US Says North Korea is Architect of Sony Cyberattack

nk-the-interview-dec-2014.jpg Workers remove the poster for 'The Interview' from a billboard in Hollywood, California, a day after Sony announced it would cancel the movie's Christmas release, Dec. 18, 2014.

The U.S. Federal Bureau of Investigation (FBI) on Friday accused North Korea’s government of masterminding a “destructive” cyberattack on Sony Pictures Entertainment, pledging to bring those responsible to justice.

The attack in late November, which targeted Sony’s computer systems and stole large quantities of personal and commercial data, led the movie studio to cancel its Christmas release of the film “The Interview,” which depicted a fictional attempted assassination of North Korea’s leader Kim Jong Un.

A group calling itself the “Guardians of Peace” had claimed responsibility for the attack and subsequently issued threats against Sony, its employees and theaters that planned to distribute the film.

The FBI’s accusation marked the first time the U.S. has directly accused another country of carrying out a cyberattack on American soil.

“The FBI now has enough information to conclude that the North Korean government is responsible for these actions,” the agency said in a statement.

“North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior.”

The accusation came as U.S. President Barack Obama said Washington “will respond” to the attack, condemning the North’s efforts to “impose censorship” in America.

“We will respond. We will respond proportionately and we'll respond in a place and time and manner that we choose,” Obama told a press conference.

Obama said he was “sympathetic” to Sony’s concerns over threats to attack theaters showing the film, but said the decision to cancel its release was “a mistake.”

“I'm sympathetic to the concerns that they faced. Having said all that, yes, I think they made a mistake,” he said.

“We cannot have a society in which some dictator some place can start imposing censorship here in the United States.”

The cyberattack was also slammed by U.S. Secretary of State John Kerry, who called the act “state-sponsored intimidation.”

“These actions are a brazen attempt by an isolated regime to suppress free speech and stifle the creative expression of artists beyond the borders of its own country,” Kerry said in a statement.

“Threats in cyberspace pose one of the greatest national security challenges to the United States, and North Korea’s actions—intended to inflict significant economic damage and suppress free speech—are well beyond the bounds of acceptable state behavior in cyberspace.”

Agence France-Presse quoted North Korea's United Nations mission on Friday denying involvement in the attack, with the country’s political counselor Kim Song saying “our country has no relation with the hacker.”

“There is no relation. This is not worth a comment,” he told AFP.


According to the FBI, the cyberattack had rendered thousands of Sony’s computers inoperable and “significantly disrupted the company’s business operations.”

The agency said that analysis of the malware used in the attack revealed “significant overlap” to similar tools and infrastructure it knew North Korean actors had previously made use of, including in specific lines of code, encryption, data deletion methods, and compromised networks.

The FBI also detected similarities between the tools used in the Sony attack and a cyberattack in March last year against South Korean banks and media outlets which it said was carried out by the North.

It said that despite documenting a wide variety and increasing number of cyber intrusions, the “destructive nature of this attack, coupled with its coercive nature, sets it apart.”

The agency vowed to trace the threat to its source and take action against those responsible.

“The FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests,” it said.

However, the agency stopped short of threatening specific U.S. action.


U.S.-based observers with knowledge of North Korean cyberespionage technology told RFA’s Korean Service they felt confident that the attack had been carried out by the Kim Jong Un regime.

Cho Jeon-myong, a former North Korean soldier who had defected and is now living in the U.S., said the North had made significant strides in its cyberwarfare capabilities and was aware of how to elicit a response from American targets.

“North Korea is very familiar with and knowledgeable about U.S. psychology and its system,” he said.

“They know how to inflict damage on the U.S. and threaten America through cyberterror.”

Jang Se-yul, a South Korea-based expert in North Korean cyberstrategy, said Kim “has a strong belief in the North’s cyberwarriors.”

Thor Halvorssen, the founder of the New York-based Human Rights Foundation, called Sony’s decision to pull its film based on North Korea’s threats “totally unacceptable.”

“Sony’s decision to cancel or postpone the film cannot go unnoticed,” he said.

“It is very sad that Sony is willing to bend to [the will of] this dictatorship.

Reported by RFA’s Korean Service. Translated by Bong Park. Written in English by Joshua Lipes.

Add comment

Add your comment by filling out the form below in plain text. Comments are approved by a moderator and can be edited in accordance with RFAs Terms of Use. Comments will not appear in real time. RFA is not responsible for the content of the postings. Please, be respectful of others' point of view and stick to the facts.

View Full Site