I'm not saying it's not NK,just that there are plenty of well funded large scale advanced blackhat organizations (e.g. - Dridex). It's also known that NK has foreign offices in China and elsewhere. Russians recruit hackers for their APT work and in exchange let the hackers do whatever they want,why not NK hackers?
If you were a NK hacker in china,wouldn't it cross your mind to weaponize a treasure trove of NSA tools into a profitable ransomware? Code similarities with lazarus group tools can be explained by this and other similar plausible theories.
NK is low on cash so it could have been a pyongyang directive. But the whole operation lacks a lot of the operational and organizational details a typical APT operation would exhibit. A kill switch but no whitelist to avoid annoying allies. when kill switch was discovered I would expect a nation state operation to quickly adopt. Nation states love hoarding strategic compromises (typically websites,botnets,etc...) As far as I know,no pre-existing botnet or compromised sites took part in catalyzing the worm.
Again,not saying it's not NK,I'm just saying a few too many things seem off, I take this attribution with a few grains of salt.
I doubt WannaCry or the Shadow Brokers leaks were meant to actually make money. They seem more like they were executed to make NSA look worse than it already does. Most of the recent sensationalized leaks have seemed to fit that bill.
But you're right, attribution here is dangerous unless they have some solid evidence.
>But the whole operation lacks a lot of the operational and organizational details a typical APT operation would exhibit. A kill switch but no whitelist to avoid annoying allies.
nobody ever accused nk of being elite. it would be frankly much more surprising if their cyber programs were on par with china or russia.
It's not a question of being "elite" although based on known intel I think they are, But a question of organization and resources government backed teams exhibit. Even a team of noobs if backed by a government can at least rent botnets and have backup plans to adopt to quickly.
As always, the issue is credibility. Among the small group of reality-based people in the US, the government has absolutely no credibility. Unless and until independently verifiable proof of their assertion is released, nobody with a shred of intelligence or critical thinking skills should believe anything they say. This is especially true when they want to slaughter countless numbers of people based on an unsupported assertion.
Kind of tangential, but what how did we retaliate against NK last time it was "asserted" that NK was behind cyberattacks --i.e. "Sony hack" IIRC, Obama said we'd respond appropriately at a time of our choosing, or words to that effect.
Difficult to say with certainty; it's not like the DPRK is going to put out a press release that they've been hacked, if they were hacked.
All in all a pretty good response on Obama's part; it didn't demand immediate visible action but preserved freedom of maneuver; later, if a US cyberattack had come to light, it would have been a sort of chit that could have been redeemed by way of justification.
As someone else here has noted, it is impressive what DPRK has put together with comparatively limited resources. It makes me wonder what the cyber-landscape is going to look like in the coming years as the U.S. continues to ostracize the already scarce few who actually know how to reverse engineer malware, AND have the ethics to properly report it.
If this is not the most convenient way to justify going to war with North Korea then I don’t know what is. It is almost as if the hackers WANTED to get caught by reusing code that was previously used in an attack initiated by North Korea.
Also we shouldn’t forget that it was an exploit developed by the NSA to begin with.
In the run-up to the Iraq war there was this group of UN weapons inspectors that had concluded based on the available evidence that Saddam did not have WMD.
That did not stop the UK from going ahead with their bit in the Gulf War. If a war is to be had evidence doesn't really matter. It could be fabricated far easier than you could have real evidence, history has quite a few examples.
Given the current political climate in the UK I would not put it past them to start making stuff up, a distraction from internal strife is always a good reason to start a war.
Microsoft - I hope - is another matter.
The reason why - at least, to me - there is little point to either the UK or the US wanting to start a war with NK is that unlike Iraq NK actually has a good chance of inflicting massive damage on an ally. Plus the lottery ticket of Kim being able to lob a nuke halfway across the globe and make it stick even if attacked might be another item that gives pause to the powers that be.
So, whether NK is behind these attacks or not is absent very solid proof an open question, whether or not the government is laying the grounds for war hardly matters, those are not necessarily connected, though they could be it would be a first to go to a shooting war with a nation state over a cyber attack.
The one point that might matter is if one thinks about how the US switched to being all rah rah after we went to war against Iraq for WMD as you describe and some pretty tenuous claims to a connection with terrorism. It does not seem to be outside the realm of possibility that it would not be beneath an unpopular government to use that as a motivation to make itself unassailable ( as in we're at war, it's unpatriotic to not support the flag/troops.)
