Remember the collective murmur of disbelief that went out when the White House revealed that it was North Korea who was behind the Sony hacks? We had reasons for doubt, what with the extremely limited number of computers and internet into the hermit kingdom, but US officials stood by their statement. Now we know how they knew for sure.
They hacked North Korea first.
According to a new cache of Edward Snowden documents revealed by der Spiegel, Their access to the networks of Pyonyang’s Reconnaissance General Bureau allowed them to quickly gather evidence that North Korea was behind the Sony attack and was convincing enough for President Obama to make the accusation in public.
However, the system appears to have failed to detect the attack on Sony until it was already too late and North Korean hackers had stolen and published thousands of the studio’s confidential files. Administration officials said that the “spear-phishing” attacks — which entice e-mail users to download infected files — didn’t look out of the ordinary or raise any alarms. But those attacks allowed the hackers to steal a key system admin’s credentials, which they used to carefully infiltrate the system, search out key files and eventually destroy or leak them.
