NSA Played Key Role Linking North Korea to Sony Hack

National Security Agency data and technical analysis assisted in the U.S. government’s attribution of the Sony cyber attack to North Korea, Admiral Michael Rogers said on Thursday. “We partner with the Department of Homeland Security and FBI in various areas and this is one such area,” Rogers, the NSA director, said in response to a […]

WASHINGTON, DC - NOVEMBER 20:  Adm. Michael Rogers, commander of the U.S. Cyber Command and director of the National Security Agency, testifies during a hearing before the House (Select) Intelligence Committee November 20, 2014 on Capitol Hill in Washington, DC. The committee held a hearing on "Cybersecurity Threats: The Way Forward."  (Photo by Alex Wong/Getty Images)

National Security Agency data and technical analysis assisted in the U.S. government’s attribution of the Sony cyber attack to North Korea, Admiral Michael Rogers said on Thursday.

“We partner with the Department of Homeland Security and FBI in various areas and this is one such area,” Rogers, the NSA director, said in response to a question from a reporter with The Daily Beast about the agency’s role, if any, in the attribution of the Sony attack to North Korea.

“We specifically did—we were asked to provide our technical expertise. We were asked to take a look at the malware, we were asked to take a look at not just the data that was being generated from Sony but also what data could we bring to the table—here’s other activity and patterns leading up to it, what is this act really about?” Rogers said at the FBI’s International Conference on Cyber Security at Fordham University.

“We were part of a broad interagency effort, not in the lead role–the Federal Bureau of Investigation was the overall lead. Yes, we were part of a broad government attempt to understand exactly what happened.”

This is the first time the agency has made any public statements about its involvement in the Sony hack investigation.

Earlier in the day, Rep. Mike Rogers (R-Ala.) hinted that NSA could have been involved by referencing the “shocking amount of swagger” among industry professionals questioning the government’s attribution to North Korea. But those outside experts lack knowledge of the “huge capability of the NSA, FBI and CIA to some degree,” he said.

Rogers, the NSA director, discussed the Sony hack at numerous points throughout his talk, prior to the question and answer period.

“I have very high confidence—I remain very confident—that this was North Korea,” he said, echoing FBI Director James Comey the day before. He said this was the first time a nation-state has carried out an act to “stop the release of a film with a particular viewpoint and characterization of a leader.”

Comey sought to end growing skepticism by informational security professionals that have said they question North Korea’s involvement in the Sony hack. Many in the industry had called on the FBI to offer proof of ties to North Korea. Comey Wednesday provided new details about the FBI’s investigation.

He told the standing-room-only packed room that the hackers got sloppy and sometimes failed to mask their identity when sending email threats to Sony employees, pointing to networks used “exclusively by North Koreans.” And he said he was trying to get the emails declassified to disclose to the public.

The NSA chief—like Justice Department and FBI officials—applauded Sony for notifying the government within hours of learning they’d been hit with a cyber attack. Naming North Korea and announcing economic sanctions was critical for deterrence of future nation-state or other types of cyber attack, Rogers argued.

“The entire world is watching how we as a nation are going to respond to this,” he said.

 Photo: Alex Wong/Getty Images

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Join The Conversation