Government Prepared to Blame North Korea for Sony Cyber Attack

(WASHINGTON) — The U.S. government is about to take the bold step of publicly branding the North Korean regime as the driving force behind the massive cyber-attack on Sony Pictures that has paralyzed the film company and raised fears of terrorist attacks inside the United States, sources tell ABC News.

An official statement from within the Justice Department is expected to be released Friday, just hours before President Obama takes questions at a year-end press conference. The statement expected to be released Friday will lay out at least some of the evidence the U.S. government has uncovered tying North Korea to the attack, sources said.

In particular, the statement will say the intrusion into Sony had specific signatures of a North Korean style hack, and that investigators discovered the hack was identical to a series of other attacks in South Korea last year that they are certain were carried out by North Korea.

Earlier this month, a North Korean official denied allegations that the government was involved in the hacking, calling it “wild speculation.” Still, the official described the attack as a “righteous deed,” according to a North Korean state news agency.

On Nov. 21, Sony executives received an email warning them not to release their new “movie of terror,” referring to the comedy The Interview, which depicts a fictional assassination of North Korean dictator Kim Jong Un. Soon thereafter, Sony was hit with the now-infamous cyber-attack, crippling its computer network and flooding the Internet with embarrassing internal emails and employees’ personal information.

Then, on Tuesday, a message posted online warned of a 9/11-style attack on theaters showing the film. Sony then decided not to release the movie at all.

Identifying exactly who executed the attack has been a challenging and painstaking task for federal investigators. Based on evidence collected so far, federal sources told ABC News, they believe an individual or small group stationed outside North Korea may have punched the computers keys that launched the attack, which was then likely routed through at least six countries overseas — Singapore, Thailand, Italy, Bolivia, Poland and Cyprus — before hitting its target in the United States.

A group calling itself “Guardians of Peace” has claimed responsibility.

It’s unclear what role North Korea’s army of cyber soldiers — known as “Bureau 121” — may have played in the intrusion. But some of the techniques and computer codes used in the Sony penetration are similar to those used by the North Korean military unit in previous cyber-attacks in South Korea.

“The U.S. government is working tirelessly to bring the perpetrators of this attack to justice, and we are considering a range of options in weighing a potential response,” the president’s National Security Council said in a statement Wednesday night.

But U.S. officials won’t say exactly what is being considered, offering only that it will be “a proportional response." So far officials have refused to characterize the Sony attack as an “act of war” or “an act of terrorism,” and the statement later Friday is not expected to do so.

Top administration officials, meanwhile, have been engaged in an extensive debate over whether President Obama should call the Sony attack "terrorism" during his press conference later Friday.

Federal law appears conflicted over whether the Sony hack would constitute an act of terrorism. Regulations governing homeland security define an “act of terrorism” as an illegal act that “causes harm, including financial harm, to a person, property or entity, in the United States,” and that is “intended to cause…loss to citizens…of the United States.”

The Sony attack appears to fit that description, with Sony saying in a statement Wednesday that the “brazen” and “unprecedented criminal assault” did “damage to our company, our employees, and the American public.”

But other federal law defines a “federal crime of terrorism” as an act that is intended to “influence or affect the conduct of government” and targets federal officials specifically. In the Sony hack, a private company and its employees — not federal officials — were the targets.

Regardless, federal charges could be filed against those responsible. And the Obama administration considers the issue to be “a serious national security concern,” the White House said Friday.

Last week, the head of the Justice Department's National Security Division, John Carlin, said the Sony hack “has our full attention.” Two days later, FBI officials held a meeting in New York with executives from across the entertainment industry to brief them on cyber-related threats to their companies, sources told ABC News.

In addition, just hours before Sony’s decision Wednesday to pull the plug on its Christmas Day release of the movie, the FBI issued its first official message about the Sony hack to joint terrorism task forces across the country — comprised of federal, state and local officials that the FBI describes as “our nation’s front line on terrorism.”

“The FBI’s investigative team believes these [latest threats] increase the threat level” inside the United States, according to the message. But, FBI officials emphasized, the threat to movie theaters was not deemed credible, and the message distributed Thursday by the FBI was simply precautionary and informational.