FBI Director Says 'Sloppy' North Korean Hackers Gave Themselves AwayBureau chief says hackers occasionally forgot to use proxy servers, while the Director of National Intelligence says North Koreans have no sense of humor.
FBI Director James Comey, today, said that the hackers who compromised Sony Pictures Entertainment usually used proxy servers to obfuscate their identity, but "several times they got sloppy."
Speaking today at an event at Fordham University in New York, Comey said, "Several times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using ... were exclusively used by the North Koreans.
"They shut it off very quickly once they saw the mistake, but not before we saw where it was coming from."
It is perhaps possible that the servers in North Korea were not the original source, but were themselves proxy servers. The FBI has other reasons to attribute the attack to North Korea, Comey said -- including psychological profiles the Bureau's behavioral analysis unit developed about the attackers and the results of red team simulations.
“There is not much in this life that I have high confidence about,” said Comey. “I have very high confidence in this attribution, as does the entire intelligence community.”
Director of National Intelligence James Clapper also spoke, quite bluntly relating tales of a tense dinner meeting he had in North Korea in November with "General Kim," a North Korean government official he believes was central to the Sony attack. Presumably he was referring to General Kim Yong-Chol, director of Unit 586, which includes Unit 121 -- the country's center of cyber-attack operations, recently estimated to be 6,000-troop strong.
Clapper said that Kim kept "pointing his finger at my chest and saying the US and South Korean exercise was a provocation to war and of course not being a diplomat, my reaction was to lean back across the table and point my finger at his chest."
"They really do believe they are under siege from all directions," said Clapper, "and painting us as an enemy that is about to invade their country every day is one of the chief propaganda elements that's held North Korea together."
"They are deadly, deadly serious," he said, "about affronts to the supreme leader, whom they consider to be a deity."
As for The Interview, the new Sony comedy about assassinating Kim Jong-Un, Clapper said he watched it over the weekend "and it's obvious to me that North Koreans don't have a sense of humor."
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio