How Did North Korea Pull Off the Sony Hack?

So the FBI has now formally accused North Korea of being behind the gigantic cyber-attack that has brought Sony Pictures to its knees over the past month—culminating in Sony’s decision yesterday to pull The Interview, which is about a fictional plot to assassinate Kim Jong-un, from theaters.

In other words, arguably the most damaging cyber-attack against a company ever, was, astonishingly, carried out by a very poor country where citizens are thought to lack basic internet access. 

“My students did not know the existence of the internet,” a North Korean school teacher and author, Suki Kim, said in a recent New York Times Book Review podcast. Hard numbers on internet access in North Korea are hard to come by (the International Telecommunications Union has no data for the country), but we do know cellphone access is booming.

Nonetheless, according to a Reuters report earlier this month, North Korea’s government has been pouring resources into cyber-espionage and hacking, which are much cheaper than heavy-duty military hardware. The totalitarian state established a secretive hacking cell called Bureau 121. “Military hackers are among the most talented, and rewarded, people in North Korea, handpicked and trained from as young as 17,” Reuters wrote, citing a defector. About 1,800 cyber-warriors are housed in the unit, which is considered the elite of the military, according to the report.

Today’s FBI statement is the first time the US government (which had already briefed media outlets about this conclusion) has gone on the record about the Sony hack, which has captivated much of the media this week and unnerved Hollywood.

The FBI statement cites “similarities in specific lines of code, encryption algorithms, data deletion methods” to other malware North Korea is believed to have developed, as well as a “significant overlap” in the infrastructure used in the Sony attack with other attacks carried out by the state. The statement will probably put to bed lingering skepticism that North Korea was pulling the strings behind the attack. It reads:

We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea’s attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States.

CNN is also reporting that the hackers sent another email directly to senior Sony executives this morning, warning them not to release the movie in any form.

How the US government proceeds from here remains to be seen.

Update 2:15 pm: At his last scheduled press conference for 2014, President Obama criticized Sony for its decision to pull The Interview from theaters. “I wish they had spoken to me first,” he told reporters. “We will respond, and we will respond accordingly.”