US government reportedly blaming North Korea for Sony hack
US government reportedly blaming North Korea for Sony hack

The New York Times and Wall Street Journal, together with CNN TV News and others, have quoted senior Obama administration officials as saying that Pyongyang was behind last month's hack on the Californian TV and film company, carried out by the so-called ‘Guardians of Peace'.

The officials “strongly suspect” North Korea's Unit 121 cyber-espionage team, part of the country's General Bureau of Reconnaissance, carried out the hack.

The reports have met a mixed response from Europe's information security community - as has Sony's decision earlier this week to cancel its planned release of ‘The Interview', a comedy about a CIA plot to kill North Korean leader Kim Jong-un which is believed to have sparked off the cyber-attack.

This followed the refusal of the US main cinema chains to screen the film, raising concerns at an apparent surrender to a rogue nation-state attack on free speech.

According to Thursday's New York Times: “American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers. Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was debating whether to publicly accuse North Korea of what amounts to a cyber-terrorism attack.

“Officials said it was not clear how the White House would respond.”

Likewise, the Wall Street Journal reported: “US officials' conclusion that Pyongyang was behind the hacking attack on Sony Pictures has raised the difficult question of how Washington should respond to an aggressive act by a foreign government.

“Investigators strongly suspect the attack was carried out by Unit 121. That team has previously been linked to other cyber-attacks against South Korean targets.

“US officials are still gathering evidence and are trying to build a clearer picture of who directed the hacking and how.”

If confirmed, the US government's verdict builds on evidence gathered two weeks ago by Symantec and Kaspersky who both analysed the Destover malware used to wipe Sony's files, and found it used the Korean language and had “glaring similarities” and “several links” with the earlier Dark Seoul campaign against South Korea - which the South Korean Government insisted came from North Korea.

However, both companies stopped short of directly accusing North Korea.

Asked about the latest reports based on unnamed sources, UK cyber-security expert and Europol adviser Professor Alan Woodward was sceptical.

“This has more credibility than the speculation before. It suggests they have some intelligence other than electronic intelligence, because proving attribution from a purely electronic point of view is very difficult,” he told

Woodward said Unit 121 is synonymous with North Korea - so any evidence of hacking by North Korea would inevitably mean this Unit was involved.