Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
The Military Government United States

North Korean Hackers Are Targeting US Defense Contractors ( 146

chicksdaddy quotes Security Ledger: North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People's Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula.

"As the situation between the DPRK and the US has become more tense, we've definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK," an official at an aerospace and defense firm told Security Ledger. The so-called "probes" were targeting the company's administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network... So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve.

CNBC also reports that America's congressional defense committees have authorized a last-minute request for $4 billion in extra spending for "urgent missile defeat and defense enhancements to counter the threat of North Korea."

Other countries newly interested in purchasing missile defense systems include Japan, Sweden, Poland, and Saudi Arabia.
This discussion has been archived. No new comments can be posted.

North Korean Hackers Are Targeting US Defense Contractors

Comments Filter:
  • alliance (Score:4, Insightful)

    by PopeRatzo ( 965947 ) on Sunday November 12, 2017 @10:52PM (#55538155) Journal

    Our good friends in Russia are still doing lots of business with North Korea.

    Donald, they're laughing at you, not with you. []

    • by Anonymous Coward

      The American preoccupation with Russia and claims without supporting evidence is fascinating, though maybe dangerous.

      Russia is not among the 5 largest importers from North Korea and as for exports to North Korea it was less than $80 million putting them third closely followed by Thailand. Look at the numbers for China.

      Aside from China, a few other countries trade with North Korea as well. Pyongyang also did business with India, Pakistan, Russia, Thailand and the Philippines, according to the Massachusetts I

    • he's laughing with them and at us.
  • No shit sherlock (Score:5, Insightful)

    by rsilvergun ( 571051 ) on Sunday November 12, 2017 @11:20PM (#55538239)
    of course they are. It would be silly if they weren't. Hell, I'm sure our allies are targeting us and we're targeting them. That's just the nature of these things. The fact that we can read stories about it means NK isn't very good at it.

    Now, watch the news. If you start seeing more and more of these kind of stories about scary things NK is doing that's when you start worrying, because it means our media is gearing us up for war with them. Go look back at media coverage before Iraq/Afghanistan if you doubt me.
    • by Anonymous Coward

      Keep in mind the fact that US businesses don't give a rat's ass about security, (no need -- C-level just hit their yacht with their golden parachutes and congratulate themselves for a "synergistic optimization" if they get let go. Plus, there are no real regulations that has any effect on companies. Maybe the GDPR, but I'm sure that will be mainly used as a tool to beat down non-European countries, since they often call Google or Microsoft for a kangaroo court trial, but rarely clean their own house. Eur

    • by k6mfw ( 1182893 )

      , because it means our media is gearing us up for war with them.

      I wonder if the hawks were living in Seoul, would they be still willing to gear up for war? For those clueless Seoul is the major South Korean city that will be flatten from conventional artillery that is within range of NK.

  • that shit don't need to be there, for fucking ducks' sake.

    • by Anonymous Coward

      that shit don't need to be there, for fucking ducks' sake.

      Everyone thinks they need the internet.

  • Seems silly (Score:2, Offtopic)

    by Baron_Yam ( 643147 )

    Since the USA has enough military capability to "nuke the site from orbit, just to be sure", several times over, this seems like a wasted effort.

    Do you care exactly how many megatons of nuclear warheads were used to eradicate you? Is this so NK can know exactly how much overkill the USA could bring to bear if they wished to do so?

    Honestly, everybody involved knows the standoff is dependent on China and Russia as well as having Seoul within shelling range... almost nothing about the precise American capabil

    • Re: (Score:2, Informative)

      by rtb61 ( 674572 )

      Apparently for you, dumping nuclear fallout in massive quantities on Japan, China, Russia and South Korea not a problem. So the fuck what if say millions people from those countries die of radiation poisoning, fuck em they are only commies and slope heads. Their view might be a little different, especially China as a million of their citizens dying from radiation poisoning and tens of thousands of hectares of farming land poisoned might not go down well, in fact so badly, that Honolulu would very likely sta

      • Nice rant, shame it bears zero relation to what I wrote.

    • Since the USA has enough military capability to "nuke the site from orbit, just to be sure", several times over, this seems like a wasted effort.

      This isn't about stopping an American attack, it is about deterring it. If NK can learn enough about our ABM capabilities and counter our defenses enough so that we think they have a chance to take out a few west coast cities, then we aren't going to start a war by attacking them.

      • >This isn't about stopping an American attack, it is about deterring it.

        "everybody involved knows the standoff is dependent on China and Russia as well as having Seoul within shelling range."

        I still don't see the point.

        Everything beyond razing Seoul and the threat of a flood of refugees into China is more or less window dressing. Nobody wants to see that, so the available overwhelming force isn't used to destroy NK.

