The New York Times reports that the NSA has a secret foothold inside North Korea’s computer networks, and actually saw the first spear-phishing attacks against Sony Pictures in early September 2014.
According to the two unnamed American officials who spoke to the New York Times, and a newly disclosed NSA document published by Der Spiegel, the NSA has been able to spy on the internal workings of many of the computers used by North Korea’ hackers since 2010.
However, the report claims that the NSA failed to recognise the significance of the attack and did not warn Sony.
And there lies the obvious question – if the NSA were secretly spying so comprehensively on the networks used by North Korea’s hackers, how come they didn’t warn Sony Pictures?
And what does that say about the United States’s national security efforts – have other attacks against corporations gone unnoticed? Is it possible that attacks against more critical infrastructure in the States than a movie production house have similarly slipped past unnoticed?
Huh. I wonder how Sony Pictures feels about this… According to the reports, the attack was initiated by a bog-standard spear-phishing attack against a Sony network administrator, giving the hackers access to internal computer systems. It’s hardly rocket science or “unparalleled”…
If the claims are true, it would certainly help explain why the White House so quickly and definitively blamed North Korea for the attack – even in the apparent absence of convincing evidence.
But it doesn’t explain why in the earliest communications between the hackers and Sony Pictures, there was no mention of “The Interview” and the hackers’ demands were not for a movie to be withdrawn, but for Sony Pictures to stump up a ransom.
And it doesn’t explain why the crippling hack attack against Sony Pictures came across so *personal*, with a digitally-altered image of Sony Entertainment CEO Michael Lynton’s head, the release of private email exchanges between executives, and spreadsheets showing what aliases celebrities use when they book into hotels.
Are these latest claims plausible?
It certainly makes the White House’s blaming of North Korea for the Sony Pictures attack much more believable if we know that North Korea had been hacked itself by the United States.
But once again, it’s healthy to be skeptical – especially as those speaking to the media continue to do so anonymously, with no ability to question their motives for leaking information.
And, presumably, the cat is now out of the bag.
These news stories may take some of the heat off the States from some of those in the IT security world who were skeptical about the claims of North Korean involvement, but it also tips off North Korea that it may want to be a little more careful about its own computer security.
What’s curious is that before the United States was that it couldn’t tell us all the reasons it believed North Korea was responsible for the Sony hack without compromising “national security”.
So how comes this latest leak hasn’t compromised national security too?
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.