US Reportedly Hacked N Korean Computer Networks Before Cyberattack on Sony – Sputnik International
MOSCOW, January 18 (Sputnik) – The US National Security Agency (NSA) has been able to track the activities of North Korea’s hackers since it penetrated DPRK’s computer networks in 2010, but still failed to warn Sony Pictures before the 2014 cyberattack on the company, considered one of the biggest hacks of all time, the New York Times reports.
In 2010, the NSA, assisted by South Korea and other unnamed US allies, tapped the North’s internet amid growing fears of what DPRK’s hackers are capable of, the newspaper said, citing former US and foreign officials, who spoke on condition of anonymity. The NSA was then able to track the Internet activities of approximately 6,000 hackers, operating under the instructions of Reconnaissance General Bureau, and its hacking unit, Bureau 121.
The classified NSA program allowed the US to trace last year’s cyberattack on Sony Pictures to North Korea. On November 24, hackers calling themselves “Guardians of Peace” stole terabytes of sensitive data from Sony. Soon Social Security numbers, emails and salaries of both celebrities and Sony employees, as well copies of unreleased movies became available online.
Many speculated that North Korea was behind the massive data breach, since the attack happened several days before the planned premiere of “The Interview”, a comedy about a fictional CIA assassination attempt on North Korean leader Kim Jong Un. On December 19, the FBI officially placed the blame for the attack on DPRK.
“Attributing where attacks come from is incredibly difficult and slow,” James A. Lewis, a cyberwarfare expert at the Center for Strategic and International Studies in Washington told the New York Times. Hence, “[t]he speed and certainty with which the United States made its determinations about North Korea told you that something was different here — that they had some kind of inside view,” he explained.
Questions remain why US intelligence services did not warn Sony before the attack. According to the New York Times, the first stage of the cyberoffensive against the US company launched in September 2014 did not look unusual. It involved sending virus-infected emails, which then provided North Korean hackers with full access to Sony’s computer systems. The scale of the attack became obvious only in retrospect.