WASHINGTON – The FBI on Friday formally blamed North Korea for the cyber-attack against Sony Pictures Entertainment, as the hack spurred mounting calls for the U.S. government to pursue a tough response against Kim Jong Un's regime.
"The FBI now has enough information to conclude that the North Korean government is responsible for these actions," the FBI said in a statement on Friday.
The bureau's statement had been expected earlier this week, but was delayed until Friday. A source close to the discussions told Fox News the government had to first notify various parties, including security firms.
The bureau said its findings were the result of an investigation that involved multiple departments and agencies, and were based in part on technical analysis of the malware used in the attack. The FBI said the malware "revealed links to other malware that the FBI knows North Korean actors previously developed."
Further, the FBI noticed "significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea." For instance, the FBI said several IP addresses with "known North Korean infrastructure" communicated with IP addresses "hardcoded" into the malware that ripped through Sony's systems, deleting data and swiping sensitive information and rendering thousands of computers inoperable.
The FBI also said the "tools" used in the attack are similar to those in a North Korea-led attack against South Korean banks and media outlets last year.
"We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there," the FBI said in its statement. "Further, North Korea's attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart.
"North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior."
The statement did not implicate China, a longtime ally of North Korea. President Obama, at a press conference on Friday, also said the government has "no indication" North Korea acted with another country. An intelligence source, though, earlier told Fox News that the evidence points to North Korea as the main player – yet with support from an outside party.
As the U.S. government pointed the finger squarely at North Korea, pressure was mounting for the Obama administration to have a severe response.
"We better quickly respond comprehensively to defend freedom of speech in the face of terrorist threats and cyber attacks," House Foreign Affairs Committee Chairman Ed Royce, R-Calif., said Friday. He urged the new Congress to, for starters, pass a North Korea sanctions bill.
Sen. Bob Menendez, D-N.J., urged the State Department to consider re-designating the country as a state sponsor of terrorism.
Former U.S. ambassador to the U.N. John Bolton took the same position.
“I think it is correct to treat it as a national security threat because it really could have been in a serious place,” Bolton told Fox News on Thursday. “If we can conclude it was North Korea, we need to put them back on the list of state sponsors of terrorism, we need to put all the economic sanctions back in place.”
He added, “If you treat this simply as an inconvenience, other countries will conclude that they can attack and get away with it.”
Obama vowed Friday: "We will respond."
Assistant Attorney General for National Security John P. Carlin said in a statement Friday that identifying the attackers was just the first step. "We will continue to do our part to protect and defend our nation from the asymmetric threats posed through cyberspace," he said.
Homeland Security Secretary Jeh Johnson said the hack was not just an attack against a company, but "an attack on our freedom of expression and way of life."
But officials have not said exactly what the response might be.
Asked directly at Thursday’s press briefing what the U.S. government is going to do about the unprecedented attack – which along with other factors led Sony to cancel the release of its film, “The Interview” – White House Press Secretary Josh Earnest said there are a “range of options.”
“We need a proportional response,” he said.
At the same time, he cautioned the U.S. should be “mindful of the fact that sophisticated actors, when they carry out actions like this, are oftentimes … seeking to provoke a response from the United States of America. They may believe that a response from us in one fashion or another would be advantageous so them.”
On Friday, the FBI vowed to "identify, pursue and impose costs and consequences on individuals, groups or nation states who use cyber means to threaten the United States or U.S. interests."
Rep. Patrick Meehan, R-Pa., chairman of the House Homeland Security Committee’s Subcommittee on Cybersecurity, also called for the U.S. to build cyberdefense capabilities. One bill dealing with cybersecurity has passed Congress and awaits President Obama’s signature.
“A lack of consequences for when nation states carry out cyberattacks has only emboldened these adversaries to do more harm,” Meehan said in a statement. "The attack on Sony shows the dire need to upgrade our cyber defenses.”
He told Fox News on Friday that: “We're part of a global network throughout the world [which] makes us vulnerable.”
Fox News’ Lucas Tomlinson and Catherine Herridge contributed to this report.