A lot of evidence points to the official US entry into the shooting war in Vietnam after what appeared to be totally fictional attacks on the US Navy - because the president did not want to appear to be weak.
The other thing is the act of congress enabling the President to authorize force after 9/11 is almost unconditional if he/she just says terrorism. We should have rescinded that after Osama bin Ladin was killed.
There are a number of conspiracy theories floating around regarding the reasoning behind the war in Iraq and the role that US, UK, and Iran all played.
The weapons inspectors repeatedly said there were no weapons. At the time it was pretty obvious that Bush had already made the decision and the weapon inspectors were an obstacle for getting the war on.
"Kelly believed it was most likely that Iraq had retained some biological weapons after the end of inspections.[7] After the end of the ground war, he was invited to join the inspection team attempting to find any trace of weapons of mass destruction programmes and was apparently enthusiastic about resuming his work there. He made two attempted trips to Iraq. The first was on 19 May 2003 when he was prevented from entering Iraq from Kuwait because he did not have the proper documents.
The second trip was from 5 June 2003 to 11 June 2003 when Kelly went to view and photograph two alleged mobile weapons laboratories as a part of a third inspection team. Kelly was unhappy with the description of the trailers and spoke off the record to The Observer, which, on 15 June 2003, quoted "a British scientist and biological weapons expert, who has examined the trailers in Iraq." The expert said:
They are not mobile germ warfare laboratories.
You could not use them for making biological weapons.
They do not even look like them. They are exactly what
the Iraqis said they were – facilities for the
production of hydrogen gas to fill balloons.
It was confirmed in the Hutton Inquiry that Kelly was the source of this quote."
The claim was that Iraq threatened USA. At the time, everybody knew this was a lie. Iraq did not have capable missiles to reach US territory and claims that it had a secret nuclear program were extremely dubious. Remember : the fear was nuclear ICBM, this is what was hammered in the media. They fell back to chemical weapons, but if the US plans to invade every country with a stock of chemical weapons, good fucking luck!
Colin Powell, presenting the threats to the UN council, put forward a nuclear threat. He used as proofs, documents that were fake. "Obvious fake" as the head of the International Atomic Energy Agency would call them: http://edition.cnn.com/2003/US/03/14/sprj.irq.documents/
What he said about it: "My colleagues, every statement I make today is backed up by sources, solid sources. These are not assertions. What we're giving you are facts and conclusions based on solid intelligence."
Iraq was (correctly it appears, in hindsight) fearing an invasion so it was worried that opening up to foreign inspectors would lead to espionage to prepare the invading forces.
In the end, as a last hope to preserve peace, it allowed inspectors in a mission, led by Hans Blix. Here is how he described the cooperation of Iraqi forces:
"Iraq has on the whole cooperated rather well so far with Unmovic in this field. The most important point to make is that access has been provided to all sites we have wanted to inspect and with one exception it has been prompt. We have further had great help in building up the infrastructure of our office in Baghdad and the field office in Mosul. Arrangements and services for our plane and our helicopters have been good. The environment has been workable."
> If I believed any conspiracy as far as Iraq goes
US disregarded that and still decided to invade. No one had a single doubt that this was about oil.
Iraq is a clear case of a conspiracy. This is actually a very good counter-point to conspiracy theorists: When a government tries to lie about something, it is really obvious, and it still works.
Admittedly, I'm only 30 so I was an angsty teen who blindly opposed it and everything the Bush administration did. I've only recently been starting to rebuild some faith in government (what a time to do so).
> US disregarded that and still decided to invade. No one had a single doubt that this was about oil.
I remember that being what everyone cried in opposition to the war with Iraq but I never understood it. How did oil factor into the war?
"Oil" is a kind of summary but not the over-simplification that we often make it sound like. Iraq has the 5th oil reserves in the world and posed no threats to US and was not financing terrorism. If anything it kept Iran busy which would be in US' interest.
The true motivations of the different actors are diverse and as the president and his team is effectively above the law since Obama said he would not open an investigation for war crimes, we will have only speculations.
