The National Security Agency tapped the Chinese networks that connect North Korea to the Internet and Malaysian connections favored by North Korean hackers, and partnered with South Korea and other American allies to penetrate North Korean systems, according to a newly disclosed document and various testimonies.
According to a New York Times report, information collected by the NSA led US President Barack Obama to be able to confidently accuse North Korea of the attack against Sony Pictures, the movie studio behind The Interview, which depicts the assassination of North Korea leader Kim Jong-Il.
A new document leaked by former NSA contractor Edward Snowden reveals that “fourth party collection” allowed the NSA to detect several data spying incidents over the past 10 years. It also allowed the NSA to use exploits discovered by rival intelligence organizations (such as China’s Cyber Espionage Units) to ramp up collection on their target and even install their own malware.
Previously, the FBI revealed that North Korea was the likely culprit in the attack, noting “significant overlap between the infrastructure used in this attack and other malicious cyberactivity the US government has previously linked directly to North Korea.” For instance, it had observed similarities in code, encryption algorithms, and data deletion methods to previous North Korean attacks. Also, IP addresses associated with North Korea were hardcoded into malware used in the attack.
North Korea has denied having any part in the attack. And many experts have noted that North Korea, even if it was involved, lacked the sophistication on its own to pull off the attack.