FBI on Friday said it had gathered enough information to conclude the North Korean government was responsible for the hacking at Sony Pictures Entertainment.
The “lines of code, encryption algorithms, data deletion methods and compromised networks” and “infrastructure” used in this attack were similar to previous hackings traced to North Korea.
But the investigating agency, or US authorities, did not spell out any follow up action — if any individual or group or entity will be charged, prosecuted or punished.
US department of homeland security said in a statement called the hacking was not only an attack on a company and its employees. It was also an attack on “our freedom of expression and way of life”.
Sony has cancelled the worldwide release of The Interview, a movie lampooning North Korean dictator Kim Jong-un, which is behind the hacking that took place late November.
A group of hackers calling themselves Guardians of Peace took responsibility for the attack, and threatened 9/11 style attacks on cinemas screening the film.
The White House had on Thursday said various options were being considered without, once again, spelling them out. North Korea is already under severe US sanctions.
About the evidence against North Korea, the FBI said, “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.”
And there was significant “overlap” between the infrastructure used in this attack and previous “malicious cyber activity” traced to North Korea”. The FBI found that several Internet protocol addresses associated with known North Korean infrastructure “communicated with IP addresses that were hardcoded into the data deletion malware used in this attack”
And, lastly, the tool used in the Sony hacking were similar to a cyber attack in March 2013 against South Korean banks and media companies.