Recently leaked documents from the National Security Agency (NSA) reveal that the United States hacked North Korea’s computer system in 2010, in order to monitor the activity of the country’s hackers. This knowledge is being used to justify the Federal Bureau of Investigation’s (FBI) claim that North Korea is behind the massive hack on Sony Pictures, which occurred in November 2014.
Following the revelation of the Sony hack, the FBI released a statement, saying North Korea was responsible:
“The FBI has concluded the Government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment. Attribution to North Korea is based on intelligence from the FBI, the U.S. intelligence community, DHS, foreign partners and the private sector.”
Some Cybersecurity experts in the United States were skeptical of North Korea’s ability to carry out such a massive hack, and instead labeled it an inside job.
Kurt Stammberger, the senior vice president of the Cybersecurity firm Norse, told CBS News that his firm believes the Sony hack was so devastating, it could have only been accomplished by someone on the inside. “Sony was not just hacked, this is a company that was essentially nuked from the inside,” Stammberger said.
Although many questioned how the agency had obtained such concrete evidence of North Korea’s involvement, the FBI stuck by its claim, giving the explanation that the “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed.”
According to the New York Times, the US hacked into North Korea’s system to “place malware that could track the internal workings of many of the computers and networks used by the North’s hackers,” and the “evidence gathered by the ‘early warning radar’ of software” was used to justify the claim that North Korean leader Kim Jong-un had ordered the attack.
Seeking retaliation for the Sony hack, Obama announced a round of sanctions against North Korea on January 2, which will target three companies and ten North Korean officials.
The Independent noted that when President Obama addressed the cyber attack in December, and placed the blame on North Korea, it was the “first time the US had ever explicitly accused a foreign government of launching a cyber-attack on American interests.”