Rumsfeld and Wolfowitz are core believer of the "Project for the New American Century" thinktank that sees the war against terrorism as WW4 (Cold War being WW3) and sees seizing oil resources as primordial. Yes, this is a really simplistic vision, but remember that these people are just slightly more intellectual than Trump's team...
Oil is an oversimplification. The US could have just bought all the oil it wanted from Iraq at market prices for less than the cost of going to war, and the Hussein regime would have been happy to sell it at those same prices. So that doesn't really fly as a whole explanation.
The Bush Adm. had its eyes on Iraq pre-9/11. It's mostly forgotten now, but there were Tomahawk cruise missile attacks on Iraq in the summer of 2001. I remember discussing it and even noted in a journal entry that summer that it looked like G.W.B. wanted to go back and finish G.H.W.B.'s job.
It was not as straightforward as just oil. I think that eventually history will settle on it being a more complex set of factors, some of which boiled down to personal animosity by the President, and a feeling that Hussein had been given a free pass by the US in 1991 and was using it to thumb his nose at the West and, in doing so, was in a position to build up power and status within the region on the basis of having "survived" a US-led invasion and deposition attempt. To conservative hawks, his continued existence was a reminder of US failure and impotence, which didn't fit with the US's unipolar, pax Americana / "hyperpower" ambitions at the time. It wasn't a war for territory as much as it was a very public execution (or, politely, "regime change"), pour encourager les autres.
Hussein was a dead man, in retrospect, when G.W.B. got elected; it just took the administration a while to figure out how to get the war they'd wanted from the beginning out of the post-9/11 environment. Absent 9/11, if you look at what was going on during the early months of the G.W. Bush presidency, they would probably have found a way to push Hussein into giving them a casus belli anyway (it's not like Saddam was the most level-headed dictator; given the resources of the entire State Department, one can safely assume the US would have come up with a way of making him overreach, and then grab that overreach to pull him off the cliff and into destruction).
The oil and strategic position of Iraq viz. Iran, Russia, Turkey, etc., certainly helped make the case and pushed aside what might have been probable objections (if we invade, how can we survive an oil boycott, a la 1973?), but saying that it was a "war for oil" as is sometimes claimed doesn't really wash. You don't need to go to war for oil at the price the US goes to war for, you just buy the damn oil. You go to war for things you can't buy with money.
Thanks. That sounds more plausible. I'd suspected it had more to do with Iran/Russia but Bush Jr probably did come into office with some agenda.
I still don't understand why everyone keeps bringing this up as evidence that our approach towards NK is war mongering. Maybe some attention to NK has more to do with China and Russia than people tend to focus on, but it doesn't mean NK isn't a bad actor.
The US and UK currently control 35% of the oil reserves in Iraq, and US/UK companies made huge amounts of money rebuilding the infrastructure destroyed in both wars.
Or it could be that the Tories/NHS are trying to scrape some egg off their face for being so fucking stupid and cheap as to keep running XP.
The general public is a bit more forgiving when you're taken down by a nation state rather than a bunch of criminals preying on a deliberately unlocked door.
Microsoft, probably being mildly cognizant that you don't win new contracts by accusing lucrative customers of rank fucking idiocy especially when it's true, will naturally play along with the conspiracy theory, especially since the chances of strong evidence pointing to the actual culprits coming to light are so low.
> In October, Microsoft officially blamed North Korea,
I can see why Microsoft would want to deflect attention from its own failings to the bogeyman of the week, but I'm not sure what qualifies a private business to "officially" pronounce on weighty geopolitical matters that could result in WWIII.
When Microsoft falsely blamed Intel for Microsoft Surface failures[1], or falsely marked a non-Microsoft web browser as malware and removed it from thousands of PCs[2], at least the lives of millions of people weren't at stake.
A nation state would collapse long before it reached the point of being so broke it had to rely on - FFS - a Bitcoin ransomware attack to survive. I can't believe I'm actually having to type such an obvious thing, but apparently some people think otherwise.
What's North Korea's back up plan for economic survival, a chain letter?
It's a sorry world when people give the time of day to such transparently obvious and nonsensical propaganda, intended to suck us into yet another bloodbath, just because NK isn't a nice place to live.
> as did the UK government, neither of whom is trying to lay the groundwork for war.
Assuming that wasn't as a joke: the UK has been a lapdog of the USA (aka "Special Relationship"[3]) if not since WWII, certainly since the 1980s, when British people themselves openly referred to their country, even in popular chart songs[4][5], as the 51st State.
