
North Korea's 6000-man army of hackers come into their own - malloryerik
https://www.nytimes.com/2017/10/15/world/asia/north-korea-hacking-cyber-sony.html
======
ryanlol
All the cyber- words from the article

cyber, cyberactivities, cyberattack, cyberattacks, cyberbattle, cyberconflict,
cyberheists, cybermission, cyberoperations, cyberpolicy, cyberpotential,
cyberpower, cyberprogram, cyberprograms, cyberretaliation, cybersecurity,
cyberstrikes, cyberstudies, cyberthreat, cyberwar, cyberwarfare,
cyberwarriors, cyberweapon

~~~
vinhboy
I noticed that too. It made me question the credibility of the author, because
it makes them sound ancient.

~~~
jacobolus
This seems to be the standard terminology used by folks government, policy
analysis, and journalism.

------
rl3
> _Now intelligence officials estimate that North Korea reaps hundreds of
> millions a dollars a year from ransomware, digital bank heists, online video
> game cracking, and more recently, hacks of South Korean Bitcoin exchanges._

How does "online video game cracking" even compare to the other items listed?

Most titles are cracked by elite teams of reverse engineers who are mostly
located in Western countries, and they do it for free.

All I can figure is they're providing cracking support to street-level piracy
operations that primarily deal with heavily localized software or games that
the mainstream scene wouldn't normally touch. Perhaps the author was referring
to the sale of cheats, or even real money trading in MMO games.

Whichever the case, I find the mention odd given it has no further
explanation. It almost sounds like a nod to special interests, except there's
no telltale mention of film piracy beyond the Sony affair.

~~~
rtpg
Gold farming? Hacking mobile games (and their payment systems)?

I'm also a bit confused, but there are ways to turn "game accounts" into cash
in a lot of spaces....

Kinda feel like intelligence officials are not exactly at the beck and call of
the ESA.

~~~
rl3
> _... Hacking mobile games (and their payment systems)?_

Good point. Add social games to that as well. It's probably easier to pull off
shady activity when targeting a sea of shady activity in the first place.

> _Kinda feel like intelligence officials are not exactly at the beck and call
> of the ESA._

DHS and State do tow that line, however. Intellectual property and anti-piracy
matters are a non-trivial component of U.S. foreign policy these days.

------
aaron695
I'd like to see proof.

For starters this is BS

"Once North Korea counterfeited crude $100 bills"

These notes are so good they were fooling US banks at one stage only the
reserve could identity them.

I'd also note initially it was being reported it was Iran producing the
superdollar but now that's shifted. US intelligence isn't as accurate as
people seem to think.

[https://en.wikipedia.org/wiki/Superdollar](https://en.wikipedia.org/wiki/Superdollar)

------
ben_jones
Honest question, can you learn netsec etc. without many thousands of hours of
"fooling around" on the internet? Participating in online discussion boards,
reading postmortems and documentation, listening to conference speakers? How
does the military train it? I have trouble believing you can develop these
skillsets without carte blanche to the internet. Are they importing talent
from surrounding regions? Do they just run "dumb" hacking tools made by others
against low hanging fruit?

~~~
Jach
I suspect a lot of important personnel in NK (including some programmers and
some university students; that set probably overlaps a lot) have access to the
internet, or at least most of it, even if monitored. So don't assume that
they're not learning in isolation. But even if so, there are common principles
you could study from books and test systems. (They'd be smart to apply their
people to securing their own systems as well with red/blue teams...) Plus if
you know your target, you can dedicate your time to finding ways to attack
that target, you don't need to keep up to date with the latest from e.g. tech
talks.

------
hyperpallium
If North Korea is so poor, how can they afford nuclear weapons, ballistic
missles and skilled hackers? In the long-term, an impoverished population
would make it harder, not easier.

Are they not as poor as reported; or are they supplied by another?

~~~
icpmacdo
First two paragraphs

"When North Korean hackers tried to steal $1 billion from the New York Federal
Reserve last year, only a spelling error stopped them. They were digitally
looting an account of the Bangladesh Central Bank, when bankers grew
suspicious about a withdrawal request that had misspelled “foundation” as
“fandation.”

Even so, Kim Jong-un’s minions still got away with $81 million in that heist"

~~~
malloryerik
Exactly, and I wonder how much they made from WannaCry.

[http://www.ibtimes.co.in/north-korea-behind-deadly-
wannacry-...](http://www.ibtimes.co.in/north-korea-behind-deadly-wannacry-
ransomware-attack-microsoft-745664)

Also we should remember that North Korean hackers don't receive Silicon Valley
salaries; whatever remuneration they receive is purely at the pleasure of the
palace.

~~~
monocasa
Well, the NSA is behind the exploit. They're the ones who were sitting on the
0day that got leaked.

------
gediminas7
Ransomware is from North Korea? Is it true? Or just a piece of propaganda
preparing to attack North Korea, to have approvement of people?

~~~
xenadu02
The Russian bot accounts are out in force apparently.

Yes it is well-known NK has been involved in various ransomware schemes. They
seem unique in being state-sponsored. Most of the Russian, Chinese, and US
schemes are criminal enterprises.

