Slashdot Mirror
North Korean Defector Spills Details On the Country's Elite Hacking Force
mattydread23 writes Business Insider interviewed Jang Se-yul, a North Korean defector who trained in the country's Mirim University alongside some of the hackers who make up its elite Bureau 121 hacking squad. He explains how they train: 'They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. Jang says a lot of time was spent dissecting Microsoft programs, like the Windows operating system, and how to attack the overall computer IT systems of enemy countries like the U.S. or South Korea.' He also explains that these hackers are among the elite in North Korea, and even though they have unfiltered information about the outside world that their countrymen lack, most of them would never dream of leaving. (See also this story from earlier this month about the life of North Korea's elite hackers.)
Well that's quite the range.
I'm also sure the guy who was never in the inner circle knows all the details and isn't making anything up.
I don't believe you! I definitely think this hack was an inside job.
Maybe we can torture him to confess a link between North Korea and al Qaeda?
[...] these hackers are all aware of what’s going on in the outside world and how reclusive their country is — but they still won’t leave their country. “No matter how hard you try to convince them, they won’t leave [...]
Communist "loyalty" exam: do you love your family?
I think he'd just admit that we installed a puppet regime in NK.
Might as well have them permanently DDOS'd.
During the Cold War, how many KGB agents and upper level apparatchiks had unfiltered access to the West and yet stayed?
Love of County is a very powerful emotion, and elitist snobs who dismiss it can not understand a whole panoply of human motivations.
"I don't know, therefore Aliens" Wafflebox1
Considering what we learned from Edward Snowden I'd say this is actually the absolute minimum I'd expect them to be doing. When your enemy is the United States, obviously you are going to have strong cyber defence.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
There's plenty of news articles where security firms are saying this hack was an inside job by workers facing layoffs, who decided to go along with the conclusion that this was state-sponsored to mitigate any potential penalties they might face if found out. Seems more likely to many...
I bet it's better than this shit Security Course you get at Stanford.
this is Nayirah al-aba all over again
https://en.wikipedia.org/wiki/...
CIA/NSA propaganda machine is in full force. I predict US will be "liberating" north Korea in 2015.
Who logs in to gdm? Not I, said the duck.
In a country where the internet is about as commonplace as for us having your own rocket launch system in the backyard? Please. How do you hit NKor via internet? Take down their online payment system? Hack their official pages so their citizens would get to see defaced pics of li'l Kim?
How?
I can see that as an offensive force, but defense? Please.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
As far as I know, FBI has still not presented any solid evidence that North Korea cracked into Sony's systems.
So it isn't me, it is kinda odd that this guy's defection comes conveniently at exactly this point in time?
Some people really know to come right on cue.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I just wonder what the Korean peninsula would be like if MacArthur followed orders instead of being an arrogant ass.
As long as we have dictatorships like in N. Korea, we will be a World that will always be in turmoil. I think the US and the rest of the World including (especially) China should do everything they can to undermine and discredit the leadership in that country. And then move on to other oppressive regimes around the World - I vote for Saudi Arabia and Iran as the next targets.
Do not get me wrong. The USA is not the beacon of Truth and Justice we like to think we are. During my workout this morning, I became disgusted with the propaganda that I saw on the morning shows. I will not give the summary of the propaganda I saw because it is extremely politically incorrect and the explanation always gets misunderstood by folks who have been brainwashed by the jingoist rhetoric we have been hearing for over a decade. (HINT: Start reading about the USA's geopolitics since WWII regarding oil supplies.)
They forgot to mention how the final test, called the Kobayashi Maru, involves hacking a Gibson by playing tic-tac-toe while receiving a blow job from Jeff Bridges.
By this point it's not that difficult, because it's Unix and you know this, but making your MacBook interface with the alien computer you built from the schematics sent by Setec Astronomy is a bit of a challenge.
And of course those who fail will be taken away by agents and made to mow the lawn for the rest of their lives or something.
They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. And no lessons on how to draw a skeleton.
It's also available for rent on YouTube, so you can watch without stealing if you're so inclined.
Will be to tell everyone about the uber elite, super scary NK hacking force, or we are sending you back.
"If any question why we died, Tell them because our fathers lied."
I wonder if Kim Jong Un has given this elite unit extra "field guidance" in light of their recent failure to quash the movie? Maybe a few of these l33t h4x0rs have been exterminated as an example for others.
Not that uncommon. Infact I just saw a dropper (malware payload delivery ststem) in an .mp3 the other day. .avi is not that far fetched.
It's also available for rent on YouTube, so you can pay for the questionable privilege of viewing this film if you happen to live in the US and you're so inclined.
TFTFY.
Il n'y a pas de Planet B.
He defected in 2007, if facts matter to you.
