WASHINGTON (CNN) — North Korea is officially responsible for the cyberattack on Sony Pictures, the FBI announced Friday.
An FBI investigation linked the malware, infrastructure and techniques a group of hackers called “Guardians of Peace” used in the Sony attack to previous North Korean cyberattacks. The North Korean-backed hackers broke into Sony’s servers, published private emails and information and threatened to attack movie theaters screening “The Interview,” a comedy film about an assassination plot on North Korean leader Kim Jong Un.
The official report that North Korea was behind one of the largest and disruptive cyberattacks on a major company confirms what most already suspected throughout the past few weeks, though the larger question — how will the United States respond — remained unanswered.
U.S. officials also tell CNN the hackers routed the attack through servers in countries from Asia, Europe and Latin America, even some in the U.S.
The hackers used common DNS masking techniques to make it look like it was coming from those places, but the National Security Agency and FBI were able to track it back to North Korea.
North Korean internet traffic is routed through China, which is one way they are able to hide their activity, but the FBI was still able to trace it back to the origin, sources tell CNN.
The FBI called North Korea’s actions “outside the bounds of acceptable state behavior” in a statement released Friday and called cyberthreats “one of the gravest national security dangers.” The FBI did not use the words “terror” in their statement.
“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves,” the FBI said in the release. “We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there.”
Sony backed off its plans to release the movie this week after the hacking group threatened to attack movie theaters. It has no further plans to release the film.
The investigation linked the “tools” of the Sony hack to North Korean cyberattacks in March 2013 against South Korean banks and media outlets.
Former Sen. Chris Dodd, the Chairman and CEO of the Motion Picture Association of America, released a statement Friday after the FBI announcement slamming the North Korean attacks by “cyber terrorists, bent on wreaking havoc” as a “despicable, criminal act.”
“This situation is larger than a movie’s release or the contents of someone’s private emails,” Dodd said. “This is about the fact that criminals were able to hack in and steal what has now been identified as many times the volume of all of the printed material in the Library of Congress and threaten the livelihoods of thousands of Americans who work in the film and television industry, as well as the millions who simply choose to go to the movies.”
Dodd added that “we cannot allow that front (of cyberattacks) to be opened again on American corporations or the American people.”
U.S. officials have said the government will retaliate for the attacks and White House Press Secretary Josh Earnest said the response would be “proportional.”
“Working together, the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests,” the FBI said in the release.
Sen. John McCain on Friday said the cyberattack amounted to “an act of war” on Friday and said the U.S. should retaliate in kind with cyberwarfare.
“This is the greatest blow to free speech that I’ve seen in my lifetime probably,” McCain said Friday on Arizona radio station KFYI 550’s “The Mike Broomhead Show.” “We have to respond in kind. We have lots of capability in cyber and we ought to start cranking that up.”
McCain plans to hold a cybersecurity hearing into the Sony hack in the first two weeks of the next Congress, when he takes over as the chairman of the Armed Services Committee.
Assistant Attorney General for National Security John Carlin applauded Sony’s cooperation with investigators and said the government will continue to “address this and other threats” with partners like Sony.
“We follow the facts and evidence wherever they lead, to identify the fingers at the keyboards that threaten our people, our companies, and our national security,” Carlin said. “Identifying those responsible for these attacks is only the first step, and we will continue to do our part to protect and defend our nation from the asymmetric threats posed through cyberspace.”