U.S. investigators have evidence that hackers stole the computer credentials of a system administrator to get access to Sony's computer system, allowing them broad access, U.S. officials briefed on the investigation tell CNN. The finding is one reason why U.S. investigators do not believe the attack on Sony was aided by someone on the inside, the officials tell CNN.
The revelation is part of what is behind the government's conclusion that hackers operating on behalf of North Korea were responsible. The government is expected to publicly blame the reclusive regime as early as Friday. The hackers ability to gain access to the passwords of a top-level information technology employee allowed them to have "keys to the entire building," one official said.
The access has led to some suspicion of perhaps an inside job. It's a common tactic that hackers use, and cyber-attacks often look like inside jobs, the officials say. U.S. used signal intelligence and other means to trace the attack to North Korea, finding digital footprints that pointed to North Korea. The statement to be issued as early as Friday morning will provide some of the evidence behind the U.S. government's conclusion, but not all.
Though officials say they are planning to lay blame on Friday, they haven't yet decided how to respond to the attack.