The director of the Federal Bureau of Investigation has offered fresh details of the cyber attack on Sony Pictures as he defended the US claim that North Korea was responsible.
Some internet security consultants have cast doubt on Pyongyang's involvement in the data breach, but James Comey, the FBI director, said he had "high confidence" in the bureau's conclusion and cited recently declassified material.
Guardians of Peace, the group claiming credit for the attack, used proxy services to disguise their location when sending emails threatening Sony employees and posting statements online explaining their work, he said. But, he added, they got "sloppy".
"Several times either because they forgot or they had a technical problem they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans," he said.
His comments came in response to recent allegations by a private computer security firm that said the cyber attack, which revealed embarrassing emails, salary information about employees, and other sensitive information, was more likely to be an inside job. Sony's chief executive called the attack "vicious".
Mr Comey said the FBI was still looking to identify the "vector" of the attack but said "the likely vector for the entry into Sony" evolved from a spear phishing attempt on the company as late as last September. Spear phishing is a technique deployed by hackers who send emails posing as someone known to the recipient, seeking information such as passwords.
Mr Comey was speaking at a cyber conference held by the FBI and Fordham University.
The US administration last month said it believed North Korea was behind the attack that nearly derailed Sony's release of the The Interview , a Seth Rogan comedy depicting the assassination of North Korean leader Kim Jong Un, and vowed to impose "costs and consequences" on those responsible.
More from The Financial Times:
Last Friday, the US government imposed new sanctions on North Korea in response to the Sony attack. The Treasury department targeted three entities and 10 individuals as agencies or officials controlled by the North Korean government.
The main targets of the new sanctions include officials connected to Pyongyang's primary arms dealer and exporter, the Korea Mining Development Trading Corporation. North Korea's main intelligence organisation, Reconnaissance General Bureau, was also named in the new sanctions.
North Korea described the sanctions move as hostile and repressive, and repeated its denial of responsibility for the Sony attack.
Earlier in the day James Clapper, the Director of National Intelligence, called the Sony hack "the most serious cyber attack ever made against the US". He said cyber attacks were a powerful new tool used by North Koreans to have maximum impact at little to no cost.
"That's why we have to push back," he said.