NSA said to have hacked North Korea before it hacked Sony
If you have ever wondered why the US seemed rather quick at pointing the finger at North Korea for the recent disastrous hacking of Sony's servers, then this might be the answer. According to leaked NSA documents, the US government's agency notorious for its spying activities apparently tapped into North Korea's networks even before the Sony attacks, providing President Obama with the hard evidence needed to make that public accusation. Sadly, that knowledge came too late to protect Sony despite North Korea's not so subtle threats.
To some extent, it is not surprising to learn of this NSA operation, considering how hard the US government has been trying to put pieces in place to protect itself, especially against foreign enemies. But given the super secretive and reclusive regime of the North Korea, it is still an accomplishment even for the NSA. The US is believed to have planted "beacons" in foreign networks that would aid the government in mapping out those networks and gain crucial information in its fight against terrorism.
Those same beacons are believed to have helped in immediately pinpointing the Sony cyberattack as coming from North Korea. Tracing such attacks isn't easy and fast and normally takes a lot of time to determine with absolute certainty. And yet, in an unprecedented move, US President Barack Obama named North Korea as the perpetrator, the first time the US ever named a specific country in a cyberattack. This has led some to believe that the NSA was able to present to the President irrefutable evidence of the North's activity.
Despite having such early warning systems, the NSA seems to have been unable to alert Sony and save it before the attacks happened, which has lead some to dispute such claims of knowledge. Some sources, however, claim that even with its grasp of North's network, it wasn't able to see anything unusual about the "spear phishing" method that was used to compromise Sony computers last September. The North Korean hackers were very patient and careful, believed to have spent months mapping out Sony's computer network and files. But eventually they made a mistake, according to government officials, that helped them trace back the activity to North Korea, the same mistake the North was believed to have made when it attacked South Korean banks and TV networks back in 2013.
And that last part is another reason why some believe that the Sony attacks couldn't have been done by North Korea, or at least not by it alone. It would have been too easy for the real hackers to mimic the North's hacking activities to mislead investigators. Or at the very least, the hackers, whether North Korean or not, might have had insider help, either from a spy or a disgruntled Sony employee. That said, North Korean defectors, especially those directly involved in its cyberwarfare activities, are painting a picture of the North that is more than capable and more than ready to pull the cybertrigger against its enemies, providing enough incentive for the US government and its allies to step up its own programs or even retaliate, as the recent sanctions against the North show.
SOURCE: New York Times