Of course the UK lacks the status and relevance in Washington DC of a real US state, and is simply treated (and behaves accordingly) like a reserve branch of US armed forces, supporting wars that serve US interests, including the one where at least 20% of North Korean human beings were exterminated by the US military.
North Korea has confirmed WMDs, has the ability to strike US soil with them, and likely has the ability to strike the Continental US. Meanwhile North Korea is also guilty of some of the worst human rights violations since the end of WWII. If the US does end up in a war with North Korea ransomware is going to be nowhere near the top of the list of casus belli.
Funnily, being capable of attacking America and humans rights violations on their own are not valid casus belli. The US or an ally being attacked is, so a digital attack would make for their best available case.
North Korea has confirmed WMDs, has the ability to strike US soil with them, and likely has the ability to strike the Continental US.
Citation?
My understanding is than they are likely able to hit the continental US with an unarmed ICBM, and that it is highly unlikely that they would be able to do so with the added weight of a nuclear warhead.
They've demonstrated the capability of probably being able to hit the West coast of the continental US with a missile; they also have some nuclear weapon capability which may or may not be a true "hydrogen bomb". I don't think anyone outside of N. Korea knows what their exact capability is on any particular day -- which is probably exactly what they want.
There is a realistic concern about the pace of their developments, though, which is IMO the real food for thought.
Most analysis from more than 12 months ago did not assume they would make the advances in missile range or throw weight that they have, which raises concerns that another state is helping them (actively or inadvertently). If that is the case, they might also be able to miniaturize their weapons more quickly than originally estimated as well.
Absent some outside factor, it's safe to assume that at some point in the not too distant future, they will get the combination of weapon mass down, and missile throw weight up, such that the two meet and give them enough range to hit the continental US.
Most arms control theories suggest that it's better to be clear about what your responses will be to particular stimulus ("deterrence signals"), in order to reduce the threat of an accidental war. IMO, if the US leadership was more competent or even credibly sane, the best-possible response to N. Korea would be a system of "red lines" composed of DPRK actions and pre-planned US reactions, in consultation or at least full view of other nuclear states (principally China and Russia; the South Koreans would hopefully have some say over the responses, although they might do well to distance themselves). I've read some essays that suggest there was an understanding between the US and USSR in the 80s regarding Libya to something like this effect.
But of course, the US is not really credible at the moment in terms of internal consistency or rational behavior, which makes rational-actor game theory, on which a lot of deterrence is based, difficult.
Do you really think the US is going to enter a nuclear war with a nation over some ransomware that netted approximately $150k(back when it happened - if they held onto that BTC they now have almost a $1,000,000)?
Wannacry had a really obvious and weird kill-switch ( presumably to limit damage ) an un-registered domain[1].
Marcus Hutchins a British security researcher registered this domain.
As the domain offswitch ping was obvious Hutchins was seemingly the only competent researcher who read the source code.
Hutchins, Britain's Saviour of the NHS[2] (Britain's National Health Service) was outed by the British tabloid press that published his home address.
Next Marcus Hutchins was arrested while attending DefCon and is currently awaiting trial in the US on unrelated charges. [3]
Wannacry had spread throughout the NHS and was preventing actual life saving operations, it spread on some Microsoft XP and mostly unpatched 7 systems, from the audit:
"NHS Digital told us that all organisations infected by WannaCry shared
the same vulnerability and could have taken relatively simple action to protect
themselves
.
... NHS Digital told us that the majority of NHS devices infected were
unpatched but on supported Microsoft Windows 7 operating systems. Unsupported
devices (those on XP) were in the minority of identified issues. NHS Digital has also
confirmed that the ransomware spread via the internet, including through the N3
network (the broadband network connecting all NHS sites in England),"[4] NHS Digital Audit
From a comedic dystopian science fiction perspective this coincides the politics of underfunding the NHS, institutional costs of running Microsoft's patches on vital life-saving equipment, the US intelligence services offensive rather than defensive playbook, and an "unlikely" hero.
Might make a great novel except if ludicrously we are about to live it as a pretext.
> As the domain offswitch ping was obvious Hutchins was seemingly the only competent researcher who read the source code.
