Report: US Infiltrated North Korean Computers in 2010
by VOA News January 19, 2015
Media reports say the United States infiltrated North Korea's computer systems years ago, and used this capability to determine Pyongyang was responsible for the recent cyber attack on Sony Pictures.
The New York Times has quoted U.S. and foreign intelligence officials as saying Washington gained access to North Korean computers in late 2010 using custom malware.
The Times said U.S. spies 'drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies.'
Officials told the Times the U.S. infiltration into North Korean networks was crucial in persuading President Barack Obama to publicly accuse Pyongyang of carrying out the November cyber attack on Sony.
Even after the U.S. accusation, there was widespread skepticism in the cyber security community about whether North Korea really hacked Sony. Many analysts said the United States did not provide enough public evidence for this charge.
Computer scientist and North Korea watcher with NKNews.Org. Frank Feinstein tells VOA these doubts likely explain why U.S. officials felt the need to acknowledge hacking into North Korean systems.
'It is not in their interest to admit this. They are doing it because obviously the public is not buying that North Korea [hacked Sony],' says Feinstein.
News the United States had gained access to North Korean computers was a surprise to many. Since North Korea is largely disconnected from the global Internet, it has long been regarded as one of the world's toughest cyber intelligence targets.
Probably not surprised
Last week, German magazine Der Spiegel published National Security Agency documents showing the United States used South Korean computers to hack Pyongyang's computers.
But Florian Egloff with the Center for Doctoral Training in Cyber Security at the University of Oxford tells VOA North Korean officials were probably not among those surprised at the development.
'North Korea knows that it is one of the top intelligence priorities of the U.S., so they have to assume the U.S. is spying on them. So I am not sure how much [U.S. officials] are revealing here,' says Egloff.
It is unclear why the attack was not able to be prevented or why Sony officials were not warned of an impending hacking attempt, if U.S. officials were already watching North Korean computers.
Egloff says that depends on how closely the United States was monitoring the North's systems.
'Were they actually watching, in the sense, was there a human being looking at that attack and trying to make an assessment in how bad is this going to get, or yes, we had sensors in place that picked up this attack among many other things that were going on, and in hindsight we were able to go back to it?'
U.S. officials told the Times they 'couldn't really understand the severity of the destruction' that would be coming when they first noticed the attacks on November 24.
Later analysis led to the determination that North Korean hackers spent more than two months familiarizing themselves with Sony's computer networks and locating critical files before the attack was carried out.
The attack brought down Sony's networks for several days and also resulted in the release of a large trove of corporate emails, private employee information, and four unreleased movies.
North Korea denies involvement in the attack, but a Pyongyang government spokesman said the hacking was a 'righteous deed' that may have been carried out by North Korea supporters.
But last year North Korean officials said they would view it as an 'act of war' if Sony released The Interview, a comedy film about a fictional CIA plot to assassinate North Korean leader Kim Jong Un.
|Join the GlobalSecurity.org mailing list|