Connect with us

Hi, what are you looking for?



US Penetrated North Korea Computer Systems in 2010: Report

The United States secretly penetrated North Korea’s computer systems four years ago — a breach that allowed Washington to insist Pyongyang was to blame for the recent cyberattack on Sony Pictures, the New York Times reported Monday.

The United States secretly penetrated North Korea’s computer systems four years ago — a breach that allowed Washington to insist Pyongyang was to blame for the recent cyberattack on Sony Pictures, the New York Times reported Monday.

Citing former US officials and a newly released National Security Agency (NSA) document, the Times detailed how the US spy agency in 2010 “penetrated directly” into the North’s systems via Chinese networks and connections in Malaysia favored by North Korean hackers.

Primarily aimed at gathering information on the reclusive nation’s nuclear program, the NSA’s clandestine operation switched focus to the growing threat posed by North Korea’s hacking capabilities following a destructive cyberattack on South Korean banks in 2013.

Hidden US software provided an “early warning radar” for North Korean activities, and provided the evidence that persuaded President Barack Obama that Pyongyang was behind the Sony hack, the Times said, citing an anonymous official familiar with the NSA mission.

US Hacked North KoreaUS investigators concluded that North Korean hackers spent two months mapping Sony’s computer systems in preparation for what became the biggest cyberattack in US corporate history.

North Korea denies any involvement, although it had publicly threatened Sony if it released the comedy film “The Interview” about a CIA plot to assassinate leader Kim Jong-Un.

Given that threat and the reported level of US penetration, the Times report raised the question of why the NSA was unable to warn Sony in advance.

According to one US official cited by the newspaper, the intelligence agencies “couldn’t really understand the severity” of the attack that was coming.

Advertisement. Scroll to continue reading.

While North Korea’s conventional military hardware is largely outdated and unsophisticated, its cyberwarfare capabilities have long been considered a significant threat.

South Korean intelligence believes North Korea runs an elite cyberwarfare unit with at least 6,000 personnel, trained in secret government and military programs.

A number of experts suggest the North’s cybercapacity is heavily reliant on China, in terms of both training and the necessary software and hardware.

They say telecommunications giant China Unicom provides and maintains all Internet links with the North, and some estimate that thousands of North Korean hackers operate on Chinese soil.

According to South Korea’s National Intelligence Service, more than 75,000 hacking attempts were made against South Korean government agencies between 2010 and September 2014 — many of them believed to be from Pyongyang.

The Times interviewed a former North Korean army programmer who said the North began training computer “warriors” in earnest in 1996, despatching many to undergo two years’ training in China and Russia.

Don’t miss the upcoming panel “Sony and the DPRK: A Question of Attribution” at Suits and Spooks DC moderated by The Wall Street Journal’s Danny Yadron.

Related: Worm Active in North Korea Shows Faults in IP-Based Attribution

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...