NSA hacked N. Korea since 2010, 'knew' of Sony link – secret document

North Korean leader Kim Jong-un looks at a computer screen in this picture released by the North's official KCNA news agency in Pyongyang (Reuters / KCNA)
New information appeared that the NSA was hacking into North Korea back in 2010. As it turns out, the White House could not have accused Pyongyang of the Sony hacks, had it not been for the spy tools already embedded in the North’s networks.

The whole affair was a chain of events that started five years ago, when the United States realized the importance of keeping checks on the North Korean nuclear program, as well as monitoring for the possibility of attacks on its own facilities in South Korea and the region.

This is the story according to former US government and foreign officials, as well as a number of computer experts who spoke to The New York Times. The information was also disclosed in a freshly declassified NSA document.

It was a very intricate hack, as the American spies had to break into Chinese networks through which North Korea connected to the world. It was aided by South Korea and other allies. Its other task was to probe Malaysian networks for channels it knew were used by North Korean hackers. That is how it gained direct access into the North’s systems.

The interviewed officials revealed that the spyware initiative had gradually grown into something much bigger. Because only in 2013 did it become clear to the White House that its target should have been North Korea’s hackers – rather than the government. The tipping point was a massive hack that North Korea they carried out against South Korean banking networks. Alarm bells began ringing in Washington.

Reuters / Rick Wilking

This high alert and consequent shift in focus was instrumental in allowing Washington for the first time in history to blame such a high-profile hack on its soil directly on another state, according to those interviewed by the newspaper.

This was made possible by an “early warning radar” made of software hidden in Pyongyang’s networks. The NSA also planted “beacons” that mapped foreign computer networks. Those were instrumental in carrying out the attack on Iran’s nuclear networks a couple of years ago, and were recently revealed by former intelligence contractor Edward Snowden to have been widely used to snoop on China as well.

There was much surprise when neither President Barack Obama nor the FBI gave any evidence for why they thought North Korea was responsible, but according to one military official, the president “had no doubt” this time.

National Security Agency (NSA) at Fort Meade, Maryland. (AFP Photo)

A cyber-warfare expert at the Center for Strategic and International Studies in Washington, James A. Lewis, told the Times that determining the source of a hack as intricate as the one perpetrated on Sony is a painstakingly slow process, but that it was clear the US knew something others didn’t, owing to “the speed and certainty with which [it] made the accusation.”

A few questions remained as to why Washington refused to disclose just how it made the connection. According to officials interviewed by The NYT, the US is keeping its knowledge of North Korean dealings under wraps to afford risking disclosure about its own cyber-tactics publicly.