Search Keywords
Financial Times Wall Street Journal Economist
News Period From   To
News: 60885    Funds: $437    Pays: $524

Go Back to
News List
This News on
Daily Paywall
  Rated 66 | Views 316
Rate it | Share it 

U S News
U.S. Has Concluded North Korea Is Behind Sony Hack
From the Wall Street Journal of Wed, 17 Dec 2014 19:45:32 EST
Security is seen outside The Theatre at Ace Hotel before the premiere of the film "The Interview" in Los Angeles on Dec. 11, 2014.
Security is seen outside The Theatre at Ace Hotel before the premiere of the film "The Interview" in Los Angeles on Dec. 11, 2014. Agence France-Presse/Getty Images

U.S. officials have concluded North Korea is behind the hacking attack on Sony Pictures, elevating the issue from a question of corporate security to national security, according to people familiar with the investigation.

Within the U.S. government, there has been an internal debate in recent days about when and how to reveal that belief publicly, because doing so could complicate relations with Japan, and raises the difficult question of how the U.S. should respond to an aggressive act by a foreign government.

U.S. officials are still gathering evidence and are trying to build a clearer picture of who directed the hacking and how.

Investigators strongly suspect the attack was carried out by a North Korean government hacking team known as Unit 121 in the General Bureau of Reconnaissance, people briefed on the matter said. That team has previously been linked to other cyberattacks against South Korean targets.

The Sony hack raises a perplexing question for U.S. security officials—how to respond to a foreign government suspected of hacking an American company to embarrass them. While the Sony hack has also raised public safety and economic issues, it isn’t the type of scenario envisioned by many security officials, who worry about the hacking of critical infrastructure systems.

The U.S. rarely fingers other nations of conducting cyberattacks in the U.S., even when it has strong suspicions. One exception came this May when the Justice Department indicted five Chinese military officers, alleging they hacked U.S. companies’ computers to steal trade secrets.

If the U.S. publicly blames North Korea for the attack, officials believe it would then have to craft some kind of response. Those options are constrained, given how North Korea is already sanctioned and cut off from much of the world. Some U.S. officials have also expressed concern that blaming North Korea for the attack could put Japan, a U.S. ally, in a bind. Tokyo, unlike America, has to deal with North Korea as a neighbor just across the Sea of Japan.

Determining who is behind a cyberattack is far from science. For instance, the Sony hackers’ traffic was routed through a variety of overseas addresses, including a hotel in Thailand, these people said. But hackers can easily fake the apparent origin of their attacks and there are numerous signs linking the Sony hack to North Korean government hackers that security researchers have tracked for years.

The attack code was written on machines set with Korean as the default during Korean peninsula working hours, according to people familiar with the matter. The types of remote servers used in the Sony hack have been linked to those used by other breaches linked to North Korea. North Korea’s hackers also have a habit of posing as previously unknown hacker groups that use broken English and drawings of skeletons. The group called “Guardians of Peace” claimed credit for the Sony breach, the “New Romanic Cyber Army” hit South Korean banks and broadcasters last year while “Whois Hacking Team” took over a website for LG Uplus Corp., the South Korean telecommunications company around the same time.

Crowdstrike Inc., a U.S. cybersecurity firm, calls this group “Silent Chollima,” a reference to the mythical winged horse used in the North’s economic development plans, and has tracked it back to at least 2006. The company declined to comment on the Sony breach. When the FBI recently released the malware used in the movie studio hack, the company told clients it believed it was the work of “Silent Chollima.”

Peter Singer, a cybersecurity strategist and senior fellow at the New America Foundation, and other cyberwar experts, worry what happened to Sony could become the new normal after Sony decided to pull the movie and Washington is yet to make some sort of response. “This is now a case study that is signaling to attackers that you can get all that you want and even more,” Mr. Singer said.

Nations are yet to agree on what types of cyberattacks are acceptable without escalating tensions. “We can set the norms by coming out and saying this is just too much,” said Jay Healey, an expert on cybersecurity and diplomacy at the Atlantic Council in Washington.

After hackers entered Sony’s systems more than a month ago, they installed malicious code that would eventually wipe hard drives on many corporate computers. This wiped away many of the digital clues and has made the investigation by the Federal Bureau of Investigation and FireEye Inc., a cybersecurity company, more difficult.

As of Wednesday, investigators still can’t say they have removed and blocked the hackers from Sony’s systems, people familiar with the investigation said.

The situation also remains tenuous for Sony Corp., Sony Pictures’s parent company in Tokyo. After investigators at FireEye determined North Korea was likely linked to the attack, it proposed a public report that would offer an update on the breach and implicate Pyongyang hackers. Sony’s Japan headquarters nixed the idea, people familiar with the probe said.

Write to Devlin Barrett at and Danny Yadron at

This article is provided by, which is published and distributed by Paolo Cirio Ltd., registered in England, number 8188080. Registered Office: Suite 36, 88-90 Hatton Garden, City of London, EC1 N8PG, United Kingdom. Paolo Cirio Ltd. alone is responsible and liable for information and services provided through Daily Paywall’s newspaper and website.

Earn Money
Offer Money
Buy Advertising
Buy Artwork Article

Similar Articles
Enjoy The Real Value of Information