NSA Infiltrated, Monitored North Korea’s Hacker Network Long Before Sony Attack

U.S. officials have long blamed North Korea for the digital attack that embarrassed Sony and nearly derailed The Interview late last year. But the idea that a tiny dictatorship could effectively censor a major movie studio in the United States hasn’t been sitting well with many. As unlikely as a successful North Korean cyberattack sounds, U.S. officials are sticking to the story and a report by The New York Times explains why they’re so sure: the National Security Agency has infiltrated North Korea’s networks for years. 

The NSA’s involvement might explain why President Obama was willing weigh in on the attack, which he was careful to characterize as “an act of cyber-vandalism,” rather than an act of war. According to the  Times, the NSA infiltrated North Korean systems and deposited monitoring software in an effort to track the activities of the estimated 6,000 hackers in North Korea. NSA involvement appears to have started around 2010. 

Thanks to its own hacking success, the NSA appears to have noticed that North Korea was spear phishing Sony. But it seems not to have had enough information to realize the extent of North Korea’s success or the damage it could wreak.

In the end, the attack was only partially successful. Yes, Sony suffered massive data loss and now faces lawsuits over the leaked personal information about employees. And many large theater chains didn’t show The Interview. Ironically, the same avenue the hackers used to attack Sony is how The Interview made it to viewers; online video providers like Google Play and YouTube offered the movie over the Internet.