"Several times either because they forgot or they had a technical problem they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans," he said.
His comments came in response to recent allegations by a private computer security firm that said the cyber attack, which revealed embarrassing emails, salary information about employees, and other sensitive information, was more likely to be an inside job. Sony's chief executive called the attack "vicious".
Read MoreNorth Korea may be emboldened by hack response: Director ofNational Intelligence
Mr Comey said the FBI was still looking to identify the "vector" of the attack but said "the likely vector for the entry into Sony" evolved from a spear phishing attempt on the company as late as last September. Spear phishing is a technique deployed by hackers who send emails posing as someone known to the recipient, seeking information such as passwords.
Mr Comey was speaking at a cyber conference held by the FBI and Fordham University.
The US administration last month said it believed North Korea was behind the attack that nearly derailed Sony's release of the The Interview , a Seth Rogan comedy depicting the assassination of North Korean leader Kim Jong Un, and vowed to impose "costs and consequences" on those responsible.
More from The Financial Times:
Eurozone falls into deflation for first time since October 2009
Fed unlikely to raise rates before April
Liberty and laughter will live on
Last Friday, the US government imposed new sanctions on North Korea in response to the Sony attack. The Treasury department targeted three entities and 10 individuals as agencies or officials controlled by the North Korean government.
The main targets of the new sanctions include officials connected to Pyongyang's primary arms dealer and exporter, the Korea Mining Development Trading Corporation. North Korea's main intelligence organisation, Reconnaissance General Bureau, was also named in the new sanctions.
North Korea described the sanctions move as hostile and repressive, and repeated its denial of responsibility for the Sony attack.
Earlier in the day James Clapper, the Director of National Intelligence, called the Sony hack "the most serious cyber attack ever made against the US". He said cyber attacks were a powerful new tool used by North Koreans to have maximum impact at little to no cost.
"That's why we have to push back," he said.