U.S. intelligence director puts blame on PyongyangU.S. Director of National Intelligence James Clapper pointed to North Korean General Kim Yong-chol, the director of the Reconnaissance General Bureau, as the mastermind behind the Sony Pictures hacking in a cybersecurity conference on Wednesday.
The Reconnaissance General Bureau, Pyongyang’s primary intelligence organization and operator of major cyberoperations, he said, was responsible for overseeing the cyberattack on Sony in late November to prevent the release of “The Interview,” a comedy based on an assassination plot against the regime’s leader Kim Jong-un.
Clapper told an audience of government and private cybersecurity experts at Fordham University in New York that he gained insight into North Korea’s anti-American mindset while dining with a top North Korean general last year, when he was sent there to negotiate the release of two U.S. prisoners.
The four-star general would have been the one to give the green light for the attack on Sony, he said.
In November, Clapper went to Pyongyang on a secret mission to secure the release of two American citizens detained in the country.
Clapper said that he was berated by the general for America’s aggressions and jabbed in the chest by him.
Gen. Kim, who is known to have led the operation to sink South Korea’s Cheonan warship in 2010, is one of the persons listed as a target of the new sanctions announced last week by the Barack Obama administration in response to the Sony hacking scandal.
The Reconnaissance General Bureau, created in 2009, is responsible for educating and dispatching spies, collecting intelligence and terror operations.
Additionally, Clapper warned that North Korea would continue attacks against American interests unless the United States “pushes back.”
North Koreans “really do believe they are under siege from all directions,” and “are deadly, deadly serious about affronts to the supreme leader,” he said.
FBI Director James Comey also revealed new details Wednesday about the stunning cyberattack against Sony Pictures Entertainment Inc., part of the Obama administration’s effort to challenge persistent skepticism about whether North Korea’s government was responsible for the hacking.
Speaking at the same conference at Fordham University, Comey revealed that the hackers “got sloppy” and mistakenly sent messages that could be traced to IP addresses used exclusively by North Korea.
Comey said the hackers had sought to use proxy computer servers, a common ploy hackers use to disguise their identities and throw investigators off their trail by hiding their true locations.
“It was a mistake by them,” he said. “It made it very clear who was doing this.”
On Dec. 20, the Associated Press reported that the FBI had discovered that computer Internet addresses known to be operated by North Korea were communicating directly with other computers used to deploy and control the hacking tools and collect the stolen Sony files.
The FBI previously said its evidence also included similarities to other tools developed by North Korea in specific lines of computer code, encryption algorithms and data deletion methods.
“I have very high confidence about this attribution to North Korea, as does the entire intelligence community,” Comey said.
North Korea has denied it was involved in the hacking.
However, Comey said the Sony attack had “clear links” to malware developed by North Korea. The same tools were used in an attack last year on South Korean banks and media outlets, he added.
The FBI’s Behavioral Analysis Unit studied statements and threats purporting to be from Guardians of Peace, a group that claimed to be behind the attack, and compared them to other known attacks by the North Koreans, Comey said.
The unit told him, “Easy for us - it’s the same actors,” he said.
The director said the evidence should undermine persistent skepticism by some cyber experts that individual hackers or a disgruntled insider were the culprits behind a hack that sabotaged the wide release of “The Interview.”
“They don’t have the facts that I have, don’t see what I see,” he said.
Comey said he was hesitant to reveal more about how U.S. officials learned that North Korea was the source “because it will happen again, and we have to preserve our methods and sources.”
Earlier this week, Sony CEO Kazuo Hirai broke his silence about the attack, saying his employees were victims of a “vicious and malicious cyberattack,” while adding that he’s proud of them for standing against “the extortionist efforts of criminals.”
BY AP, SARAH KIM [email@example.com]