NSA chief says Sony attack traced to North Korea after software analysis

The massive Sony exhibit space is seen at the International Consumer Electronics show (CES) in Las Vegas, Nevada January 6, 2015. REUTERS/Rick Wilking

OTTAWA (Reuters) - The U.S. National Security Agency (NSA) identified North Korea as the source of the recent cyberattack on Sony Pictures Entertainment after analyzing the software used in the intrusion, NSA Director Admiral Michael Rogers said on Thursday.

Speaking to a Canadian security conference, Rogers explained that the discovery was part of the agency’s efforts to develop software to counter cyberattacks.

“We ultimately ended up generating the signatures to recognize the activity ... used against Sony,” Rogers said. “From the time the malware left North Korea to the time it got to Sony’s headquarters in California, it crossed four different commanders’ lines or areas in the U.S. construct.”

Sony’s network was attacked by hackers in November as the company prepared to release “The Interview,” a comedy about a fictional plot to assassinate North Korean leader Kim Jong Un. The attack was followed by online leaks of unreleased movies and emails that caused embarrassment to executives and Hollywood personalities.

North Korea has described the accusation as “groundless slander.”

Rogers said that cyberthreats are different from physical threats since they travel beyond geographical boundaries. He said the cyberthreats are also blurring the line between the public and private sectors, sometimes prompting new and unexpected partnerships.

“If you had told me (in the past) that I was going to be spending time working on an offensive act against a motion picture company, I would have thought: ‘What? What does that have to do with me?’ And yet that’s the world we find ourselves in.”

Editing by Andrew Hay