North Korean Hackers Are Stealing Military Secrets, Say US and Allies (scmp.com) 59
North Korean hackers have conducted a global cyber espionage campaign to try to steal classified military secrets to support Pyongyang's banned nuclear weapons programme, the United States, Britain and South Korea said in a joint advisory on Thursday. From a report: The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, have targeted or breached computer systems at a broad variety of defence or engineering firms, including manufacturers of tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems, the advisory said. "The authoring agencies believe the group and the cyber techniques remain an ongoing threat to various industry sectors worldwide, including but not limited to entities in their respective countries, as well as in Japan and India," the advisory said.
It was co-authored by the U.S. Federal Bureau of Investigation (FBI), the U.S. National Security Agency (NSA) and cyber agencies, Britain's National Cyber Security Centre (NCSC), and South Korea's National Intelligence Service (NIS). "The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes," said Paul Chichester at the NCSC, a part of Britain's GCHQ spy agency. The FBI also issued an arrest warrant for one of the alleged North Korean hackers, and offered a reward of up to $10 million for information that would lead to his arrest. He was charged with hacking and money laundering, according to a poster uploaded to the FBI's Most Wanted website on Thursday.
It was co-authored by the U.S. Federal Bureau of Investigation (FBI), the U.S. National Security Agency (NSA) and cyber agencies, Britain's National Cyber Security Centre (NCSC), and South Korea's National Intelligence Service (NIS). "The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes," said Paul Chichester at the NCSC, a part of Britain's GCHQ spy agency. The FBI also issued an arrest warrant for one of the alleged North Korean hackers, and offered a reward of up to $10 million for information that would lead to his arrest. He was charged with hacking and money laundering, according to a poster uploaded to the FBI's Most Wanted website on Thursday.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Getting somebody into North Korea with the skills and equipment to do that is probably massively harder than to get them close enough to a candidate for US president and takle a shot ...
Re: (Score:2)
Re: (Score:2)
I assume you'd be just fine with it if they started doing the same?
Re: (Score:2)
of course, its called rules of engagement.
Re: (Score:2)
being sarcastic here, o internet what has happened to you to require this.
Re: (Score:2)
Re: (Score:2)
Is there no way to basically "disconnect" them from the rest of the greater world and internet?
Who is allowing them to connect to the backbones, etc?
Re: (Score:2)
You do not need a lot of bandwidth to do targeted hacking. It is essentially impossible to keep them out. A brief look at a map also shows shared borders with China and Russia. Do you want to disconnect them as well?
Re: (Score:2)
Re: (Score:2)
All you need is a connection to a part of the Internet, and between SSH clients, seed boxes, VPN connections, proxies, one can have free reign from there. If everyone blocks North Korea at routers, China and Russia will happily give them a proxy from their IP space that changes.
If North Korea was just alone in the world, that is one thing, but even with that, money talks, and given enough cash, they would get a proxy out. However, NK has two superpowers behind them who will be more than happy to provide I
Re: (Score:2)
All of North Korea's internet access goes though the Great Firewall of China, unless they've got a few slow satellite accounts now. You've touched on why the whole "North Korean Super Hacker Army" trope is such a ridiculous claim, they have almost no bandwidth, fewer computers in the entire country than are on an average college campus and most of those are cast-offs surplus from the Chinese, no trainers to speak of, a severely restricted set of IP addresses, and no computing classes from which to select t
Re: (Score:2)
China is a threat to the world? You're frightened of a country with one single overseas military base? That's as absurd as the fear that Russia, with an economy roughly the size of Mexico, is somehow going to take over all of Europe.
Meanwhile the US has over 750 military bases in over 80 countries worldwide, including a number in countries who want to eject them but they just refuse to leave (Iraq, Syria, Cuba, Chad, Central African Republic). The US spends more on its military than the entire rest of th
This was only supposed to be done by (the) US! (Score:2)
and now those North Koreans are doing it too?
How dare they.
Re: (Score:2)
Because of "Peace of Westphalia" that did put in place the current border system and nation system. This was put into effect in the year 1648 after the 30 year wars and other wars that happened at the same time in Europe.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
Because they have nukes.