Ideology: A tool used primarily to avoid the bother of thinking.
I wouldn't bet on it. North Korea wouldn't be able to take us in a conventional war, but they would inflict pretty severe casualties on us and our South Korean allies.
In-house technical training available, daily. Unfiltered access to the internet at work. Nearly 100% retention rate. Must be an awesome place to work!
You overestimate their abilities. The South Korean army alone could take them on and win if they mobilized. The Norks have utterly obsolete military equipment.
The problem is it would not happen without large casualties and probably a bombing of Seoul so I doubt they want to do it.
Except that 1) your neighbor has no lawn mower, 2) your neighbor has no lawn.
Yep, a worker’s paradise.
"Well, good luck finding a judge that doesn't run a bestiality site."
Did you read the article? This defector was as inner circle as it gets without doing the actual haxxorz. Whether he is lying is a different story, but your dismissal is groundless.
Who teaches these fabled courses?
This article is pure bs.
Previous graduates maybe. It had to start somewhere though.
Even if this is real (which is really hard to believe) it is going to be outdated, wrong, and useless like nearly everything else NK does that isn't given to them by China and Russia.
Maybe it's taught by the Chinese. Possible I guess.
I just can't help but imagine a bunch of Norks gathered around a Tandy 1000 hooked up to an acoustic modem with an egg timer. Every 10 minutes they switch off. "Ok, now you a hacker."
Flappinbooger isn't my real name
"I've decided your movie is worthless, therefore I can torrent it and it's not actually stealing..."
Don't blame me, I voted for Baltar.
What secure OS do you run where the video codecs have had a full security review? Google found (and fixed) around 300 exploitable holes in libavcodec / libavformat in the last year. Do you want to bet that they found them all? Do you always run video codecs in an unprivileged process?
I am TheRaven on Soylent News
Actually, to me it sounds like they pretty much are saying the same thing. NK has no hope of winning, but can blow up a bunch of people in retaliation before they fall.
Well, someone did DDOS their entire country offline, taking down their official news outlets etc, so apparently they do need some kind of cyber security force.
In fact they do have an internal network, used by universities and companies, and a 3G mobile network. There is something to defend.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Bollocks.
"I live outside the US, so I can't rent or buy it even if I wanted to."
Il n'y a pas de Planet B.
Kim is afaik found of Hollywood movies so he probably thought that section 121 sounded cool.
this is Nayirah al-aba all over again https://en.wikipedia.org/wiki/...
CIA/NSA propaganda machine is in full force. I predict US will be "liberating" north Korea in 2015.
You are an idiot, then. NK has very little we want and they are not a real threat as a nation state. No, they are not. There's no profit in fucking with them, and nation states don't go in for terrorism. Despite all the absolutely silly bluster, the Norks aren't going to invite the staggering reprisals that would be sure to follow if they actually carried out a tenth of what they threaten.
Well, someone did DDOS their entire country offline,
Yeah, all 1000 NK IP addresses were DDOS attacked. The California University of Pennsylvania (you read that right) network dwarfs NK's. The only "defense" they need is some guy to call everyone on a landline to tell them to shut their computer down till tomorrow.
What about their Elite Photoshopping Force?
What about an AVI that launches, and looks exactly like VLC, and then asks for permission to install an "update" ;)
I just can't help but imagine a bunch of Norks gathered around a Tandy 1000 hooked up to an acoustic modem with an egg timer. Every 10 minutes they switch off. "Ok, now you a hacker."
Smug sense of superiority. Are you an American by any chance?
Yes N. Korea is poor, but do not underestimate your enemies. Look at what they've actually done instead of making fun blindly.
Training people in C and Linux and Windows exploits is not all that hard or expensive compared to, say, building your own nuclear warheads and ICBMs. Former can be done for a few million bucks. The latter costs billions and the engineering is orders of magnitude harder than teaching coding.
In case you didn't know, the Norks managed to build their own nukes and also put a satellite in orbit using their own rocket recently.
mplayer on command line to launch media. Use ffmpeg to convert the media if you're really paranoid. Let's see what crud survives .. Methinks none does in almost all circumstances
This will surely nudge some patriots to update their Symantec license, amirite?
Everything I've ever learned the hard way was based on a statistically invalid sample.
How did we start from someone hacking the network of the distributor of a 3rd rate Xmas-release comedy to apocalyptic throw-downs from a child dictator? This sounds like a South Park episode.
Everything I've ever learned the hard way was based on a statistically invalid sample.
I, for one, plan to purchase every anti-virus product I can possibly put on my credit card, and then I'll send a letter to StratFor, to find out what they recommend for additional security hardening for the upcoming conflict. I expect they'll recommend I switch to Linux immediately, and to help me protect myself as well as my neighbors, I shall be following that advice.
