When Sony Picture Entertainment was hacked, US did not waste much time pointing fingers at North Korea. And all the people wondering about the unerring accuracy of the blame, had good reason to do so. Saying that their hacker had gone ‘sloppy’ and leaving trails that were easily traceable wasn’t exactly a satisfactory explanation.
Hence, it shouldn’t really come as a surprise that the National Security Agency(NSA) had already gone and hacked North Korean servers first, back in 2010. New York Times reports that the NSA used Chinese Networks to get into North Korean computers.
They had implemented a program that tracked the computers and networks used by North Korean hackers,considered one of the most impenetrable targets on earth, critical information that led Washington to flawlessly conclude Pyongyang was behind the hacks, although the latter repeatedly denies having any hand in them.
The original mission was to get an idea about North Korea’s nuclear program, propelled by concerns about the quickly maturing capabilities of the country. NSA thus began placing malware into their systems, five years ago.
They used Chinese networks that connect North Korea to the outside world, and used Malaysian connections that the NK hackers (which are a force of around 6000 people) used, and drilled into the North Korean computers with the help of South Korea and other allies. The focus from the nuclear side shifted when South Korean banks and media companies were attacked in 2013. ‘Beacons’ had been planed, as much as a decade ago, which could map a computer network, surveillance software, and sometimes malware in foreign enemies’ computer systems.
Okay, accepted. The very obvious, neon signed question is- why wasn’t there ANY sort of warning before Sony got hacked ? DPRK had actually warned that the release of ‘The Interview’ would be seen as an act of war.
The original entry of North Korea into Sony systems was done through spear phishing- emails which make people give sensitive information, or malicious code fragments planted when unknown links are clicked. Sources say that this entry was incredibly normal- nothing out of place, and the hackers were biding their time- waiting till they had hoards of sensitive data, spending more than two months, scanning critical files, before striking.
American intelligence agencies “couldn’t really understand the severity” of the destruction that was coming when the attacks began Nov. 24- said one investigator.
There are sceptics who think the attacks were pretty sophisticated, doubting North Korea’s hand in all of it. Some say it was an inside job, a resentful employee who cleverly copied North Korean hacking signatures. More developments shall surface soon, as US Corporate history’s most powerful cyber attack still remains under immense scrutiny.