North Korean Cyberwar Capabilities

Reuters has an article on North Korea's cyberwar capabilities, specifically "Unit 180."

They're still not in the same league as the US, UK, Russia, China, and Israel. But they're getting better.

Posted on May 22, 2017 at 2:10 PM • 9 Comments

Comments

Ross SniderMay 22, 2017 3:41 PM

I remember looking into the motivations for the SONY hack (why would DPRK hack SONY) to discover that the CIA and State Department had been involved in the production of "The Interview" and had organized a number of military resources to assess how to gear the film toward the fomentation of an insurgency in North Korea, with the Special Envoy discussing how to then smuggle the film into the North so that it would be viewed.

And then I learned that the ("Unit 180") has been tasked primarily with countering propaganda from other nations.

So while the State Department denies being involved in The Interview (even though the leaked SONY emails show that to be true) and DPRK had denied involvement, a pretty clear picture of back-and-forth 'cyber warfare' has emerged.

I. B. LeeveMay 22, 2017 5:46 PM

Sure, those poor literally starving N. Koreans are behind the biggest and most spectacular cyber attacks ever known. They are our enemy, there is no other possible conclusion.

Patriot COMSECMay 22, 2017 8:40 PM

The DPRK may have limited resources, but they have the fourth largest army in the world. Their Special Forces is no joke.

Cyber promises to offer them more bang for their buck, but there is another powerful attack vector for
those with limited means: biological weapons.

As Bill Gates spoke of recently, the threat of biological weapons from a malicious actor with limited means is a dire global threat.

Bruce SchneierMay 22, 2017 8:40 PM

"Sure, those poor literally starving N. Koreans are behind the biggest and most spectacular cyber attacks ever known."

I have never seen -- or have attempted to create -- a list of the ten biggest and most spectacular cyberattacks ever known, but I'm not sure that either the Sony breach or Wannacry would be in the top ten.

Seungjoo (Gabriel) KimMay 22, 2017 11:07 PM

North korea hackers have good hacking skills and good base in computer science.

But above all, they have very strong motivation such as Kim Jung-un's encouragements.

Furthermore, North korea hackers are state-sponsored and soldiers. Thus they have the knowledge of (military) operation. As we can see in SWIFT hacking, they can carry out very well organized operation.

Rufo GuerreschiMay 23, 2017 12:04 AM

the very article you quote says "No conclusive proof has been provided and no criminal charges have yet been filed". So we have no clue tobwhat extent those attacks are false flags and misattribution exercises. And we know how easy it is, especially when all evidence in cases as highly classified.

ab praeceptisMay 23, 2017 12:22 AM

Rufo Guerreschi

Plus, it just so happens that the "investigators" are the pals of the probable culprits ...

I certainly wouldn't hold my breath for the fbi finding out that the cia attacked half the world and blamed it on Russia or NK.

AnselmMay 23, 2017 3:10 AM

Traditionally there is no love lost between the CIA and FBI – but if the FBI did find out that in fact the CIA was behind “WannaCry” they would still probably sit on that info for national-security reasons. It would, however, likely come in useful as ammunition in the behind-the-scenes inter-agency politics game.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.