North Korea was behind the devastating hack attack on Sony Pictures Entertainment, the FBI announced on Friday.
The FBI said in its statement: “North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior.”
The announcement confirmed mounting evidence that the North Korean dictatorship, incensed by a comedy that depicted the assassination of its leader Kim Jong-un, took the extraordinary move to attack a Hollywood studio and attempt to force the withdrawal of the movie.
The attack was crippling, and the attack succeeded, as Sony this week pulled “The Interview” from its scheduled Christmas Day release.
The leaks began on Nov. 24, resulting in terabytes of private company data being released online. The leaks and a subsequent threat against theaters planning to show “The Interview,” led Sony to cancel the release of film at the center of the hack.
The FBI further issued this statement:
As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
· Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
· The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
· Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
“This is almost unprecedented, that they’re able to say this publically so soon,” said CNN reporter Evan Perez following the announcement.
In a statement from the Department of Homeland Security later on Friday, Secretary Jeh Johnson said the hacking was not just an attack against a company and its employees, “it was also an attack on our freedom of expression and way of life.
“This event underscores the importance of good cybersecurity practices to rapidly detect cyber intrusions and promote resilience throughout all of our networks. Every CEO should take this opportunity to assess their company’s cybersecurity. Every business in this country should seek to employ best practices in cybersecurity.”
Johnson went on to stress that the DHS seeks to raise the level of cybersecurity in both the private sector and civilian government against cyberthreats, and encouraged businesses and other organizations “to use the Cybersecurity Framework to assess and limit cyber risks and protect against cyber threats.”
TheWrap had previously reported that an insider was believed to have worked with North Korea to accomplish the devastating attack, and Perez said Friday: “The hackers stole the credentials of a systems administrator, somebody who had the keys to the kingdom at Sony pictures, the entire computer system. That way they were able to get in there and lurk around really for months.”
A group calling itself #GOP or the Guardians of Peace, took credit for the cyberattack. On Tuesday, along with the latest dump of Sony information, the hackers threatened a 9/11-style attack on theaters showing the comedy.
The film stars Seth Rogen and James Franco as U.S. journalists who are asked by the CIA to assassinate North Korean leader Kim Jong-un. North Korea last summer warned that the film’s release would be an “act of war that we will never tolerate,” and said that the United States will face “merciless” retaliation. Its government on Dec. 6 denied it was behind the Sony hacking, but called the cyberattack “a righteous deed” and said that it could be the work of its supporters.
The message included with the release of a hacked emails warned theatergoers in broken English to “recommend you to keep yourself distant.”
Sony and theater owners took the threat seriously, and several chains pulled out of showing the film, which was set to hit theaters on December 25. Sony quickly followed suit and yanked the comedy altogether.
“In light of the decision by the majority of our exhibitors not to show the film ‘The Interview,’ we have decided not to move forward with the planned December 25 theatrical release,” the studio said in a statement to TheWrap on Wednesday. “We respect and understand our partners’ decision and, of course, completely share their paramount interest in the safety of employees and theater-goers.”
Sony Hack Attack Timeline: From First Cyberbreach and Leaks to 'The Interview' Release (Photos)
As Sony CEO Michael Lynton announces his resignation, let's look back at one of the darkest periods of his tenure: the Sony hack.
News of a massive cyberbreach at Sony Pictures began leaking out in late November. Later reports indicated the studio had been warned weeks earlier.
NOV. 24: The hacker group identified as #GOP purportedly took over computers and hijacked Twitter accounts, sending out ominous messages to Sony staff. Read more.
NOV. 25: Sony Pictures employees greeted with an ominous image on their computer screens when they tried to log in for the work week. Read more.
NOV. 28: Sony struggles to fight #GOP hackers who claim stolen data includes stars’ IDs, budget and contract figures. Read more.
NOV. 30: Investigators know North Korea is unhappy with comedy "The Interview," which makes light of an attempt to assassinate its leader Kim Jong-un. Read more.
DEC. 1: Studio has made progress in restoring critical business systems, insider says at the time. Later reports dispute this. Read more.
DEC. 1: Hack analysis: How much will this ‘nightmare’ cost? Damage to Sony’s reputation will be key in determining the cybercrime’s toll. Read more.
DEC. 1: Blogger posts a spreadsheet of the top 17 executives earning $1 million or more. Read more.
DEC. 1: North Korea denies involvement. A government official previously teased “wait and see.” Read more.
DEC. 2: Sony bosses Michael Lynton and Amy Pascal address "malicious criminal acts" in a company-wide memo to staff. Read more.
DEC. 2: Media outlets obtain spreadsheets including social security numbers and detailed performance reviews for 3,000 Sony Pictures employees. Read more.
DEC. 2: When asked if North Korea was involved, a spokesman for the communist country’s government replied, “Wait and see.” Read now.
DEC. 3: Salaries of ‘The Interview’ stars Seth Rogen and James Franco revealed in Sony hacking leak. Read more.
DEC. 4: Hollywood studios ramp up security in wake of Sony hack. Read more.
DEC. 4: North Korea reportedly denies involvement in Sony hack attack. Read more.
DEC. 4: Sylvester Stallone, Judd Apatow are among 47,000 employees compromised in latest leak. Read more.
DEC. 6: Sony Hack Attack "unparalleled," says head of cybersecurity firm. Read more.
