Slashdot Mirror

← Back to Stories (view on slashdot.org)

S. Korea Claims N. Korea Has Trained 600 Crackers

Posted by timothy on from the hey-that's-not-cool-man dept.

maggeth writes "The Financial Times is reporting that North Korea's military and intel services have trained as many as 600 computer hackers specifically for attacks against South Korea, Japan, and the US. South Korea claims that the north has a five-year university program for hacker training and cites recent attacks on government computer systems. The South Korean defense ministry claimed in the report that 'North Korea's intelligence warfare capability is estimated to have reached the level of advanced countries,' and that the caliber of the North's hackers is high. So far it appears that these specific attacks are based in China, although it is not clear if North Korea is using Chinese networks or if China is involved."

11 of 535 comments (clear)

  1. Re:Huh? by Tore+S+B · · Score: 3, Informative

    They followed the proper nomenclature (a pleasant surprise to me) and called malicious hackers "crackers".
    See http://catb.org/~esr/jargon/html/C/cracker.html
    and then this:
    http://catb.org/~esr/jargon/html/H/hacker.html
    I myself am personally offended when people think that hackers are malicious.

    --
    toresbe
  2. Re:Interesting... by tod_miller · · Score: 2, Informative

    If they get a penchant for good brains, then the intellectual community could be in danger!

    Is there a north korean linux user group? Actually, joking aside, the US is more interested in bombing the shit out of North Korea than making any gestures of help for these people.

    Now, if the US were at war with N.Korea right now, it would be so politically incorrect to say that.

    Of course, it is not as if when GWBush gets re-elected that suddenly N.Korea will have some unquantifiable threat to the world, and maybe even this report is S.Korea helping the US villify N.Korea (not saying they are deserved of any villification)

    Anyway, this isn't anti-US, I just hope that the near future of people who are hungry contains food, not bombs.

    Although in the long term, bombs might equal MacDonalds, so HOLD ON!! MacBurgular is on his way!

    Would you like fries with that?

    --
    #hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
  3. Re:Interesting... by jedrek · · Score: 4, Informative

    Bomb the fuck out of the North Korean military and invade.

    The problem, of course, isn't one of a vietnam-style conflict, it's one of the North leveling Seoul to the ground via conventional arms. In every single conventional-arms scenario, Seoul is lost before the war is won.

  4. Re:Curriculum at Hacker U.? by Kjella · · Score: 2, Informative
    I'll try a completely uneducated guess:
    • Introduction to security exploits. What it is, common forms of exploits, how to find them (security bulletins etc.), what "rooting" a machine means.
    • Finding exploits. This means mapping bulletins to binary code, or to decompile binary code to find potential exploits.
    • Executing exploits. How to use an exploit (e.g. a buffer overflow) to maximize the effect. Some exploits are crash bugs, others are full takeover-bugs.
    • Covert operation. An exploited machine should not reveal its presence to its users (think netstat/task manager/ps).
    • Intelligence gathering. An exploited machine can easily be used to sniff passwords, authorization codes and various compromised information.
    • Decryption and disassembly. As a special subset of the last subject, you may need to log passwords and execute encryption programs to access information (military equivalent of pgp files, encrypted containers etc.)
    • Introduction to IDS. What an IDS is, how it operates and its weaknesses. This is a prerequisite for the next subject.
    • Covert contamination. An exploited machine should be used to infect other machines (as it is already inside the security perimeter), but in such a manner that it isn't obvious.
    • Information extraction. If the point is to have a sustained intelligence gathering in a hostile host, you need a covert way of extracting information on a regular basis.
    • Tamper-proofing. If an infected machine is dissected, you don't want to reveal how it works. This would include encryption in memory, self-destruct possibilities (unless trapped in a VM) and so on.
    • Stealth remote control. Most likely, any such exploit would include a backdoor for remote access. This needs to be invisible, as e.g. with secret knocks or a similar system. Also routing through several compromised systems to circumvent many layers of security.

    That is just some of the subjects I can imagine. I'm sure there's more. And these are all the high-level subjects. At the lower level, you'd need skill in low-level programming (assembler, most likely), network programming, encryption, low level IO (sniffers) and many other subjects to fill it up. That's easily a 5-year program.

    Kjella
    --
    Live today, because you never know what tomorrow brings
  5. Related or Coincidence? by div_2n · · Score: 3, Informative

    Just a couple of days ago I received a few phishing e-mails disguised to look like CitiBank e-mails that pointed to servers based in China. The e-mails originated from China as well. I even did some of the work for the FBI and sent full registration info for those IP addresses.