~~~
hutzlibu
Well, not well known to me. And in case of wannacry, where the nyt states as a
fact it was north corea, that is news to me, as I never saw any proof.

Might be possible or even likely, yes, but I do not like things presented to
me as a fact if it isn't one.

------
adamnemecek
I wonder what will Scott is up to these days
[https://motherboard.vice.com/en_us/article/z4m8qx/how-to-
tea...](https://motherboard.vice.com/en_us/article/z4m8qx/how-to-teach-
computer-science-in-north-korea) and if he has second thoughts

~~~
boomboomsubban
Why should he? There's nothing suggesting his pupils are involved, and a
teacher isn't at fault for their students transgressions.

~~~
adamnemecek
OK. What is I taught chemical warfare to SS? Would your opinion be the same?

~~~
boomboomsubban
Strangely, I see a difference between teaching a voluntary paramilitary
organization a method of warfare and teaching college students some computer
science that they potentially could build on to cause harm.

If I remove the hyperbole, I do not blame the physics and chemistry teachers
of the 30's for the horrors of WWII.

------
partycoder
"You must not fight too often with one enemy, or you will teach him all your
art of war." \- Napoleon

------
philliphaydon
I still find it hard to believe that NK is doing all this and not Russia or
China or any other country for that matter.

~~~
danmaz74
Russia and China have much to lose if they get caught at this (especially
China). NK doesn't.

~~~
philliphaydon
Sure but the internet for NK runs via China and Russia. Be easy for them to
make it look like it’s from NK.

------
limeblack
> Workers remove a poster for “The Interview” from a billboard in Hollywood,
> California, on December 18, 2014, a day after Sony announced it would cancel
> the movie’s Christmas release and pull it from theaters.

The only thing that I'm aware of that was pulled(since I was born) because of
similar reasons were movies released around 9/11[1].

[1]
[https://en.wikipedia.org/wiki/List_of_entertainment_affected...](https://en.wikipedia.org/wiki/List_of_entertainment_affected_by_the_September_11_attacks)

~~~
aaron695
There's a lot of other examples, depending on how old you are.

"These included “Earshot,” an episode of “Buffy the Vampire Slayer” that
features a potential school shooter in a clocktower and was originally
scheduled to air one week after the Columbine High School shootings occurred;
“Mike and Molly” had a tornado-themed season finale episode postponed due to
the real-life devastation incurred by the Oklahoma tornadoes; the “Reunion”
episode of “Haven,” which featured gun violence occurring in a school, was due
to air the very same day that the Sandy Hook shootings took place and was
hastily pulled; “Family Guy” episode “Turban Cowboy” showed Peter plowing
through the runners at the Boston Marathon, and when the bombings occurred a
few months after it aired"

[http://www.indiewire.com/2014/07/10-controversial-tv-
episode...](http://www.indiewire.com/2014/07/10-controversial-tv-episodes-
pulled-from-air-274493/)

There are also movies

"Space Camp was delayed back in 1986 following the Challenger explosion"
"Trespass was originally called "The Looters" and (I think) it was set to show
prior to the L.A. Riots. It got pushed to Christmas."

[https://forum.dvdtalk.com/movie-talk/549045-movies-came-
out-...](https://forum.dvdtalk.com/movie-talk/549045-movies-came-out-were-
delayed-due-bad-timing-events.html)

------
codedokode
I think the article is overexaggerating. Nuclear weapon and nuclear threats
are real. One nuclear bomb can kill hundred thousand civilians (because
nuclear weapon is a weapon effective only against civilians). "Cyberweapon" is
a joke.

I don't know whether South Korean cities have bomb shelters but they better
have.

~~~
RikNieu
True, but if hostile agents could somehow sabotage essential things like power
for a large enough geographical areas, bad things will happen. Long lasting
bad things.

------
malaya_zemlya
I wonder why North Koreans haven't yet started a darknet market of some sort.
They have the skills, the means and it's not like they have moral qualms about
that sort of a thing.

------
arwhatever
To hack, don't people need access to the world at large, or at least the
internet part of the world at large?

Would if not be possible to subvert North Korean hacking activities by using
propaganda?

------
drvdevd
The Mythical 6000-man Month.

------
wheresmyusern
the idea that kim is trying to make his cyber program an alternative to his
nuclear program, as suggested at the very end of the article, is completely
wrong. the nuclear program is kims number one priority and it will remain so
until it is completed. north korea is racing against the clock to develop a
nuke, just like iran, because it is the only way that the country can survive.
without a nuke, north korea will eventually give in to western influence and
ultimately western powers will provoke a destabilization event and put their
own person into power. the one and only thing that will prevent that is a
nuclear weapon.

~~~
boomboomsubban
China already prevents a western power from some kind of coup, that's why it
hasn't happened already. A nuke is necessary to prevent more Chinese supported
coups.

