Turns out, the United States had actually hacked into North Korean computer networks back in 2010, giving the government more confidence in their determination of the situation. The NYT reports that the NSA used Chinese networks to route themselves into North Korean computer systems
The force was sent into Korean data networks at a time when North Korea was growing its cyber-intelligence unit (recently reported numbers put the program at 6,000 people) and planning to use cyber-hacking as a means to steal other government information and attack other nations.
U.S. “beacons”, meant to map computer networks and alert the U.S. to suspect activity, were integral in the President’s decision to accuse North Korea publicly for the Sony attack, according to anonymous government officials who spoke to the NYT.
This begs the question: why wasn’t the NSA able to prevent the Sony hack altogether?
The NYT sources claim that North Korea’s original entry into the Sony system, in the form of spear phishing attacks (which use email to trick users into giving up sensitive information or passwords) was relatively normal. One official who was involved in the investigation told the NYT that the North Korean hackers “were incredibly careful, and patient” in their early attack, waiting until they had troves of confidential or sensitive data to either leak or destroy.
Officials say that North Korea spent up to two months quietly inspecting the guts of Sony’s servers, until late November when the hackers went public with their first batch of data. The leaks continued, and included specific threats about a film called “The Interview” (featuring James Franco and Seth Rogen) which depicts the brutal (fictional) assassination of North Korean leader Kim Jung-Un.
Shortly after, President Obama addressed the nation and publicly accused North Korea for the hack, promising retaliation. The NYT suggests that this is the first time an American president has accused another country of a cyber-attack against American citizens.
The NSA has been under scrutiny from the American public since Edward Snowden leaked troves of data confirming that the NSA was using surveillance to monitor the digital activity of everyday American citizens. This latest revelation from government officials seems to try to change the optics of the organization, though it’s unclear if the NSA’s espionage against North Korea will soothe or confirm Americans’ concerns.