When President Obama last month blamed North Korea for hacking into the network of Sony Pictures, a lot of computer security experts were skeptical. They said that the evidence the FBI released linking Pyongyang to the attacks was flimsy.
Why was the US so confident that North Korea was responsible? The New York Times suggests a reason: the National Security Agency had infiltrated North Korean networks long before the Sony hacks, and so was able to directly observe the activities of North Korean hackers. But they didn't want to admit this publicly and tip off the North Korean regime.
The Times relies primarily on comments from anonymous sources with knowledge of US intelligence operations. It also references a newly leaked NSA document that was recently published by the German newspaper Spiegel.
According to the Times, the United States has been infiltrating the North Korean regime since 2010. Initially, the NSA focused on monitoring North Korea's nuclear and missile programs. But as the Hermit Kingdom has ramped up its overseas hacking operations — including an attack on South Korean banks in 2013, the NSA began to focus more on cyberattacks.
Still, the NSA wasn't watching closely enough to warn Sony about North Korean attacks, which had reportedly been under way since September. The Obama administration only began investigating the attack after it was made public a few days before Thanksgiving.