Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Why North Korea Hacks
Newest First  |  Oldest First  |  Threaded View
Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:55:38 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

Sony hack could be a blueprint for terrorism in the cyber domain.

@Mike    I do agree.   Sony's ineptness has opened a whole new world of possibilities.  Instead of panic, actual leadership skills were needed and those at the top of Sony's Film Division came up short.   

It really is discouraging to see individuals  ( Sony Entertainment  Management ) who earn a considerable amount of money show they are not worth it.  Of course Sony is not alone - but  they certainy subscribe to the philoshpy that " you don't have to really know what you are doing to be paid well".  The top management at Sony are prime examples of the "corporate disconnect" that has been fostered for the past two decades(at least).    

So now Sony becomes a text book case for many things, just add "What not to do with cyber blackmail" to it.

Just don't tell Sony - they will want licensing and residuals from it.

Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:45:00 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

"..With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question."

 

@Mike    Thank you for the clarification.  Well I am not so quite persuaded by the FBI's claims, which are at best obvious and at worst " a little late" as well.  This is a multifaceted  issue of course but even this basic point is up for some debate.

 

But since you have no reason not to believe the FBI then I can understand your premise and the resulting argument that comes from it.    Not that I agree of course but at least I understand your position.

mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/18/2015 | 9:31:08 PM
Re: North Korea and Sony: Asking the Wrong Questions ?
The intent of the blog is to suggest possible motivations behind North Korean cyber activity.  With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question.

Regarding this being an act of terror, I'm only suggesting that the Sony hack could be a blueprint for terrorism in the cyber domain.  Whether intended as terrorism or extrotion, whomever is behind the hack has demonstrated an ability to make a major corporation capitulate to specific demands.  The point I am making is that terror groups are watching, and are learning from the hack.  

I hope that clarifies things a bit and I thank you for the comments!

 

 
Technocrati
50%
50%
Technocrati,
 User Rank: Ninja
1/18/2015 | 9:17:24 PM
North Korea and Sony: Asking the Wrong Questions ?

I am not sure what to conclude from this Blog,  the act against Sony was an act of terror ?  The reason N. Korea responded was because their leader is immature ?   What was the motivation ?   You mentioned nothing about Sony which does bare some ( and some might argue most ) of responsibility for their breech.  

 

I must have missed the point of this Blog because I don't get the point at all. 

mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/16/2015 | 12:19:33 PM
Re: Future Forecast
In traditional warfighting we think of kinetic capabilities as those that result in obvious physical damage e.g. bombs destroying buildings.  While cyber capabilities can certainly create damaging physical effects on networks, military professionals tend to view cyber as a non-kinetic capability, essentially because we dont see things blowing up when cyber is employed. 

However, understanding of the cyber environment is rapidly changing. By that I mean, military professionals are beginning to understand where the cyber domain fits in the group of traditional warfighting domains (land, sea, air).  My thought is that we will get to the point very soon where the cyber domain is recognized in the same way as the traditional warfighting environments, and at that time the term kinetic will mean something different. I hope that helps.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
1/16/2015 | 8:01:51 AM
Re: Future Forecast
So the question I see is...what do alliances really mean in the Cyber world?

Excellent point -- and an issue that is very much TBD.

I'm also curious about your use of the word "kinetic." Wondering if you could explain to a neophyte what you mean by kinetic in this context. 
mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/15/2015 | 5:33:24 PM
Re: Future Forecast
Thats a great question and a topic worth exploring in its own right!

The question is interesting because we tend to view "alliances" in a militarty context.  

In the modern era we have formal treaties like the North Atlantic Treaty Organization (NATO), the "Five Eyes" (an intelligence focused alliance between the US, UK, Canada, Australia and New Zealand), and the South East Asia Treaty Organization (SEATO) to name a few.

If we look at Nations that we (the "Free World") have in recent history (70 years) viewed as adversaries, the picture is a little less clear but we can still discern informal alliances by actions of countries on the geo-politcical scene.  For instance, we know that the Russians are cooperating with the Iranians on nuclear capability; we know that the Iranians and the North Koreans have traded military arms; we know that when there is an international incident, we can generally anticipate how the permanent members of the UN Security Council (the countries with veto power) will vote.  Typically we see the US, UK and France aligned to one point of view, and Russiia and China aligned with an opposing point of view.

So why is this interesting...In the kinetic world, the rules of the game are relatively clear.  If Country A attacks Country B, and there is a formal miltary alliance or implied realtionship between them as Ive described above, the choices are clear for countries aligned with the Countries in question.  In other words, If Germany were attacked by a convential military force, member countries of NATO would be obligated to come to the defense of Germany. In less formal relationships we cant be certain of how a particular country will react, but there is a higher probability that countries in those relationships will respond militraily if one partner is attacked.

In the non-kinetic world, the Cyber Domain, we have already seen how the picture is much less clear.  Imagine if a country attacked a major US corporation, on US soil, with conventional weapons (think the SONY attack with bombs).    It is reasonable to assume that the US would have responded to the attack militarily Fast forward to 2014...same scenario but a cyber attack rather than bombs.  The response was much different.  Sanctions, condemnations, and political posturing...no clear cyber response by the US.

So the question I see is...what do alliances really mean in the Cyber world?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
1/15/2015 | 4:16:13 PM
Re: Future Forecast
I suppose you will get into this in the remaining installments of the series,, but curious.Are there many alliances between nation-state threat actors?
mwallsedgewave
50%
50%
mwallsedgewave,
 User Rank: Author
1/15/2015 | 3:56:08 PM
Re: Future Forecast
Thanks and great questions!

We know that China has maintained a relationship since the Korean Conflict, so it is possible that the 2 countries could collaborate on cyber activities targeting entities that each country may see as either threats, or rich targets of opportunity.  But here is a point to think about...

We know that the Chinese Government has been targeting other Nations for quite some time (reference my last piece on China).  But the question is, "why would China risk what has arguably been a tremendous record of successful exploitation in the cyber domain, by partnering with what is widely considered as a Country with unsohisticated cyber capability, and a completey erratic pattern of behavior on the global geo-political scene?"  I think the answer is, the Chinese Government wouldn't. 
swreynolds92
50%
50%
swreynolds92,
 User Rank: Strategist
1/15/2015 | 2:03:19 PM
Future Forecast
With all the buzz surrounding North Korea hacking Sony, and Admiral Rogers saying China has the ability to shut down our infrastructures, is it possible we could see a cyber collaboration between the two countries in an effort to cripple the US? Should we be fearful considering North Korea injected itself into a huge corporation like Sony Pictures, and China at any point can flip the switch and it seems like we'd be in big, big trouble?


44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8818
PUBLISHED: 2020-02-25
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore...
CVE-2020-8819
PUBLISHED: 2020-02-25
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass ...
CVE-2020-9385
PUBLISHED: 2020-02-25
A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation.
CVE-2020-9382
PUBLISHED: 2020-02-24
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's } parser function.
CVE-2020-1938
PUBLISHED: 2020-02-24
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that ...