hankyoreh

The US National Security Agency (NSA) infiltrated North Korea’s internet system and was monitoring hacker activity there as far back as 2010, recent news reports say.

The operation, which involved support from South Korea and other countries, took place well before the high-profile hack on Sony Pictures last November.

According to reports, the US government was able to affirm North Korea’s responsible for the hack because it has been closely monitoring the system it had hacked into. The company was alleged targeted as producer of “The Interview,” a comedy depicting the assassination of North Korean leader Kim Jong-un.

US intelligence authorities breached the Chinese internet network linking North Korea to the outside world as early as 2010 and was able to directly infiltrate the North Korean network to monitor online operations through the Malaysian lines favored by North Korean hackers, the New York Times reported on Jan. 18, citing former US officials and computer experts. According to the report, the US was assisted by South Korea and other allies, allowing it to detect early signs that North Korea was attempting to hack Sony. A confidential NSA document quoted by the newspaper reported that a hacking program for tracking internal activities in the computers and networks used by North Korean hackers had been successfully planted by 2010.

Intelligence on North Korea intercepted by authorities through the program was reportedly decisive in US President Barack Obama’s assertion on Jan. 2 that the North Korean government and Workers’ Party were behind the hack.

“Mr. Obama’s decision to accuse North Korea of ordering the largest destructive attack against an American target - and to promise retaliation, which has begun in the form of new economic sanctions - was highly unusual,” the New York Times noted.

“The United States had never explicitly charged another government with mounting a cyberattack on American targets,” it continued.

For roughly a decade, the US has been breaching foreign computer networks and running “beacon programs” to monitor and/or destroy them. Now questions remain about the country’s failure to warn of or prevent the Sony hack if it was monitoring North Korean hacker activity so closely. Indeed, Pyongyang had been objecting vehemently to “The Interview” and warning of retaliation as early as June 2013, when the first trailer was released. According to the New York Times, the US government may have refrained from speaking publicly for fear that their cyber intelligence methods would be leaked.

The report also quoted officials as saying US director of national intelligence James R. Clapper, Jr., made no mention of the hacking threat while dining with North Korea Director General of the Reconnaissance Bureau Kim Yong-chol during a surprise North Korea visit last November to arrange the release of American detainees.

NSA spokesperson Brian Hale said Clapper’s visit was intended “solely to secure the release of the two detained US citizens,” adding that “the DNI was focused on the task and did not want to derail any progress by discussing other matters.”

A recently related South Korean Defense White Paper estimated that North Korea has around 6,000 hackers under the command of the Reconnaissance General Bureau, which is overseen by the Ministry of People’s Armed Forces. In particular, its Bureau 121, a cyberwarfare agency, is reported to have a large-scale advance base in China.

By Cho Il-joon, staff reporter

Please direct questions or comments to [english@hani.co.kr]