Can any IT geeks explain how North Korea did it?

So I was reading the NYT article linked below about how and it's pretty interesting how North Korea hacked Sony and swiped tons of their data. Could any IT geeks explain in layman's terms some of the methods North Korea used in a more in depth way than the article does? I always find hacking stories interesting. Things like stuxnet, etc. Thanks!

 

http://www.nytimes.com/2014/12/18/world/asia/us-links-north-korea-to-sony-hacking.html

 

Interesting excerpts:

But there is a long forensic trail involving the Sony hacking, several security researchers said. The attackers used readily available commercial tools to wipe data off Sony’s machines. They also borrowed tools and techniques that had been used in at least two previous attacks, one in Saudi Arabia two years ago — widely attributed to Iran — and another last year in South Koreaaimed at banks and media companies.

The Sony attacks were routed from command-and-control centers across the world, including a convention center in Singapore and Thammasat University in Thailand, the researchers said. But one of those servers, in Bolivia, had been used in limited cyberattacks on South Korean targets two years ago. That suggested that the same group or individuals might have been behind the Sony attack.

The Sony malware shares remarkable similarities with that used in attacks on South Korean banks and broadcasters last year. Those intrusions, which also destroyed data belonging to their victims, are believed to have been the work of a cybercriminal gang known as Dark Seoul. Some experts say they cannot rule out the possibility that the Sony attack was the work of a Dark Seoul copycat, the security researchers said.

The Sony attack also borrowed a wiping tool from an attack two years ago at Saudi Aramco, the national oil company, where hackers wiped off data on30,000 of the company’s computers, replacing it with an image of a burning American flag.

At Sony, investigators are looking into the possibility that the attackers had inside help. Embedded in the malicious code were the names of Sony servers and administrative credentials that allowed the malware to spread across Sony’s network.