Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Why North Korea Hacks
Newest First  |  Oldest First  |  Threaded View
Technocrati
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:55:38 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

Sony hack could be a blueprint for terrorism in the cyber domain.

@Mike    I do agree.   Sony's ineptness has opened a whole new world of possibilities.  Instead of panic, actual leadership skills were needed and those at the top of Sony's Film Division came up short.   

It really is discouraging to see individuals  ( Sony Entertainment  Management ) who earn a considerable amount of money show they are not worth it.  Of course Sony is not alone - but  they certainy subscribe to the philoshpy that " you don't have to really know what you are doing to be paid well".  The top management at Sony are prime examples of the "corporate disconnect" that has been fostered for the past two decades(at least).    

So now Sony becomes a text book case for many things, just add "What not to do with cyber blackmail" to it.

Just don't tell Sony - they will want licensing and residuals from it.

Technocrati
Technocrati,
 User Rank: Ninja
1/19/2015 | 1:45:00 PM
Re: North Korea and Sony: Asking the Wrong Questions ?

"..With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question."

 

@Mike    Thank you for the clarification.  Well I am not so quite persuaded by the FBI's claims, which are at best obvious and at worst " a little late" as well.  This is a multifaceted  issue of course but even this basic point is up for some debate.

 

But since you have no reason not to believe the FBI then I can understand your premise and the resulting argument that comes from it.    Not that I agree of course but at least I understand your position.

mwallsedgewave
mwallsedgewave,
 User Rank: Author
1/18/2015 | 9:31:08 PM
Re: North Korea and Sony: Asking the Wrong Questions ?
The intent of the blog is to suggest possible motivations behind North Korean cyber activity.  With regard to the Sony hack, assuming the FBI is correct (I have no reason to think they arent), then my thought is that the leader of North Korea is lashing out at Sony for producing the movie in question.

Regarding this being an act of terror, I'm only suggesting that the Sony hack could be a blueprint for terrorism in the cyber domain.  Whether intended as terrorism or extrotion, whomever is behind the hack has demonstrated an ability to make a major corporation capitulate to specific demands.  The point I am making is that terror groups are watching, and are learning from the hack.  

I hope that clarifies things a bit and I thank you for the comments!

 

 
Technocrati
Technocrati,
 User Rank: Ninja
1/18/2015 | 9:17:24 PM
North Korea and Sony: Asking the Wrong Questions ?

I am not sure what to conclude from this Blog,  the act against Sony was an act of terror ?  The reason N. Korea responded was because their leader is immature ?   What was the motivation ?   You mentioned nothing about Sony which does bare some ( and some might argue most ) of responsibility for their breech.  

 

I must have missed the point of this Blog because I don't get the point at all. 

mwallsedgewave
mwallsedgewave,
 User Rank: Author
1/16/2015 | 12:19:33 PM
Re: Future Forecast
In traditional warfighting we think of kinetic capabilities as those that result in obvious physical damage e.g. bombs destroying buildings.  While cyber capabilities can certainly create damaging physical effects on networks, military professionals tend to view cyber as a non-kinetic capability, essentially because we dont see things blowing up when cyber is employed. 

However, understanding of the cyber environment is rapidly changing. By that I mean, military professionals are beginning to understand where the cyber domain fits in the group of traditional warfighting domains (land, sea, air).  My thought is that we will get to the point very soon where the cyber domain is recognized in the same way as the traditional warfighting environments, and at that time the term kinetic will mean something different. I hope that helps.
Marilyn Cohodas
Marilyn Cohodas,
 User Rank: Strategist
1/16/2015 | 8:01:51 AM
Re: Future Forecast
So the question I see is...what do alliances really mean in the Cyber world?

Excellent point -- and an issue that is very much TBD.

I'm also curious about your use of the word "kinetic." Wondering if you could explain to a neophyte what you mean by kinetic in this context. 
mwallsedgewave
mwallsedgewave,
 User Rank: Author
1/15/2015 | 5:33:24 PM
Re: Future Forecast
Thats a great question and a topic worth exploring in its own right!

The question is interesting because we tend to view "alliances" in a militarty context.  

In the modern era we have formal treaties like the North Atlantic Treaty Organization (NATO), the "Five Eyes" (an intelligence focused alliance between the US, UK, Canada, Australia and New Zealand), and the South East Asia Treaty Organization (SEATO) to name a few.

If we look at Nations that we (the "Free World") have in recent history (70 years) viewed as adversaries, the picture is a little less clear but we can still discern informal alliances by actions of countries on the geo-politcical scene.  For instance, we know that the Russians are cooperating with the Iranians on nuclear capability; we know that the Iranians and the North Koreans have traded military arms; we know that when there is an international incident, we can generally anticipate how the permanent members of the UN Security Council (the countries with veto power) will vote.  Typically we see the US, UK and France aligned to one point of view, and Russiia and China aligned with an opposing point of view.

So why is this interesting...In the kinetic world, the rules of the game are relatively clear.  If Country A attacks Country B, and there is a formal miltary alliance or implied realtionship between them as Ive described above, the choices are clear for countries aligned with the Countries in question.  In other words, If Germany were attacked by a convential military force, member countries of NATO would be obligated to come to the defense of Germany. In less formal relationships we cant be certain of how a particular country will react, but there is a higher probability that countries in those relationships will respond militraily if one partner is attacked.

In the non-kinetic world, the Cyber Domain, we have already seen how the picture is much less clear.  Imagine if a country attacked a major US corporation, on US soil, with conventional weapons (think the SONY attack with bombs).    It is reasonable to assume that the US would have responded to the attack militarily Fast forward to 2014...same scenario but a cyber attack rather than bombs.  The response was much different.  Sanctions, condemnations, and political posturing...no clear cyber response by the US.

So the question I see is...what do alliances really mean in the Cyber world?
Marilyn Cohodas
Marilyn Cohodas,
 User Rank: Strategist
1/15/2015 | 4:16:13 PM
Re: Future Forecast
I suppose you will get into this in the remaining installments of the series,, but curious.Are there many alliances between nation-state threat actors?
mwallsedgewave
mwallsedgewave,
 User Rank: Author
1/15/2015 | 3:56:08 PM
Re: Future Forecast
Thanks and great questions!

We know that China has maintained a relationship since the Korean Conflict, so it is possible that the 2 countries could collaborate on cyber activities targeting entities that each country may see as either threats, or rich targets of opportunity.  But here is a point to think about...

We know that the Chinese Government has been targeting other Nations for quite some time (reference my last piece on China).  But the question is, "why would China risk what has arguably been a tremendous record of successful exploitation in the cyber domain, by partnering with what is widely considered as a Country with unsohisticated cyber capability, and a completey erratic pattern of behavior on the global geo-political scene?"  I think the answer is, the Chinese Government wouldn't. 
swreynolds92
swreynolds92,
 User Rank: Strategist
1/15/2015 | 2:03:19 PM
Future Forecast
With all the buzz surrounding North Korea hacking Sony, and Admiral Rogers saying China has the ability to shut down our infrastructures, is it possible we could see a cyber collaboration between the two countries in an effort to cripple the US? Should we be fearful considering North Korea injected itself into a huge corporation like Sony Pictures, and China at any point can flip the switch and it seems like we'd be in big, big trouble?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file