Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Why North Korea Hacks
Newest First  |  Oldest First  |  Threaded View
Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:55:38 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

Sony hack could be a blueprint for terrorism in the cyber domain.

@Mike    I do agree.   Sony's ineptness has opened a whole new world of possibilities.  Instead of panic, actual leadership skills were needed and those at the top of Sony's Film Division came up short.   

It really is discouraging to see individuals  ( Sony Entertainment  Management ) who earn a considerable amount of money show they are not worth it.  Of course Sony is not alone - but  they certainy subscribe to the philoshpy that " you don't have to really know what you are doing to be paid well".  The top management at Sony are prime examples of the "corporate disconnect" that has been fostered for the past two decades(at least).    

So now Sony becomes a text book case for many things, just add "What not to do with cyber blackmail" to it.

Just don't tell Sony - they will want licensing and residuals from it.

Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:45:00 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

"..With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question."

 

@Mike    Thank you for the clarification.  Well I am not so quite persuaded by the FBI's claims, which are at best obvious and at worst " a little late" as well.  This is a multifaceted  issue of course but even this basic point is up for some debate.

 

But since you have no reason not to believe the FBI then I can understand your premise and the resulting argument that comes from it.    Not that I agree of course but at least I understand your position.

mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/18/2015 | 9:31:08 PM
Re: North Korea and Sony: Asking the Wrong Questions ?
The intent of the blog is to suggest possible motivations behind North Korean cyber activity.  With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question.

Regarding this being an act of terror, I'm only suggesting that the Sony hack could be a blueprint for terrorism in the cyber domain.  Whether intended as terrorism or extrotion, whomever is behind the hack has demonstrated an ability to make a major corporation capitulate to specific demands.  The point I am making is that terror groups are watching, and are learning from the hack.  

I hope that clarifies things a bit and I thank you for the comments!

 

 
Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/18/2015 | 9:17:24 PM
North Korea and Sony: Asking the Wrong Questions ?

I am not sure what to conclude from this Blog,  the act against Sony was an act of terror ?  The reason N. Korea responded was because their leader is immature ?   What was the motivation ?   You mentioned nothing about Sony which does bare some ( and some might argue most ) of responsibility for their breech.  

 

I must have missed the point of this Blog because I don't get the point at all. 

mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/16/2015 | 12:19:33 PM
Re: Future Forecast
In traditional warfighting we think of kinetic capabilities as those that result in obvious physical damage e.g. bombs destroying buildings.  While cyber capabilities can certainly create damaging physical effects on networks, military professionals tend to view cyber as a non-kinetic capability, essentially because we dont see things blowing up when cyber is employed. 

However, understanding of the cyber environment is rapidly changing. By that I mean, military professionals are beginning to understand where the cyber domain fits in the group of traditional warfighting domains (land, sea, air).  My thought is that we will get to the point very soon where the cyber domain is recognized in the same way as the traditional warfighting environments, and at that time the term kinetic will mean something different. I hope that helps.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
1/16/2015 | 8:01:51 AM
Re: Future Forecast
So the question I see is...what do alliances really mean in the Cyber world?

Excellent point -- and an issue that is very much TBD.

I'm also curious about your use of the word "kinetic." Wondering if you could explain to a neophyte what you mean by kinetic in this context. 
mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/15/2015 | 5:33:24 PM
Re: Future Forecast
Thats a great question and a topic worth exploring in its own right!

The question is interesting because we tend to view "alliances" in a militarty context.  

In the modern era we have formal treaties like the North Atlantic Treaty Organization (NATO), the "Five Eyes" (an intelligence focused alliance between the US, UK, Canada, Australia and New Zealand), and the South East Asia Treaty Organization (SEATO) to name a few.

If we look at Nations that we (the "Free World") have in recent history (70 years) viewed as adversaries, the picture is a little less clear but we can still discern informal alliances by actions of countries on the geo-politcical scene.  For instance, we know that the Russians are cooperating with the Iranians on nuclear capability; we know that the Iranians and the North Koreans have traded military arms; we know that when there is an international incident, we can generally anticipate how the permanent members of the UN Security Council (the countries with veto power) will vote.  Typically we see the US, UK and France aligned to one point of view, and Russiia and China aligned with an opposing point of view.

So why is this interesting...In the kinetic world, the rules of the game are relatively clear.  If Country A attacks Country B, and there is a formal miltary alliance or implied realtionship between them as Ive described above, the choices are clear for countries aligned with the Countries in question.  In other words, If Germany were attacked by a convential military force, member countries of NATO would be obligated to come to the defense of Germany. In less formal relationships we cant be certain of how a particular country will react, but there is a higher probability that countries in those relationships will respond militraily if one partner is attacked.

In the non-kinetic world, the Cyber Domain, we have already seen how the picture is much less clear.  Imagine if a country attacked a major US corporation, on US soil, with conventional weapons (think the SONY attack with bombs).    It is reasonable to assume that the US would have responded to the attack militarily Fast forward to 2014...same scenario but a cyber attack rather than bombs.  The response was much different.  Sanctions, condemnations, and political posturing...no clear cyber response by the US.

So the question I see is...what do alliances really mean in the Cyber world?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
1/15/2015 | 4:16:13 PM
Re: Future Forecast
I suppose you will get into this in the remaining installments of the series,, but curious.Are there many alliances between nation-state threat actors?
mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/15/2015 | 3:56:08 PM
Re: Future Forecast
Thanks and great questions!

We know that China has maintained a relationship since the Korean Conflict, so it is possible that the 2 countries could collaborate on cyber activities targeting entities that each country may see as either threats, or rich targets of opportunity.  But here is a point to think about...

We know that the Chinese Government has been targeting other Nations for quite some time (reference my last piece on China).  But the question is, "why would China risk what has arguably been a tremendous record of successful exploitation in the cyber domain, by partnering with what is widely considered as a Country with unsohisticated cyber capability, and a completey erratic pattern of behavior on the global geo-political scene?"  I think the answer is, the Chinese Government wouldn't. 
swreynolds92
50%
50%
swreynolds92,
 User Rank: Strategist
1/15/2015 | 2:03:19 PM
Future Forecast
With all the buzz surrounding North Korea hacking Sony, and Admiral Rogers saying China has the ability to shut down our infrastructures, is it possible we could see a cyber collaboration between the two countries in an effort to cripple the US? Should we be fearful considering North Korea injected itself into a huge corporation like Sony Pictures, and China at any point can flip the switch and it seems like we'd be in big, big trouble?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-23599
PUBLISHED: 2022-01-28
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the image_view_fullscree...
CVE-2022-0395
PUBLISHED: 2022-01-28
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-21721
PUBLISHED: 2022-01-28
Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in ...
CVE-2022-23598
PUBLISHED: 2022-01-28
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value w...
CVE-2021-4160
PUBLISHED: 2022-01-28
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis sug...