There might be an objection that "so what, they can't deliver it to our mainland". Which is not necessarily true. They might not have a missile delivery system which "we" are set up to counter (for values of "we" that clearly wouldn't include America's "allies"), but does that mean they don't have a delivery system which "we" are not set up to counter. For example, delivery over a period of months by shipping container, to an anonym
Re: (Score:1)
Mind you, I'm still all for nuking North Korea out of existence; but we should at least find something valid to complain about before we do. "They're just like us" is hardly a justification to begin carpet-bombing the northern half of the Korean Peninsula.
You're a subhuman cunt.
Okay, who's being asked awkward questions? (Score:5, Insightful)
So the military readily admits it and its suppliers are incapable of keeping state secrets secret? Who's being investigated over this?
My tax dollars pays for incompetent IT. I don't see this as North Korea being very good at hacking so much as the US being incapable of stopping them. I want to see head rolls - including, probably, at Amazon, since we gave them $9bn to provide secure cloud services [cnn.com] and apparently they failed at that.
Of course, no heads will roll, as all that money is just pork and has nothing to do with getting efficient IT.
Re: (Score:3)
I don't see this as North Korea being very good at hacking so much as the US being incapable of stopping them.
Actually, North Korea, and Iran (as another example), are considered to have some very good hackers/spies. The intelligence/capabilities to be a good hacker is not limited by some arbitrary nation boundary lines.
Re: (Score:2)
Only Americans with the memory capacity of a gold fish failed to recognize the pattern.
So the majority of voters. I'm not reassured.
Actually I think the most dangerous weapon in the US arsenal is the Madison Avenue advertising agencies, which are essentially mind-control organizations. They hire the best researchers in the world on mass psychological manipulation, and they're not just selling soap. When the mass media consists of four companies who work as an effective monopoly together to create the nar
Re:Okay, who's being asked awkward questions? (Score:4, Insightful)
Some years ago, someone brought a flash drive in from home that (they claim they did not know) was infected. that put the malware on the NIPRnet. At that time it was already illegal to use personal stuff on government computers, in the DoD, but this person did it, maybe they got confused.
That jeopardized the whole network and took months to clean up from. In all of the networks run by the DoD there are rules that are to be followed... the things that some politicians have done in the past few administrations would have gotten me locked up, unless President Obama decided to pardon me, but I digress.
. It only takes one person who thinks the rules don't apply to them, or that they believe they are smarter than these 'arbitrary' rules. Now your network is compromised.
Re: (Score:2)
Okay.
That answers the how. My question was who: who's being arrested? Who's going to the slammer? Will Amazon be sued or fined? Will their multi-billion contract renegotiated or rescinded? Will we-the-taxpayers get our money back?
Also, while I agree with you that it only takes one rogue, when it happens repeatedly, it becomes a systemic failure.
Re: (Score:2)
Re: (Score:2)
Things aren't as simple as what you suggest. For example, if Electric Boat (do they still make our subs? I don't recall) screws up halfway through building a sub and their networks are compromised, the sub is half built. who else could takeover at that point and finish that sub? The last i knew, electric boat was p
Re: (Score:2)
Why would secure machines even allow usb t devices to be connected? On Windows you can lock it down to a set of pre approved devices, so random flash drives won't be accepted.
Re: (Score:2)
in the article it says, "As was the case with that hack, APT45 used common phishing techniques and computer exploits to trick officials at the firms they were targeting into giving away access to their internal computer systems, Thursday’s advisory said." so the attacks that gained access were more in the realm of gullibility or ignorance of high placed officials... You
Re: (Score:2)
Sure, it's inconvenient. And if there's a use-case for JoeSpecialUser to have access to USB mass storage (ditto, firewire, optical disc ...), then there's a use case for JoeSpecialUser to do so on a special machine, under the
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Question - what - apart from serving from the pork barrel - have your government got to do with promotions in any branch of the military? Seems to me like an ideal opportunity to dish up pork in a corrupt manner. Do people in America actually (sorry - it's hard to type straight while rocking with suppressed laughter) trust "their" politicians? What
Re: (Score:2)
I am sure someone will misread my comment and correct me in the most insulting way possible.
