Sony Finds Link to N. Korea in Hack Probe

Hackers used tools in a devastating cyber attack on Sony Pictures Entertainment that were based on ones used in similar attacks conducted against South Korea by North Korea, a person familiar with the company's investigation said on Wednesday.

The person, who was not authorized to publicly discuss Sony's probe into the attack, said that investigators hired by the company made the connection to North Korea as they reviewed evidence left by the hackers.

The technology news site Re/code reported earlier on Wednesday that Sony intends to name North Korea as the source of the attack, which exposed massive volumes of internal company data and shut down its computer systems for a week.

But U.S. national security officials said government agencies still had not determined whether North Korea was responsible for the Sony Pictures attack.

The hacking into one of Hollywood's biggest studios has alarmed the government and cyber security experts, who say this is the first major attack on a U.S. company to use a highly destructive class of malicious software that is designed to incapacitate computer networks. The FBI issued a warning to U.S. businesses on Monday.

The attack launched on Nov. 24 came a month before the entertainment unit at Sony Corp. is due to release "The Interview," a comedy starring James Franco and Seth Rogen as two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un.

The Pyongyang government denounced the film as "undisguised sponsoring of terrorism, as well as an act of war" in a letter to U.N. Secretary-General Ban Ki-moon in June.

TOO EARLY FOR DEFINITIVE ASSESSMENTS

Details of the announcement from Sony about a North Korean link were still being finalized and could be released as early as Wednesday, according to Re/code.

But when asked about the Re/code report, a Sony spokeswoman said no announcement from the studio was coming.

Sony hired security firm FireEye Inc and its Mandiant forensics unit to lead the probe. Mandiant has handled some of the largest data breaches, including the 2013 holiday attack on Target Corp.

One national security official said that numerous governments, groups and individuals are capable of mounting sophisticated hacking attacks, and that at this point the offensive on Sony Pictures did not appear particularly unique. Another official said that it was still too soon after the hack to make definitive assessments of responsibility.

Representatives of the FBI and Department of Homeland Security, which are conducting a separate investigation into the attack, declined to comment, as did the Justice Department and White House.

JPMorgan Chase & Co Chief Executive Officer Jamie Dimon, whose bank was recently hit by hackers stealing records of 83 million customers, said companies need to learn how to cope with cyber threats like the Sony hack.

"I mean, I wouldn't freak out about it. I would just take it like a serious issue of security," Dimon told Reuters after an event hosted by the Business Roundtable in Washington.

Sony has struggled to get all of its systems back up nine days after the attack and studio co-chiefs told staff in a memo on Tuesday that they still did not know the "full scope of information that the hackers might have or release."

They said personnel and business information was compromised, without giving further details, while encouraging employees to use identity protection services offered by the company.

The attack is another blow for Sony Pictures, which produces the blockbuster James Bond and Spider-Man franchises. In the past year, the company laid off staff and cut costs after pressure from activist investor Daniel Loeb to improve profitability. That followed expensive 2013 flops such as "After Earth" and "White House Down."

(Reporting by Jim Finkle in Boston; Additional reporting by Lisa Richwine in Los Angeles and Mark Hosenball and Emily Stephenson in Washington; Writing by Mary Milliken; Editing by Lisa Shumaker)