Everything I've ever learned the hard way was based on a statistically invalid sample.
Seriously? "Insightful" for believing that North Korea doesn't need liberation?
I've got bug free Microsoft Software for sale.
Dirt cheap!
- A Frog in a pond utters an azure cry. -
That just shows you how deep the conspiracy goes!
Wouldn't a file like this have to exploit a whole variety of codecs simultaneously? Surely there must be many decoders on the market, some of them even in hardware. Or has libavcodec recently become the most popular target? I would have thought that an attacker would go after the Windows Media Player instead, simply because of the installed base.
Ezekiel 23:20
I'm sure they're writing it already.
Presumably their internal network only has a few closely-watched links to the wider internet that can easily be cut in the event of a DDOS, leaving the internal network running. AFAIK, the DDOS only affected their connectivity to the wide internet, which is essentially just a toy for the elite anyway. I haven't seen any reports to the contrary.
Stop showing off about how much better off you are than the masses!
Damn skite!
Think of the children! ( who may actually have to SEE this film!)
Well.
So who payed this shit 3-million-dollarsUS?-currency
Oh! it Was YaHoo.
Now, that explains it all.
Yahoo can't tell C from A! Or A/UX from Linux. Or FORTRAN from FORT.
That means that North Korea Government Servers are running A/UX on 68k-based Macintosh with an FPU and a paged memory management unit.
Splendid. I have enough info the do a nasty, just for shits and giggles.
Ha ha.
Learn from the past. Iraqui defectors swore up and down that there were massive nuclear programs. They were physicists, they were believable, they testified in secret, in public, on TV. None of it mattered, they were proven liars after we invaded.
Claims from defectors require extraordinary evidence, especially when what's coming out of their mouths is what the government or the intel agencies want to hear.
Liberty.
No, 80% of the apps are using 20% of the codec varieties, so one only need to target those 20% of commonly used codec libs, and that's usually less than a handful.
Oh, and libavcodec / libavformat are used in Android (and in a lot of iOS apps, as AVFoundation doesn't always expose useful APIs), as well as in desktop browsers, so they're a pretty good target to aim for.
I am TheRaven on Soylent News
Hah, time to rewrite major codecs and file formats in Lisp? (:-) I find it rather somewhat amusing that such things as exploits of data file formats should be even technically possible. One feels like living in the 20th century. Is there any list or summary of those 300 issues found by Google? Just for me to check what kinds of problems were found. It seems intriguing.
Ezekiel 23:20
Not being familiar with Linux.. That's even more cute.
In a country where the internet is about as commonplace as for us having your own rocket launch system in the backyard? Please. How do you hit NKor via internet? Take down their online payment system? Hack their official pages so their citizens would get to see defaced pics of li'l Kim?
How?
I can see that as an offensive force, but defense? Please.
From what I read, and what I am led to believe, probably every water treatment plant, every electrical generating system, including the interconnects, has been identified and an attack prepared. The USA electrical grid needs only a core state to fail, and the entire country would fail.
And if you include airports in their attack catalogues then the North Korean protections are complete. Attack them and most probably, the USA part of the internet, and possibly the entire world would be downed.
So, its ok to joke about the NKs capabilities, , Its ok to believe that the commercial anti-viruses give you a false sense of protection, but... there is no protection. Stuxnet was a perfect example. Perhaps the NKs virus software is already installed and laying dormant, just in case....
Leslie Satenstein Montreal Quebec Canada
Yeah. Google and Amazon think Linux works. That's why they use it for their servers.
so I'm not surprised at all they're not defecting... our world is not so appealing if you get your information by the internet... Media in general tends to emphasize news, and too often the worst they are, the better. Bad news are way too diffuse. If I were an alien from a galaxy far, far away I would be probably scared reading news. Actually I think our world is depicted in very distorted way but if you're an alien or a north korean hacker - I see no difference here - chances are you can't make yourself a realistic idea about our so called world of freedom and democracy.
Install/configure http://wiki.debian.org/iptable... and you'll be safe
Casteism
from C to shining C (singing voice)
from C to shinning C (singing voice)
Kim Jon Un is a character from a South Park episode..
Below the speed of light Special Relativity is one of the most accurate theories in physics - above the speed of light..
Maybe we can torture him to confess a link between North Korea and al Qaeda?
Where's Dick Chaney when you need him?
Well imagine South Korea installed a system like Iron Dome or THEL around Seoul which could successfully intercept most of the artillery shells the Norks could fire. Then an invasion of North Korea would be quite likely to be successful with minor losses.
Do you always run video codecs in an unprivileged process?
Heck, if you use Windows with all the DRM the video codec probably has more privs than your admin account.