Re: (Score:2)
AWS has never been hacked from the outside, that I've ever heard of. If someone gets on the Pentagram's network and uses that access to worm their way into the archives that's a US government problem. AWS provides the resources and the secure tunnels to get to them, once someone is in that tunnel there's nothing they can do about it.
Something's fishy. (Score:3)
Something like this strikes me as pure propaganda. Not because I don't think they're trying to steal secrets from us. But because it's really, really, REALLY stupidly absurd. This would be like the biggest bully in grade school standing in front of the class and claiming that the weakest kid in class, the one that had back surgery last month and is barely able to walk still, stole his lunch money.
Why does America insist on demanding the world recognize how weak we are now? "Hey, everybody! Just wanted you to know that we're now so inept that North Korea, the place that can barely get a rocket into the air, has stolen military secrets from us." Um, What? And let me add, The Fuck.
Re: (Score:2)
Actually, their rockets are not necessarily bad. They are considered a serious threat, though something called a "Nodong" sounds like the eunuch of missiles.
Re: (Score:3)
Indeed. "We are so inept, we cannot even protect our nuclear secrets from people coming over the open Internet!" is not something you want to announce to the world.
Re: Something's fishy. (Score:2)
Finally someone sensible. A nuclear bomb is WWII technology. It's vacuum tube era.
The only military secrets I can think of are the Pantone color codes of the manufacturer's logos.
Re: (Score:3)
Election coming up. Time to pitch for essential budget increases to protect national security.
Re: (Score:2)
It might be a factor, but it's also a good reminder for various CSOs to do their job. It's also informative on how these specific actors work and how to defend against and recognize that work:
https://www.cisa.gov/news-even... [cisa.gov]
If some anti-missile defense company finds evidence of such hacks in their systems, it is at least very good to know that their anti-missile tech is probably going to be less effective when used against the North Koreans (although said company also needs a pretty firm talking to if the
Re: (Score:2)
Honestly, creating advisories like this are exactly what an organisation like the CISA should do.
If it's real, I agree. Unfortunately, my trust issues when it comes to such things doesn't allow me to jump directly to belief just because they said it. Our government and its agencies lie constantly. Especially if, as pointed out elsewhere, it can lead to budget increases.
Re: (Score:2)
Election coming up. Time to pitch for essential budget increases to protect national security.
You know, I hadn't thought of such a simple answer, but that seems to be as believable a cause as any.
Re: (Score:2)
It's an old trick. No candidate is to going to react to reports of national security issues by saying they will keep funding levels the same.
Once again (Score:2)
Private industry doing it better than the government. Keep up the good work folks.
Maybe secure them better? (Score:5, Insightful)
Hackers breaking in always has two sides: Hacking attempts and crappy software that is not resilient against them.
Re: (Score:2)
but i need tiktok (insert appropriate girder here) challenge
So what are we going to do about it? (Score:2)
Re: (Score:2)
Shocker (Score:2)
Spies gonna spy. It's their job.
It's why we have people in counter intelligence who's job is to stop the spies.
We also have people in computer security who's job is to secure computer systems -although they deal mostly with generic problems more than dedicated spy-hackers.
It is good to remind people that this shit happens, but ... life goes on, deal with it.
Pity me, I'm a victim (Score:2)
My 100 Billion dollar department was attacked, I'm a victim. No, don't look at the billion bullets and thousand rockets in my warehouse. Who woulda thought people I don't like are smarter than me? This is the military, we don't want smarter people.
Why aren't they scared of my giant missiles? I don't wanna do software QA and penetration testing. Or to be precise, the people I throw billions of dollars at, don't want to do that, it's so expensive.
Stop sharing everything over the internet (Score:3)
Here's an idea. Stop putting everything on network connected computers. Keep secure stuff, secure by keeping it offline and off the internet. If needs to be on the internet. Keep it encrypted on all levels, on encrypted computers with encrypted RAM and CPU functions.
Re: (Score:2)
Data gets into and out of RAM via mass storage and/ or network interfaces. If you've secured those, then what would be the point of encrypting your RAM? By the time someone has got the RAM out of the main system and into a machine capable of reading the RAM's content;s it will have missed hundreds, thousands or millions of refresh cycles, and be rapidly approaching random numbers.
(Sideline : Is there a random number