The US government has taken a lot of heat for publically blaming North Korea for the hack on Sony Pictures last November. Up to this point, however, they haven’t provided many details as to what led them to that conclusion – until now.
According to FBI director James Comey, the Sony hackers slipped up on more than one occasion by failing to use proxy servers to mask the origin of their attack. This move revealed IP addresses that the FBI claims were used exclusively by North Korea.
During a speaking engagement at a Fordham Law School cybersecurity conference on Wednesday, Comey said the missteps could have been either because they simply forgot to use a proxy server or due to technical reasons. Once they realized their mistake, Comey added, they quickly shut the connection down but not before authorities were able to trace it.
Of course, Comey’s statement will likely do little to silence a security community that seems divided on the matter. After all, the IP addresses that the FBI picked up could have been proxies themselves designed to further throw off the investigation.
As Wired points out, the Guardians of Peace initially tried to extort money from Sony before they made any political demands. The group didn’t even mention The Interview until well into the attack.
Comey concluded that he wanted to show the American people as much as possible about why but show the bad guys as little as possible about how. That’s because it will happen again and they want to preserve their methods and sources.