North Korea's School For Hackers?

Makoto writes "How do you launch a cyber-war with no IP infrastructure? South Korea claims that North Korea is training about 100 "cybersoldiers" per year in electronic warfighting tools and techniques, including writing viruses and hacking. But according to a story at Wired News, North Korea can barely keep its electrical grid up - not to mention feed its people. Even the Pentagon says North Korea's hacker academy is probably just propaganda by South Korea."

Or maybe it's true

[beallj]

Just because they don't have a general electrical grid doesn't mean that they can't keep electricity going to their "hacker compound".

Re:Or maybe it's true

It's a very restricted society though. No Jolt, no Cheetos, probably very limited pr0n resources....people do need motivation and energy afterall. Do the N. Koreans honestly think they can win? Fah..

Re:Or maybe it's true

[invultor]

How about a gun pointed at their head? I'm sure that is motivation enough.

Well, c'mon...

[Skyshadow]

But according to a story at Wired News, North Korea can barely keep its electrical grid up - not to mention feed its people.

While that's true, they've also managed to turn out atomic weapons, which is quite a bit more complicated than training someone to use nmap. So, really, a lack of a reliable national power grid and insufficiant will to feed the masses does not necessarily exclude the possibility that they're training script kiddies....

Spam Training

[kavachameleon]

"Hacker" Training in Korea: how to spoof other ISPs through your country's servers.

Re:Hmm...Practice

[DeltaSigma]

Hah! I just scanned 127.0.0.1 and all your ports are open, prepare for the system halt of your life!

Military vs. Civilian

[DaRat]

The story probably is propoganda by the South Koreans, *BUT* there is a marked difference between what the miliary gets and what civilians get. The ruling party and the military apparently get an amazingly high percentage of the resources in the country. So, while the rest of the country starves in the dark, the military eats well and probably has the lights on all the time. So, if the military wants to have a hacker school, they probably can afford to devote the resources to it. So what if a few hundred thousand peasants need to shiver in the dark!

There was a very interesting documentary special on Cinemax last month about a visit to North Korea. Sounds like quite a surreal place.

Pentagon not always right

[Wyatt+Earp]

I just read "The Armed Forces of North Korea" by Joseph Bermudez and some other books and reports and I don't think it'd be proper to discount the DPRK's abilities when it comes to Special Forces and Unconventional Warfare.

They've shown a high-level of professionalism when it comes in infiltrating the South and they did pull off the siezure of the USS Pueblo.

Sure the country's electrical grid is dodgy, but so was Israel and Jordan's until the late 80s. The DPRK military doesn't usually have the same electricity or food supply problems that the rest of the country has.

I'd not listen to everything the RoK says, but don't discount them as far as the Pentagon might*. The RoK is heavily infiltrated by the DPRK and I'm sure thier "cyberwar" planning would have agents in the South kick it off from that broadband rich area.

"The KPA (Korean People's Army) is still predominantly an analog and vacuum-tube force," said Alexandre Mansourov, a professor at the Pentagon's Asia-Pacific Center for Security Studies. "We tend to overestimate the level of information-technology expertise in the North Korean military, and South Korea is especially guilty of this."

That might be true for the majority of thier systems, but the DPRK has been buying modern SAMs ECM, Navigation and other systems from the FSR and China. Some of the more elite units in thier vast special forces have at least Gen 2-3 Night Vision and GPS recievers.

* - I've not read either link yet.

Re:Hmm...Practice

[cperciva]

Come on, nobody is going to believe that. You should have written this:

Hah! I just scanned 127.0.0.1 and all your ports are open, prepare for the system halt of your li+++ATH NO CARRIER

Even if it's true, how important is it?

[Walter+Wart]

It is axiomatic in the security biz that everyone is undersecured. But consider the huge number of attacks we get every day. There are plenty of free-range viruses. There are lots and lots and lots of exploits and attacks. Some of the people creating them are damned bright and very well trained.

And that's just the hobbyists. We aren't even addressing the ones who do it for money.

So why hasn't computing crashed and burned forever under the weight of all of these? It's because, in our sloppy suboptimal way, we have learned to respond. The procedures for identifying a new attack or vulnerability aren't great. But they are good enough. Our collective immune system responds.

If North Korea is training 100 l33t hax0rs a year it's a drop in the slop bucket of pros and amateurs already out there doing harm.

If the numbers aren't that impressive, then how about the kinds of attacks they can do? My suspicion is that it isn't nearly as bad as it seems at first glance. This is North Korea we are talking about. There aren't that many people who have grown up living and breathing OS source code. Of the few really skilled people they have many (most? all?) are probably needed in other capacities making them unavailable to write the next Big Worm.

And how good will they be? Creativity, the free play of ideas, and the ability to see things from a different perspective - all of which are important to being a really good code monkey let alone a world class security breaker - are capital crimes in North Korea. Praising the Great Leader and lock-step conformity don't cut it when you are trying to come up with the unexpected and the truly creative.

So even if it's not pure propaganda from Seoul I'm not all that worried.