HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Who is training the North...

Tue Mar 5, 2019, 06:55 PM

Who is training the North Korean hackers?

China? Russia...US was being hacked even as Summit took place..

https://www.nytimes.com/2019/03/03/technology/north-korea-hackers-trump.html

SAN FRANCISCO — North Korean hackers who have targeted American and European businesses for 18 months kept up their attacks last week even as President Trump was meeting with North Korea’s leader in Hanoi.

The attacks, which include efforts to hack into banks, utilities and oil and gas companies, began in 2017, according to researchers at the cybersecurity company McAfee, a time when tensions between North Korea and the United States were flaring. But even though both sides have toned down their fiery threats and begun nuclear disarmament talks, the attacks persist.

CNN:

A group of North Korean hackers is believed to be actively targeting US businesses and "critical infrastructure," a report released this week by cybersecurity firm McAfee said.

McAfee said it found that the North Korean hackers have tried to infiltrate nearly 80 business in critical sectors like finance, telecommunications, energy and defense around the world. Governments themselves were also targeted, McAfee said.
The hacking is believed to have continued during US President Donald Trump's summit with Kim Jong Un. The largest number of recent attacks primarily target Germany, Turkey and the United Kingdom as well as the United States, McAfee said

8 replies, 346 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread

Response to HipChick (Original post)

Tue Mar 5, 2019, 06:56 PM

1. China or Russia is a good bet.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to nycbos (Reply #1)

Tue Mar 5, 2019, 06:58 PM

2. Of course the dumb dumb Orange will not believe anything...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to HipChick (Original post)

Tue Mar 5, 2019, 07:06 PM

3. What I don't get is why can't they just shutdown any access to US web.

by blocking access. If they can identify them doing it then they should be able to stop them.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Historic NY (Reply #3)

Tue Mar 5, 2019, 07:17 PM

4. Hackers rarely travel a straight line between their personal computer and their targets

You know all those old Windows machines whose owners never bother to update them? Millions of them are 'pwned'/infiltrated by hacker bots that usually do the actual 'attacking'. The hackers typically send out a message of some kind (lots of variations there), then the bot fleet attacks.

I think there are even 'botnets for rent' available that can also be used to do the actual attacking.

So the attacks are coming from literally everywhere.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to HipChick (Original post)

Tue Mar 5, 2019, 07:18 PM

5. Well since you asked:

"Long believed to be nonexistent, by 2013 it was clear that the North Korean cyber warriors did exist and were not the creation of South Korean intelligence agencies trying to obtain more money to upgrade government Information War defenses. North Korea has had personnel working on Internet issues since the 1990s and their Mirim College program trained most of the North Korean Internet engineers and hackers. North Korea has a unit devoted to Internet-based warfare and this unit was increasingly active as the number of Mirim graduates grew.

Since the late 1980s, Mirim College was known as a facility that specialized in training electronic warfare specialists. But by the late 1990s, the school was found to be also teaching some students how to hack the Internet and other types of networks. Originally named after the district of Pyongyang it was in, the college eventually moved and expanded. It had several name changes but its official name was always “Military Camp 144 of the Korean People's Army.” Students wore military uniforms and security on the school grounds was strict. Each year 120 students were accepted (from the elite high schools or as transfers from the best universities). Students stayed for 5 years. The school contained five departments: electronic engineering, command automation (hacking), programming, technical reconnaissance (electronic warfare), and computer science. There's also a graduate school, with a three year course (resulting in the equivalent of a Master’s Degree) for a hundred or so students. The Mirim program has been modified since 2015 and is believed to be producing more graduates each year and in a growing number of specialties. Mirim graduates were key to getting the Mangyongdae program going.

It was long thought that those Mirim College grads were hard at work maintaining the government intranet, not plotting Cyber War against the south. Moreover, for a few years, North Korea was allowed to sell programming services to South Korean firms. Not a lot, but the work was competent and cheap. So it was known that there was some software engineering capability north of the DMZ. It was believed that this was being used to raise money for the government up there, not form a major Internet crime operation. But by 2016 there was tangible and growing evidence of North Korean hackers at work in several areas of illegal activity. The Cyber War attacks apparently began around 2005, quietly and nothing too ambitious. But year-by-year, the attacks increased in frequency, intensity, and boldness. By 2009, the North Korean hackers were apparently ready for making major assaults on South Korea's extensive Internet infrastructure, as well as systems (utilities, especially) that are kept off the Internet.

Deceased (since 2011) North Korean leader Kim Jong Il had always been a big fan of PCs and electronic gadgets in general. He not only founded Mirim but backed it consistently. The only form of displeasure from Kim was suspicions that those who graduated from 1986 through the early 1990s had been tainted by visits (until 1991) by Russian electronic warfare experts. Some Mirim students also went to Russia to study for a semester or two. All these students were suspected of having become spies for the Russians, and most, if not all, were purged from the Internet hacking program. Thus, it wasn't until the late 1990s that there were a sufficient number of trusted Internet experts that could be used to begin building a Cyber War organization."

More here:
https://strategypage.com/htmw/htiw/articles/20190224.aspx

Reply to this post

Back to top Alert abuse Link here Permalink



Response to HipChick (Original post)

Tue Mar 5, 2019, 08:30 PM

7. Democrats need to own cybersecurity the way the GOP owns guns.

Think they're coming for you? They're not coming for you physically, they're coming for you virtually. That's a whole new level of paranoia.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to HipChick (Original post)

Tue Mar 5, 2019, 08:43 PM

8. I believe they have many incentives to train themselves.

When slacking off is punished by starvation or firing squad, for both the hacker and their family, and you truly love your Dear Leader, then you, the state sponsored hacker, will work very hard.

These North Korean hackers are very good students and most of the educational materials they require are available free on the internet.

It's not magic, there's no magical hacker's guild that punishes those who reveal secret and mysterious knowledge.

The protocols of the internet are open and there are many places, some light, some dark, where people discuss the many vulnerabilities of various internet implementations.



Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread