The Obama administration’s extraordinary decision to point fingers at North Korea over the hacking of Sony Pictures Entertainment Inc. could lead to a courtroom spectacle in the event charges are ultimately filed against someone without ties to the isolated country, such as a disgruntled employee or an unrelated hacker.
Legal experts say potential complications illustrate why federal authorities rarely announce they’ve solved a case before an arrest.
“Once the government says it has good reason to believe North Korea did it, then that is good reason to believe that the defendant did not do it unless the defendant was an agent of North Korea,” said Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society.
U.S. officials for weeks have been emphatic in blaming North Korea for the hack attack, citing similarities to other tools developed by the country in specific lines of computer code, encryption algorithms and data deletion methods. The Obama administration ? reeling over persistent public skepticism whether North Korea was to blame ? asserted its certainty again last week, announcing a new round of sanctions against North Korea that officials said will be just the first step of retaliation.
FBI Director James Comey told a cybersecurity conference in New York on Wednesday that the hackers “got sloppy” and mistakenly sent messages directly that could be traced to Internet addresses used exclusively by the North Korea. Comey said the hackers had sought to use proxy computer servers, a common ploy to disguise hackers’ identities and throw investigators off their trail by hiding their true locations.
“It was a mistake by them,” Comey said. “It made it very clear who was doing this.”
Though the FBI has repeatedly maintained that there’s no credible evidence suggesting anyone other than North Korea was responsible, that hasn’t stopped skeptics from challenging the government’s conclusion and raising questions about whether hackers or Sony insiders could be the culprits instead of ? or maybe along with ? North Korea. At least one firm claims to have identified a group of individuals it says may have attacked the company’s networks.