NSA Confirms North Korea for Sony Hack

If you’ve been keeping a close eye on the status of the Sony attacks over the past month, you should know there’s been a bit of rampant speculation as to who was actually responsible for bringing the movie studio to their knees over the release of a Seth Rogen buddy comedy.

North Korea

Pyongyang. Photo: Clay Gilliland / Flickr

First, there was doubt on behalf of the FBI that the Hermit Kingdom was involved, due to some odd traces that led back to networks located in the UK and EU. Then a reporter for the Washington Post claimed that US officials had preemptively blamed North Korea, despite lacking evidence which linked them directly to the Guardians of Peace.

Even famed antivirus mogul John McAfee spent his weekend droning on with reporters about how he “knew” that it wasn’t North Korea, and that he had undeniable proof that the attack was launched from within the US itself.

Well, now we know for sure. The NSA was aware of where the attack came from the whole time, because they’ve been tracking traffic in North Korea for almost half a decade.

The reveal comes courtesy of a new Snowden document released by Der Spiegel that shows the US has been actively tracking connections coming from and going to the country for just under five years now.

The NSA hasn’t outright confirmed or denied their involvement in the surveillance on the country, likely due to national security reasons that could compromise their mission if any sensitive details we suddenly made public. That said, the NYT article has confirmed that the agency has had a tap on their lines since around early 2010, when interest in the country peaked after another successful underground nuclear test.

Though they couldn’t predict the attack or warn Sony officials it was on its way, after the FBI investigation started they were able to offer up their logs with definitive proof that the connection had come from within the country. Whittling down these possibilities wasn’t exactly difficult either, as the entire nation only has about 1,800 registered IP addresses to speak of for its entire population of 25 million people.

“The evidence gathered by the “early warning radar” of software painstakingly hidden to monitor North Korea’s activities proved critical in persuading President Obama to accuse the government of Kim Jong-un of ordering the Sony attack, according to the officials and experts, who spoke on the condition of anonymity about the classified N.S.A. operation.”

The source for the New York Times also says that the current head of the NSA, General James Clapper, was aware of the North Koreans’ capabilities when he visited the country in early November for a secret dinner to discuss the release of two prisoners, but didn’t act on that intelligence in order to keep relations friendly while they negotiated a plan for the trade.

While it’s been a tumultuous task to pin down exactly who was responsible for Sony’s woes, it seems that this latest Snowden leak confirms everything the netsec community had doubted up until today.