FBI's accusation that North Korea hacked Sony has 'puzzle pieces that don't make sense' says Lieberman Software

'It is pretty easy to forge email IP addresses' security firm points out

Experts are beginning to question the FBI's assertion that North Korea was behind the recent hacking attacks on Sony Pictures.

FBI director James Comey, speaking at the International Conference on Cyber Security [ICCS 2015] at Fordham University this week, said that the hackers "got sloppy", leaving behind clues that show North Korea's direct involvement in the attack. This proof is said to include IP addresses used only by an ISP in North Korea.

"I know that some serious folks have suggested that we have it wrong," said Comey. "They don't have the facts that I have. They don't see what I see."

Comey alleges that North Korea made "a mistake" in not masking their IPs, and "would shut it off very quickly once they realised the mistake, but not before we saw them and knew where it was coming from".

He maintained the FBI has "not just high confidence but very high confidence about who perpetrated this attack".

However, many in the security industry say a disgruntled former employee is more likely to be the true culprit, and question whether hackers working for a regime like North Korea would make the kind of silly errors that Comey mentioned.

"It is pretty easy to forge email IP addresses," said Philip Lieberman, CEO of identity and security management firm Lieberman Software.

"Similarly, it is easy to modify malware to contain attribution addresses - proper tradecraft uses only anonymous proxies within embedded malware."

The real question, said Lieberman, is "whether national security assets reveal intercepted IP traffic (i.e. packets) from North Korea exists regarding these events, that show positive command and control being initiated by North Korea".

"To date, no one has seen this level of attribution as this would be positive confirmation of wire taps into North Korean traffic."

Lieberman concluded that "the US government could have it right, or maybe they have it wrong".

"There are a lot of puzzle pieces that don't make much sense with the US government scenario. Missing pieces tend to keep the security community up at night scratching their heads."