World

U.S. suspects North Korea's surveillance body was involved in Sony cyberattack via Shenyang

Kyodo

Hackers linked to North Korea’s surveillance authority are believed to have sent threats to Sony Pictures Entertainment Inc. executives using an Internet Protocol address in Shenyang, northeastern China, a diplomatic source familiar with U.S. investigations said Wednesday.

The United States is apparently requesting that the Chinese government provide information on the IP address, as it would be strong evidence to show the involvement of North Korea’s General Reconnaissance Bureau in the cyberattack on the U.S. unit of Japan’s Sony Corp.

An IP address is a numeric code assigned to a computer connected to the Internet.

The source said a hacker who is already identified as engaging in activities under the bureau was confirmed to have been handling data via the IP address, including email threats to Sony Pictures executives.

The bureau is Pyongyang’s intelligence agency. It was established around 2009 by integrating related organizations in the Korean People’s Army, the People’s Armed Forces Ministry and the ruling Workers’ Party of Korea. It is said to be boosting its capability for cyberattacks.

On Dec. 19, the FBI announced it has identified North Korea as being behind the cyberattack on Sony Pictures.

After the attack and threats issued to movie distributors, Sony Pictures initially canceled the Christmas U.S. release of “The Interview,” a comedy film about a fictional assassination plot against North Korean leader Kim Jong Un.

The studio eventually reversed its decision and released the film online and at a limited number of U.S. theaters.

Regarding recent outages and sporadic disruptions to North Korea’s major Internet services, the source said the attack was probably carried out by a group of hackers and the United States is not responsible as claimed by Pyongyang.

The group of hackers is believed to be a different one from the international hacker group Anonymous.

Email messages were sent to the executives beginning in late November by hackers who called themselves the “Guardians of Peace,” claiming responsibility for posting inside information from Sony Pictures on the Internet.

At the time, the messages did not refer to the controversial movie.

North Korea has denied involvement in the cyberattack and blasted Sony Pictures’ release of the film. It also slammed the United States, alleging it disrupted the country’s Internet use.

In its Dec. 19 announcement, the FBI said several IP addresses associated with known North Korean infrastructure communicated with IP addresses that were coded into malicious software used in the attack to delete data.

Coronavirus banner