When the FBI blamed North Korea for the Sony Pictures hacks, some wondered how that finding had been made so quickly. Now, new interviews and documents reveal that the NSA had tapped into North Korean networks years before the attacks and saw indications that such an attack may be imminent.
The New York Times reports that hidden amongst a new slew of NSA documents is evidence to suggests that the National Security Agency attempted to break into the computer systems of North Korea way back in 2010. According to former United States and foreign officials, the US burrowed into North Korea’s networks via connected Chinese networks.
What initially began as a “classified security agency program” by the NSA apparently “expanded into an ambitious effort to place malware that could track the internal workings of many of the computers and networks used by the North’s hackers.” Over time, these implanted “beacons” provided a steady source of information about North Korea’s digital activities.
In fact, it turns out that the evidence gathered in this way “proved critical” in convincing Obama that North Korea was behind the cyber attacks on Sony Pictures. That’s really very plausible: blaming Kim Jong-un was a big and highly unusual accusation, so he sure as hell needed some strong supporting evidence to do so.
While FBI director James Comey has explained that hackers from North Korea were caught because “several times they got sloppy”, it’s unlikely that evidence alone would be enough to convince Obama to blame the nation outright. Instead, it seems, a four-year trail of breadcrumbs led the FBI to its conclusions.
It’s worth taking a moment to think about what that stash of evidence could have been used for prior to recent events though. Ultimately, it must mean that the NSA saw warning signs that the Sony Pictures hack was coming, even if they didn’t realise their weight until later. That raises some questions — not least whether US agencies could have prevented the attacks in the first place. [NYT]