DEC. 7: Sony hackers reportedly worked from Thailand and may have North Korean ties. Internet leaks of confidential data traced to a five-star Bangkok hotel. Read more.
DEC. 8: Sony hackers demand ‘The Interview’ pulled: "Stop immediately showing the movie of terrorism." Read more.
DEC. 8: FBI plan to hold employee cybersecurity awareness briefings on the Sony studio lot. Read more.
DEC. 8: Hackers sent top Sony execs a threatening email days before the attack. Read more.
DEC. 8: Hack exposes celebrity aliases for Tom Hanks, Jude Law, Natalie Portman and more in latest leak. Read more.
DEC. 8: Hackers leak sensitive email of Sony execs Amy Pascal and Steven Mosko. Read more.
DEC. 9: Hackers reveal animated ‘Spider-Man’ comedy in the works. Read more.
DEC. 9: Heated emails between Sony Chief Amy Pascal and Scott Rudin leaked. Read more.
DEC. 10: FBI says attack so sophisticated that it would have gotten past "90 percent" of security firms. Read more.
DEC. 11: Sony hack attack theory suggests North Korea was involved but had insider help. Read more.
DEC. 11: Amy Pascal and Scott Rudin apologize for racially insensitive remarks about President Obama. Read more.
DEC. 11: Kevin Hart responds to leaked Sony emails calling him a ‘whore.’ Read more.
DEC. 11: Hackers flash disturbing new warning on staffers’ computers. Read more.
DEC. 11: Amy Pascal talks to Sharon Waxman about whether she's so damaged she can no longer lead Sony (exclusive). Read more.
DEC. 11: Sony had evidence of server breach as early as February. Read more.
DEC. 12: Sony orders its name removed from "The Interview" marketing materials. Read more.
DEC. 12: Sony arm Crackle pulls hacker movie "The Throwaways." Read more.
DEC. 14: Sony demands media stop publishing stolen data. Read more.
DEC. 14: Producers reveal hackers stole James Bond "Spectre" script. Read more.
DEC. 15: Lawyer's letter confirms "The Interview" was the cause of hack attack. Read more.
DEC. 16: Sony hackers threaten 9/11-style attack on theaters that show "The Interview." Read more.
DEC. 16: James Franco and Seth Rogen withdraw from press interviews for "The Interview." Read more.
DEC. 16: Sony tells theaters they can pull "The Interview." Read more.
DEC. 16: Carmike theater chain drops "The Interview" after hacker terror threat. Read more.
DEC. 16: ArcLight Cinemas drops "The Interview" amid hacker threats. Read more.
DEC. 16: Sony CEO Michael Lynton's emails leaked. Read more.
DEC. 16: Former Sony employees file class-action suit against studio. Read more.
DEC. 16: Landmark Theaters cancels "Interview" New York premiere. Read more.
DEC. 17: Bow Tie Cinemas drops "The Interview." Read more.
DEC. 17: Judd Apatow says, "I am going to 'The Interview.'" Read more.
DEC. 17: Rosie O'Donnell says she will not see "The Interview." Read more.
DEC. 17: Five major theater chains pull "The Interview." Read more.
DEC. 17: Sony Pictures cancels release of "The Interview." Read more.
DEC. 17: Hollywood outraged at decision to pull "The Interview." Read more.
DEC. 17: Per CNN, US Government to announce North Korea was behind Sony hack. Read more.
DEC. 17: What are U.S. options if North Korea is confirmed as cyberterrorist? Read more.
DEC. 17: Steve Carell’s North Korea movie "Pyongyang" canceled in wake of Sony hack. Read more.
DEC. 17: Rob Lowe, Judd Apatow, Michael Moore and others express their outrage on social media. Read more.
DEC. 18: Paramount thwarts plans by theaters to replace ‘The Interview’ with "Team America: World Police" Read more.
DEC. 18: Newt Gingrich, Mitt Romney, Rep. Peter King and Colin Powell weigh in on the cancelation of "The Interview. Read more.
DEC. 19: FBI officially implicates North Korea in Sony hack Attack. Read more.
DEC. 19: New Sony leak reveals 50 scripts from Michael Lynton’s inbox. Read more.
DEC. 20: North Korea denies involvement in hack attack, warns U.S and offers to join joint probe. Read more.
DEC. 20: Sony deletes "The Interview’s" social media profiles in wake of hack, movie’s cancellation. Read more.
DEC. 20: Mike Myers returns to Saturday Night Live, reprising his Dr. Evil role from “Austin Powers” to deliver some advice regarding the hack. See more.
DEC. 20: RNC chair Reince Priebus sends a letter urging the CEOs of 10 major theater chains to screen “The Interview.” Read more.
DEC. 21: President Obama insists on CNN that the Sony hack is "cyber vandalism," not "act of war." Watch more.
Dec. 21: Sony attorney says "The Interview" will be distributed despite hackers’ threats. Watch more.
DEC. 22: Security experts register doubts about North Korean involvement in hack. Read more.
DEC. 22: Sony threatens Twitter with lawsuit if additional "stolen information" appears on the service. Read more.
1 of 68
As Sony CEO Michael Lynton prepares to exit, here’s TheWrap’s blow-by-blow of 2014’s devastating cyberattack on the studio
As Sony CEO Michael Lynton announces his resignation, let's look back at one of the darkest periods of his tenure: the Sony hack.
