NSA Infiltrated North Korea’s Networks in 2010 and Saw Signs of Sony Cyberattack

nsa-infiltrate-nkorea-networks

The U.S. National Security Agency has had a secret foothold for years in North Korea’s networks and saw signs of the Sony Pictures Entertainment attack but only in retrospect grasped its reach and depth, The New York Times reported Sunday.

The spy agency has worked for at least four years to infiltrate networks inside North Korea and those in China and Malaysia favored by the country’s hackers, the newspaper reported, citing former U.S. and foreign officials and a newly disclosed NSA document published by Der Spiegel.

The revelation explains why the U.S. quickly blamed North Korea for the attacks despite widespread skepticism from the computer security community, which said only circumstantial evidence pointed to the country’s involvement.

The hackers were “incredibly careful, and patient,” the Times reported, citing a person who had been briefed on the investigation.

The Sony attack stole terabytes of sensitive documents, including a salary spreadsheet for 6,000 employees, internal emails, pre-release copies of films and vast amounts of personnel data. It also broke thousands of the organization’s computers by using a destructive type of malicious software that wipes files.

A group calling itself the Guardians of Peace claimed responsibility for the attacks, releasing the data piecemeal on file-sharing sites and reaching out directly to journalists with links to the material.

It initially appeared the group wanted to blackmail Sony. Only later did the North Korean connection emerge in part due to Sony Pictures’ plan to release “The Interview,” a comedy centered on an absurd campaign by two Americans to assassinate North Korean leader Kim Jong Un.

Click here to read more.

SOURCE: PC World