FBI Director Says 'Sloppy' North Korean Hackers Gave Themselves Away
FBI Director James Comey, today, said that the hackers who compromised Sony Pictures Entertainment usually used proxy servers to obfuscate their identity, but "several times they got sloppy."
Speaking today at an event at Fordham University in New York, Comey said, "Several times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using ... were exclusively used by the North Koreans.
"They shut it off very quickly once they saw the mistake, but not before we saw where it was coming from." It is perhaps possible that the servers in North Korea were not the original source, but were themselves proxy servers. The FBI has other reasons to attribute the attack to North Korea, Comey said -- including psychological profiles the Bureau's behavioral analysis unit developed about the attackers and the results of red team simulations.