North Korea Denies Connection to Sony Hack, But Praises Attackers

Call it a denial with a smile. North Korea has officially denied any role in the devastating hacking attack against Sony Pictures Entertainment — while praising the people who carried it out.

In a statement issued Sunday by the Korean Central News Agency (KCNA), the country called the attack a “righteous deed,” attributing it to unknown “supporters and sympathizers” who might be acting on its behalf.

“We do not know where in America the Sony Pictures is situated and for what wrongdoings it became the target of the attack nor we feel the need to know about it,” the statement reads. “But what we clearly know is that the Sony Pictures is the very one which was going to produce a film abetting a terrorist act while hurting the dignity of the supreme leadership of the DPRK (Democratic People’s Republic of Korea, North Korea) by taking advantage of the hostile policy of the U.S. administration towards the DPRK.”

The KCNA statement continues with an indirect warning, seemingly encouraging the attackers while not taking responsibility for their actions. It says that the U.S. should “know that there are a great number of supporters and sympathizers with the DPRK all over the world … The righteous reaction will get stronger to smash the evil doings.”

A Sony spokeswoman declined comment on the statement.

North Korea’s grievance with Sony Pictures is “The Interview,” a forthcoming film produced by the studio starring Seth Rogen and James Franco as TV journalists chosen to conduct a rare interview with the country’s leader Kim Jong-Un. The two are then recruited by the CIA to try and assassinate Kim. The country has denounced the film to the United Nations and in a personal letter to President Obama seeking to stop its release.

The hacking attacks against Sony Pictures began on Nov. 24 when the company’s internal corporate network was crippled. A previously unknown group calling itself the Guardians of Peace has claimed responsibility for the breach. Re/code first reported on Nov. 28 that an internal investigation was focusing on a possible North Korean link to the attack.

Since then effects of the attack have come in ever more sinister waves. First confidential files containing business plans, budgets, employee salaries and Social Security numbers and other sensitive information started to appear on file-sharing sites. Then came the release to file-sharing sites of five Sony films, four of which had not yet been released.

On Friday, some Sony employees received a threatening email purporting to be from the leader of the Guardians of Peace group. “What we have done is so far is only a small part of our further plan,” the message reads. “Please sign your name to object the false of the company at the email address below if you don’t want to suffer damage. If you don’t, not only you but your family will be in danger.”

The latest detail, reported this morning by Bloomberg News traces the origin of the leaked Sony files to an IP address at the St. Regis Hotel in Bangkok, Thailand.

It’s worth noting that North Korea is denying something it hasn’t yet been formally accused of. Currently the country’s connection is only a theory based on circumstantial evidence and similarities to prior attacks that have been attributed to North Korea. For one, the creators of the malware used in the Sony attack were working on PCs using the Korean language. Additionally, “wiper” software used to delete hard drives in the Sony attack was similar to that used in a series of attacks against South Korean banks and TV broadcasters last year.

On Saturday the Los Angeles Times reported that U.S. law enforcement officials investigating the attack are taking the possibility of a North Korean connection seriously.

Whether or not a North Korean connection is ever proven, there’s essentially nothing Sony can do about it — except to carry out damage control over any new data leaks that might appear.

This article originally appeared on Recode.net.