How the NSA Discovered That North Korea was Behind the 2014 Sony Hack

The Sony Hack of 2014 was one of the big events that brought the issue of cybersecurity to the front of everyone's mind. Not only did the hack reveal key details about Sony operations, but it nearly allowed hackers to take down "The Interview."

After weeks of speculation, by the media and American hacking experts, it has been confirmed that North Korea was behind the attack.

The New York Times reported on Sunday that the NSA had tracked the hacker's location to North Korea. The American spy agency discovered this via a modified piece of malware that locked onto the hacker's computers on the Chinese and Malaysian internet network. A number of former officials and computer experts confirmed this for the Times.

This data also revealed that North Korea had access to Sony's system for more than two months, a period where they took the time to map out and determine critical points to focus on hack-wise.

This information was key in convincing Obama to condemn North Korea for the hack. And it was an big move by any standard. The Times noted that this was the first time that the U.S. Government had explicitly charged another government with committing a cyberattack against the US. That fact likely caused Obama to be more cautious about making accusations.

While this information might sound extremely condemning for North Korea, there are still many skeptics. Some critics of the NSA's results noted that the complexity of the hack doesn't make a lot of sense for North Korea and that one could "replicate" an IP address with the right software. If a hacker is good at their job, they could hide their location from any tracking software. However, most of the hacking patterns in the Sony Hack resembled past North Korean hacks, specifically the attempt against South Korea in 2013.

Tags
NSA, Sony, Hacking, Hack, New York Times, Cybersecurity
Real Time Analytics