
How North Korea’s Hackers Became Dangerously Good - rbanffy
https://www.wsj.com/articles/how-north-koreas-hackers-became-dangerously-good-1524150416
======
guilhas
> "The researchers emphasize that catching hackers is difficult, and that they
> can’t be 100% certain that every attack attributed to North Korea was
> orchestrated by its cyberwarriors."

That's about the facts of this story.

> "Many North Korean hackers are using perfect English or embedding other
> languages into coding to make it appear hacks came from other countries, the
> researchers have concluded"

Everyone ends up using English even in comments. It's just easier. Everyone
knows it. And it's where most resources are.

~~~
laythea
I recently noticed that some of my firefox bookmark folders were renamed. But
it was not me that renamed it.

It was a very strange feeling. Whoever had renamed it was replying to the
subject of the bookmark folder. So Eg. If the folder was called "Fast cars",
then it would have been relabelled something like "I, this is fast cars pal."
Both the "I" at the start and the "pal" are typically Scottish, which is where
I'm from.

I deleted the folder.

~~~
thaumaturgy
The likelihood that someone compromised your system just to rename your
bookmarks is approximately epsilon.

The most likely explanation is that you did it and have no memory of it; this
can be caused by taking certain sleep medications, having a sleep disorder, or
by other environmental conditions (like a CO leak, already mentioned).

The next most likely is that a friend or family member with a bizarre sense of
humor is playing a prank on you.

It is more likely that you own a cat, who is literate and can operate a
computer, than that your system was remotely compromised for the purposes of
renaming your bookmarks.

~~~
laythea
I did not say that it was for the purposes of renaming bookmarks.

However, the folder in particular was a collections of links, one of which I
suspected had a virus. So I named it "folder with possible virus links". I can
only imagine whoever was in my computer, could not resist renaming this.

I have no medication, no negative environmental conditions and I am, by normal
standards, a sane individual.

------
coldcode
In an authoritarian state, especially one where food is scarce to much of the
population, learning a skill that is considered vital to the state is a good
way to ensure you can eat.

~~~
mkirklions
It reminds me of all the 'Humanity started farming and it allowed people to
specialize'.

Also, I imagine that those skills allow you to talk to the outside world
without any old people knowing whats going on.

~~~
yorwba
NK has a system where everyone with _any_ kind of outside contact is paired up
with a stranger who might be an intelligence agent or just a regular person
whose family has been taken hostage, but in any case they're fairly likely to
snitch. The East German Stasi used similar methods, and quite effectively.

~~~
flohofwoe
Comparing the situation in Eastern Germany to North Korea is a bit of a
stretch to put it mildly. I don't know first-hand how bad it is in NK, but I
grew up in the GDR. Even the worst Stasi actions are most likely tamer than a
normal day in North Korea (family members and friends ended up in jail for
weeks or months for attempting to escape to the West, but I guess if the same
happened in North Korea it's not done with a bit of jail time).

Most Stasi snitches (IMs) didn't need much 'encouragement' by the Stasi, most
did it for purely egoistical reasons (money or favours).

~~~
coldtea
> _Even the worst Stasi actions are most likely tamer than a normal day in
> North Korea_

as reported in doubtful articles and by sources with reasons to put some spice
on their stories (e.g. to have them celebrated and promoted as heroic
defectors as opposed to run of the mill immigrants).

------
youpassbutter
Did dear leader buy his team a subscription to 2600?

------
devilmoon
Non-paywalled version?

~~~
aglionby
Replacing 'wsj.com' with 'fullwsj.com' works for any WSJ article. Redirects
via Facebook.

[https://www.fullwsj.com/articles/how-north-koreas-hackers-
be...](https://www.fullwsj.com/articles/how-north-koreas-hackers-became-
dangerously-good-1524150416)

~~~
lightbyte
Alternatively, save the following as a bookmark and click it on the article
page:

    
    
        javascript:location.href='http://facebook.com/l.php?u='+encodeURIComponent(location.href)

------
mcrae
>> Corrections & Amplifications An earlier version of this article incorrectly
included the name of a defector familiar with North Korea’s cyber training,
whose identity was included in violation of the agreement with the source.
(April 19, 2018)

Yikes!! I understand mistakes happen, but what an absolute betrayal of trust

~~~
brazzledazzle
I don’t usually think someone should be fired for mistakes but this is so
egregious. How does their name even end up in a draft, much less the published
article? How will the convince anyone considering discussing something
anonymously with the paper to move forward with a screw up like that?

~~~
partisan
The first thing anyone who is not asleep at the wheel would ask is, “does this
person really want to be named?”

~~~
alex_hitchins
We are all human and humans make mistakes. While a devastating action, it was
likely a process that failed rather than an individual being inept.

~~~
toss1
Yes hyumans make mistakes. And those mistakes have, and should have
consequences.

When the likely result is to get someone killed, there should be serious
consequences for the people, regardless of whether it was 'people' or
'process' that you put at the top of the fault chain.

That is the way it works in the real world. Small bits of inattention can lead
to death. We don't say that 'it was just a small thing' when someone is
texting while driving and crashes and injures/kills people, even tho it was
just a a few seconds lapse of attention.

This source, and/or his family back home are now likely on a NK hit list. The
employer has now had it's credibility for confidentiality destroyed for a
decade. This lapse should have consequences.

(And if you don't like the potential consequences, either make sure you play
the game right, or don't play the game.)

~~~
alex_hitchins
I'm not sure I understand your comment in full, but I wasn't suggesting there
be no consequences for this mistake. I also don't see it in any way trivial.
Sacking people is easy and a quick fix but what change was actually made to
ensure this never, ever happens again.

------
sametmax
I doubt they ever became good, because to grow good "anyone" is very hard in
such a harsh dictatorship.

It's much more likely they just hire technical mercenaries.

~~~
nasredin
Lots of "patriotic" hackers in Russia, one of North Korea's few friends...

~~~
sametmax
You can buy books and access internet easily in russia.

------
thekingofh
I'm no hacker. But if I were I'd first hack North Korean servers, then use
those servers to do all my outward hacking. This would ensure no cooperation
of authorities and no traceback. North Korea is essentially a black hole for
hackers to launch their attacks from. Not sure why people think this third
world country is fostering the creativity and science and engineering
background necessary for the hacking that's attributed to them.

~~~
Double_a_92
Even if its a third world country they just need to foster a few hundred
students and teach them to become hackers... Possible even if everybody else
is starving.

