Report: NSA Hacked North Korea Before Sony Breach

When the FBI said definitively last month that North Korea was "responsible" for the hack of Sony Pictures, there were those who doubted the veracity of the report.

How could North Korea, a country not exactly known for being a high-tech hub, pull off such a complex hack? And how did the U.S. conclude so quickly that the secretive nation was behind the attack?

As it turns out, the U.S. had some inside information. According to reports from Der Spiegel and The New York Times, the U.S. knew that North Korea hacked Sony because the U.S. had hacked North Korea.

The National Security Agency (NSA), in fact, has had access to North Korean networks and computers since 2010, the Times said. Officials wanted to keep tabs on the country's nuclear program, its high-ranking officials, and any plans to attack South Korea, according to a document published by Der Spiegel.

North Korea did attack South Korea in 2013, crippling several of the nation's leading financial and media organizations. At one point, however, the hackers revealed their IP addresses - the same I.P. addresses that popped up again in the Sony hack.

Of course, it's relatively easy for a skilled hacker to spoof IP addresses. Some reports suggested that a disgruntled (and tech-savvy) former Sony employee was behind the breach, and was simply leading officials on a wild goose chase.

But U.S. officials seemed sure; the FBI put out a press release and even President Obama said he was confident that North Korea was behind the attack, leading him to later approve sanctions against the country.

As the Times pointed out, the move "was highly unusual: The United States had never explicitly charged another government with mounting a cyber attack on American targets."

If the U.S. had insider information, why did it not warn Sony? According to the Times, the spear-phishing attacks that North Korea used to infiltrate Sony Pictures were nothing new and did not immediately ring any alarms until it was too late. "Only in retrospect did investigators determine that the North had stolen the 'credentials' of a Sony systems administrator, which allowed the hackers to roam freely inside Sony's systems," the paper said.

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio