Jan 19, 2015 · 1 minute

A report from the New York Times purports to answer a question which has dogged the security community since the Sony Pictures Entertainment hack in November: how did the government attribute the cyberattack to North Korea so quickly after its revelation?

According to the Times, the answer is that the National Security Agency has worked to monitor a secret hacking unit within North Korea since at least 2010, which allowed it to quickly determine that the Sony hack was most likely the country's handiwork.

The report validates what many have suspected since the government first blamed North Korea for the hack: intelligence agencies had access to secret information used to suss out the country's involvement with the cyberattack despite the paucity of public information.

It also demonstrates the difficulty of attributing cyberattacks. If the government really has information proving North Korea is behind the attack, but it's closely guarded by the NSA, outside experts might never be able to independently corroborate the attribution.

That would allow the government to stand by its statements regarding North Korea's involvement in the hack without having to reveal how it reached that conclusion -- and it could bolster the idea that the NSA is an all-knowing intelligence agency above reproach.

Is that enough to support the government's rush to blame North Korea for the attack? The NSA, FBI, and President Obama all seem to think so. But the attribution of attacks which are incredibly difficult to trace based on secret information known only to the government is worrisome, especially since the Sony hack has been so ridiculously hyped.

[illustration by Brad Jonas]