        NK can learn all they want about US capability - there's simply so much of it relative to

  • The minute NK threatened the use of an electromagnetic pulse weapon the U.S. should have dropped the hammer. You can't have an unstable communist dictator talking that way. It's going way beyond any acceptable line.
    • north korea can actually make a fusion weapon? I've only seen yields consistent with a boosted fission weapon. North Korea has no weapons with sufficient power to attack the USA with EMP. It's hot air.

      • I'm not claiming NK can do it, NK is claiming they have the ability to launch an EMP attack. If they're bluffing someone should call them on it.
    • by gtall ( 79522 )

      Yeah!!! Let's sacrifice the South Korean and Japanese. We'll show them we mean business....oh...wait a minute...they are our allies...maybe we should ask permission first before we rain nuclear fallout on their countries.

    • by johanw ( 1001493 )

      We already have a capitalistic deep state threatening NK, so it's only natural they reply in kind.

  • by AHuxley ( 892839 ) on Monday November 13, 2017 @12:25AM (#55538417) Journal
    Why have sensitive mil and contractor data in plain text on random internet facing networks?
    What is US counterintelligence doing?
    Watch the contractor network and use lots of encryption. Compartmentalize projects and data. Just in time from just about any company is not secure.

    The next question for the USA is the quality of its mil, gov and contractor human security.
    Who is around your bases, ports offering mil/contractors pleasure, alcoholic beverages and cash for US secrets?
    Start doing interviews and background reports on all mil officials and contractors.
    Look for new wealth, holidays, police reports of loud parties, home improvements, a new car, unexpected shopping, gifts, changes in personality, boasting.
    Look at the cell phone movements of at risk mil/contractors. Who are they meeting, talking to? What new cell phones do their cell phones stay next to for some time?
    • I'd be inclined to just drop an appropriately-loaded flash drive or two around sites I was interested in and wait for it to be used where it might do me some good.

      For example, there's a 512 GB drive called the "Patriot Supersonic Mega". What ultra-loyal, flag-waving military person could resist a name like that? Presented in a manner screaming "Unopened Original Packaging", I bet sooner or later it would wind up somewhere useful. If not, oh well. I just wasted a hundred bucks on a failed espionage attem

    • by AmiMoJo ( 196126 )

      Apart from Snowden most of the leaks have been CIA/NSA staff just leaving their malware and sourcecode lying around on staging servers for anyone who finds them to pilfer.

  • Yawn (Score:2, Insightful)

    by Anonymous Coward

    Sounds like the usual government/security-industrial-complex trolling for more funding/authority. Been there, heard that.

    • Every country with internet infrastructure is attempting to hack, probe, manipulate every other country.

      Why pick on NK?

      Funny how dirty tricks are ok if we do it to them, but oh horror! They're trying to do it to us! Badness! "We" being any first world country.

  • by Noishkel ( 3464121 ) on Monday November 13, 2017 @12:40AM (#55538447)

    For those not paying attention Wikileaks have revealed extensive technical details about the CIA's ability to force certificates and plants traces into systems to frame people for the actions of the US security agencies.

    While I have no doubt that North Korea would gladly do so, but we need to face a few facts about the ability of the NK's to really do this much damage.

  • That has to be propaganda. I've read North Korea doesn't even have computers.

    • by AmiMoJo ( 196126 )

      I've read North Korea doesn't even have computers.

      Have you noticed how when you see North Korean TV news boardcasts in the west they are low quality analogue 4:3 images? Because NK only has 1960s level technology, right?

      On NHK news broadcasts in Japan they show the full HD 1080i satellite feeds that NK transmits.

  • Why dont we make it easy for poor old kim. Lets make a little back door for encryption on all our phones. :) I can see him grinning ear to ear if that ever happens. ROFL
  • If North Korea, a country of 25 million people - most of them scraping a living from subsistence farming - can hack american defence contractors and government facillities, then it is certain that any other country with a desire to, could do the same.

    The only reason we do not hear of all those other countries hacking the US defence systems is either because they don't want to, or because they are better at it (than N.K.) and cover their tracks.

    Rather than thinking that NK represents some sort of technol

    • I'm sure when the NK government gives you an opportunity to learn to hack American computer systems, you take it. If you find your not suited to the task, you're free to go to the gulag where you will be starved to death while performing hard labor; at least you'll be with your family.

  • if anyone does network monitoring, and IPS/IDS stuff - this has been ongoing for the last 15 years.

    either America media is an idiot, probably, or the media is an idiot for finally reporting what everyone like a teenage with a Linux box with a static IP and fail2ban has installed and monitoring the logs. set don't come back for a year or so.

    just block transient countries from internet access to the US internet network assets and you have your hackers blocked..

    • by gtall ( 79522 ) rule, the U.S. will henceforth cut itself off from the rest of the world's internet. By G-d, we'll stop'em. Go get'em Shiva!!! Pass me some ammunition!!

Any sufficiently advanced technology is indistinguishable from a rigged demo.