BEST OF THE WEB

More NSA capabilities exposed

Western cyber intelligence isn’t as impotent as it seems, according to two news reports.

The New York Times said Monday that with the help of unnamed allies the National Security Agency (NSA) had infiltrated at least some North Korean computer systems as far back as 2010. That’s one reason why President Barak Obama was persuaded that the outlier country was behind the mammoth Sony Pictures Entertainment attack.

Separately, the German magazine Der Speigel reported Sunday that the NSA has the ability to hijack botnet networks of hackers to inject its own malware when it wants. Here’s a version of that story from Computerworld U.S.

Combined, the two reports may cheer security pros that in the nation-state cyber war Western countries have the tools to fight back.

However, that doesn’t mean enterprises will soon be safer from attack. After all, despite the supposed knowledge of the NSA, the Sony attack was unblunted. Admittedly, the Americans couldn’t directly warn Sony without giving away its secret. On the other hand, it’s more likely that the NSA didn’t know exactly what the attackers had in mind.

While it might have been possible for the agency to detect North Korea was snooping Sony – and the Times article doesn’t say that it did, only that the NSA had the capability to track traffic— it couldn’t foresee the strategy of destroying Sony files.

In fact the Times story quotes an unnamed person that U.S. investigators only realized after the attack that hackers spent more than two months mapping the Sony network, and the way they gained entry was by stealing the credentials of a Sony system administrator.

Is that disinformation to hide NSA capability? It wouldn’t be the first time the press has been used. In one sense it doesn’t matter: CIO s and CSOs should be warned by the Sony attack to step up staff awareness training and to keep a closer eye on traffic going outside the firewall.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web