NSA Analysis Of Sony Hack Identifies North Korea

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

The NSA backs FBI conclusion that North Korea was responsible for the damaging hack of Sony Pictures

The head of the US National Security Agency (NSA) has identified North Korea as the chief culprit behind the highly damaging hack of Sony Pictures Entertainment late last year.

That hack last November came as Sony Pictures prepared to release “The Interview”, a comedy about a fictional plot to assassinate North Korean leader Kim Jong Un.

North Korea

And now the NSA Director Admiral Michael Rogers has backed up his colleagues in the FBI, when he confirmed North Korea as the source of the recent cyber attack on Sony Pictures after analysing the software used in the intrusion.

Admiral Michael Rogers was speaking at a Canadian security conference, and according to Reuters, he explained that the discovery was part of the agency’s efforts to develop software to counter cyber attacks.

NSA-Logo“We ultimately ended up generating the signatures to recognise the activity … used against Sony,” Rogers was quoted as saying.

“From the time the malware left North Korea to the time it got to Sony’s headquarters in California, it crossed four different commanders’ lines or areas in the US construct,” he added.

Admiral Rogers also reportedly said that cyber threats are different from physical threats since they travel beyond geographical boundaries. He pointed out that cyber threats are blurring the line between the public and private sectors, sometimes prompting new and unexpected partnerships.

“If you had told me (in the past) that I was going to be spending time working on an offensive act against a motion picture company, I would have thought: ‘What? What does that have to do with me?’ And yet that’s the world we find ourselves in,” he is quoted as saying.

Last month, the FBI announced it was very confident that North Korea was behind the devastating hack of Sony Pictures Entertainment, despite doubts by some security experts. The bureau’s director James Comey, said that the hackers were identified quickly because they “got sloppy”.

According to Comey, it was a relatively straight forward process to identify a North Korea intelligence agency as behind the attack, because the hackers (who called themselves ‘Guardians of Peace’) sent emails to Sony employees and posted material online using Internet addresses known to be used exclusively by the North Korean government.

Righteous Deed?

The United States has always officially blamed the hack on North Korea, but that nation has denied involvement in the attack.

It has previously said that the hack was a “righteous deed” however.

The hack penetrated Sony Pictures’ internal network and led to the leak of unreleased films, as well as the publication of embarrassing internal documents, including the salary details of top executives and personal information on Hollywood celebrities.

The hackers later threatened attacks upon cinemas who released the film, and as a result most major cinema chains declined to screen the film, forcing Sony to pull the film, a decision that Hollywood stars and President Obama condemned. Following that, Sony released the film in a small number of independent cinemas and it was also distributed online by Sony, Microsoft, Google and Apple.

Do you know all about IT in the movies? Take our quiz!