FBI: North Korea “got sloppy” with IP addresses in Sony hack

The FBI continued to insist Wednesday that North Korea was responsible for hacking Sony Pictures Entertainment, the Associated Press reported. FBI Director James Comey said at a New York cybersecurity conference that North Korea “got sloppy” when it attempted to use proxy servers that would mask the attacks.

Apparently, North Korea forgot to conceal some of its activities with the proxy servers, which resulted in the FBI discovering messages that were linked to IP addresses that North Korea “exclusively used,” Comey said.

When North Korea realized it made a mistake, it rectified the situation, but Comey said it was too late and the FBI “saw where it was coming from,” reported Wired.

The Sony data breach is also linked to North Korean-developed malware, which the isolated nation supposedly used to break into South Korean banks last year, he said.

While Comey shared a few more tidbits into the [company]Sony[/company] hack, he was hesitant to go into greater detail on how exactly the U.S. was able to pinpoint North Korea as the culprit beyond what he said because the U.S. has to “preserve our methods and sources.”

This will undoubtedly not please the security experts who have been raising concerns about the U.S. government’s story that North Korea was responsible, claiming the little evidence the FBI has shown so far does not prove its case. Security firm Norse Corp. recently showed the FBI its own forensics on the Sony hack, which the FBI reportedly brushed aside.

Addressing the skeptics, Comey said during the cybersecurity conference, “They don’t have the facts I have.”

Again, this seems to be a “take us at our word” situation with the FBI holding the details and releasing the occasional nugget of information to appease naysayers. It’s safe to say there’s been no smoking gun released so far.