During the investigations into North Korean that revealed that the country was behind the Sony Entertainment hack that leaked thousands of private documents, emails, social security numbers and employee records to the public, it was discovered that the NSA had already tampered with North Korean computers in 2010. Security officials working on the Sony hack incident revealed to the New York Times that the NSA, in collaboration with various officials and security agencies from South Korea and China had orchestrated their own hack on North Korea because they believed the country was becoming a serious threat in 2010.
The implications of this discovery might be dangerous for the U.S., seeing as Barack Obama has already proposed economic sanctions on North Korea as punishment for the threats and the overall hacking incident that occurred at the end of last year. There were whispers flying around wondering about how the President could charge North Korea so easily and with certainty of orchestrating a cyber-attack on the U.S. A report surfaced detailing the operation of the NSA in conjunction with various security and government agencies, and from that we find out that malware was introduced into the North Korean computer system, which made the newest investigations and their results possible.
The malware injected by the NSA into North Korean computers helped track the hackers that had infiltrated Sony Entertainment and have leaked the information that has subsequently led to death threats and terrorists threats regarding the release of The Interview. Since the U.S. isn’t keen on charging governments with cyber-attack on a whole nation, the presence of malware and the data it had gathered provides the means through which the U.S. gathered proof against North Korea.
“Attributing where attacks come from is incredibly difficult and slow,” said James A. Lewis, a cyberwarfare expert at the Center for Strategic and International Studies in Washington. “The speed and certainty with which the United States made its determinations about North Korea told you that something was different here — that they had some kind of inside view.” With the knowledge that NSA had planted beacons in North Korean computers that should have alerted the government that Sony Entertainment was being hacked, a question forms in our minds: why did the NSA or anybody else who knew about the malware act before the cyberattack came trough?
The answer to the questions comes in the form of underestimation. According to the New York Times, officials from the NSA as well as the U.S. government said that the initial phishing attacks were indeed intercepted, but they did not seem unusual and did not cause the NSA to become suspicious. Nonetheless, the officials also declared that North Korean hackers spent more than 2 months gathering data and credentials from Sony Entertainment in order to plan their so-called cyberattack.