    I was quite disappointed when I tried to report it to the FBI and I got what was clearly and automated response that said, "This is not an automated response."

    Also recently I was privy to a situtation where a computer in a school system was acting VERY strange and typing text in Word on its own that seemed half gibberish and half not but with text that could almost be confused for terrorist communications. The school system called the FBI and gave them the IP of the machine. The FBI said they were monitoring it to try to determine the cause. The only problem? It was a private IP address and impossible to monitor remotely.

    I understand that the FBI probably guessed (quite correctly IMO) that the computer was infected with one of the new worms that uses the dictation engine, but they told the school they were monitoring which was a lie. Additionally, they sent me an e-mail that said it wasn't automated when it so clearly was. No wonder we had intelligence failures leading up to 9/11.

  6. Re:If true, the stakes are now higher. by EinarH · · Score: 2, Informative
    If you ask me this claim about "North Korea has trained 600 EVIL AND SKILLED HACKERS OMG RUN FOR YOUR LIVES! is in the same category as the infamous story about How Saddam has bought 4000 new Playstations so his scientists can construct the MEGA BOMB*.

    Both stories are guaranteed to go all the way around the world becauase of their newsworthiness. They are both impossible to verify. Both caters to technology fear and fears about "what will the dangerous future bring".
    So I belive that both stories are propaganda. Where the propaganda comes from is another question.

    And I somewhat doubt that North Korea could afford much of that Cisco stuff they would need to do some serious damage.

    *What happened to that story anyway?
    Thay didn't find stacks of Playstations in Iraq that's for sure.

    --

    Melius mori in libertate quam vivere in servitute.

  7. Re:If true, the stakes are now higher. by geigertube · · Score: 2, Informative

    And everyone else has to use pocket calculators and squeak toys.

  8. Re:If true, the stakes are now higher. by Anonymous Coward · · Score: 1, Informative

    That wasn't has assertion in the debate. His assertion was that if other countries werent involved then north korea wouldnt feel as much pressure. If they walk out on us they could care less(as they have many times in the past, which was the problem he was stating with bilateral talks), but if they walk out on china...thats a different story.

  9. Official North Korean News Agency by mikeee · · Score: 2, Informative

    If you haven't seen this, have a look; it reads like an overblown parody of 1984, but it's real.

    Korean Central News Agency of Democratic Peoples Republic of Korea

    Any government that can publish this with a straight face needs to be overthrown... :(

  10. Re:Interesting... by Oddly_Drac · · Score: 2, Informative

    "You're mistaken about the delivery systems."

    Of course I would be. A quick google refers to a non-flight tested system that has between a 3000km and 9000km flight radius (reported) according to it's size, but thrutch is one part of the equation...guidance systems are another. If you read down the page, you'll notice that the information is between 4-5 years old with the indicator that they've tested the engines on stands. Guess what was announced this year as well?

    Intelligence sources are almost non-existant in North Korea due to a paranoid regime, but the Iranian Shahab vehicles are _the same_ overall design, mainly due to technology transfer and the sale of a TD-2 on the open market. There have been constant rumblings about North Korea becoming a Middle-Eastern supplier of long range ballistic missiles, but the market has shrunk by two nations in the past 12 months. They don't have many places to sell them.

    Until you've seen the bird fly, it's about the same threat as the supernova bomb I have in my garage, and the constant repetitions of American targets is some fairly cunning propoganda.

    With the current geopolitical changes around the Middle East, I completely expect Iran to want to come back to the table without sacrificing face, the capture of the British patrol boat crew being a way to allay fears that Iran still has internal security despite what happened to Iraq, a nation with which they were deadlocked for a good couple of decades. I can't see them investing in a long range BM without having something to put in it, and they have to be a tad jittery about emplaced launch vehicles after what happened to Iraq.

    Let's face it, there are a number of nations on the planet that have the ability to sterilise other nations completely, but the will to destroy your nation, people and country to bloody the nose of a 'hated' enemy is absolutely non-existent outside of fiction. MAD will stop North Korea attacking the continental US under all circumstances except invasion, and that is a mirror of the events that led to the Cuban Missile crisis.

    --
    Oddly Draconis
    Too cynical to live, too stubborn to die.
  11. Re:May be, the South Koreans need to clean up thei by Daedala · · Score: 2, Informative

    There's an interesting white paper on Taiwanese spam from a legal firm there that specializes in intellectual property. I suspect that many of the reasons Taiwan has so much spam may also apply to South Korea.

    --
    What I say does not represent the views of my employers, my friends, my cats, or myself.