If iirc it was an accidental discovery of the kill switch. He noticed the pings to the domain, noticed it was un-reg’ed, thought “hmmm if I reg this domain I will be able to see how many other infections and their location when they ping home”. So reg’ed the domain.
It was then when he noticed the code would quit out if the domain was in use.
It's essential to remember that many wars begin with errors of attribution, and many of those errors are intentional or at least reflect a strong bias in the accusers. Examples off the top of my head:
* 'Remember the Maine' instigated the Spanish-American War, but much evidence says the Maine was destroyed by accident. William Randolph Hearst, a leading publisher of yellow journalism, famously promised a compatriot: "You furnish the pictures and I'll furnish the war".
* The Gulf of Tonkin incident instigated American involvment in the Vietnam War.
* Iraq's weapons of mass destruction program, which didn't exist, instigated the Iraq War.
In today's case, I trust the source much less than many of those who have made prior errors. I also note that it was a the head of Homeland Security, a political appointee, who made the accusation. It was not the head of the FBI or an intelligence agency; it is not represented, at least in the reporting I've seen, as a consensus of the US intelligence community; I also note that the White House has left some distance between itself and the accusation - it's not made by the President or his National Security Advisor, for example.
Also, the very serious accusation rings of hype. North Korea has acted especially badly, largely unchecked, for more than a decade, which is false and a political swipe at the prior President. If that part of the accusation is exaggerated and political, I wonder about the other parts, and I wonder about the accusers ability or willingness to separate politics from very serious policy.
Despite the truth of your historical timeline, 'WannaCry' does neatly fit the profile of Room 39, a department of the North Korean government which raises foreign currency through cybercrime and other criminal activities [0][1]. They have been implicated in past hacks by non-U.S. groups as well, including Kaspersky Labs [2].
Thanks; that's valuable to know. And certainly past mis-attribution does not make every attribution false.
> 'WannaCry' does neatly fit the profile of Room 39
Let's keep in mind that for state-level intelligence agencies, sophisticated frame jobs are normal activities and attribution of IT attacks is difficult. Again, that doesn't rule out NK in any way, but in this situation the profile of behavior doesn't tell us much (though I do value the other evidence in the parent).
It's possibly _also_ a political swipe, but I fail to see how it's false - North Korea has certainly acted poorly (e.g. the kidnap of thousands).
I'll agree that leaving a misleading digital trail is, relatively speaking, easy, but that doesn't mean it's false either - it is entirely fitting with how NK is known to operate.
> 's possibly _also_ a political swipe, but I fail to see how it's false - North Korea has certainly acted poorly (e.g. the kidnap of thousands).
The false statement is not that NK is acting badly, but that they are largely unchecked. The U.S. maintains a large military presence and major alliance in S. Korea for the purpose of checking NK. They arm SK and Japan and train with them, specifically to check NK. They pass end enforce domestic and international sanctions, intercept NK ships, spy on NK, and infiltrate and sabotage NK's military programs. The claim that NK is largely unchecked is absurd.
They've tried to kill the South Korean president every chance they got, kidnap citizens to train spies, blew up civilian airplanes, killed an American soldier over a fucking tree near the DMZ, multiple tunnels underground for invasion discovered, Pueblo, shelled an island, sunk a frigate.
Yeah I'd say they are unchecked and have been acting bad ever since day 1. I mean the whole Korean War started because of that one fat fuck.
If that is acting badly then how would you describe how the UK and the US have been acting in the same period? We've overthrown governments, started numerous wars in foreign lands and have the blood of millions of innocent people on our hands.
North Korea may have been acting badly, but we can't exactly claim the moral high ground. "People in glass houses shouldn't throw stones"
> If that is acting badly then how would you describe how the UK and the US have been acting in the same period?
ah there's the whataboutism
it's an overused and a poor case against the West.
Yes, North Korea has been acting particularly bad, as Korean, it strongly irks me when people talk out of their mouth when they aren't familiar with the subject.
South Korea has constantly suffered the brunt of North Korea aggression. It's hard to continue a logical debate with somebody who rejects facts and continues to make illogical arguments.
Seems like you are born in Czech. I think USSR was in the right when they crushed dissent because Czech was a bad communist country. See how that works?
If you think I've got some anti-west agenda, this is not the case. Here's all that I think - we've basically invaded and ruined so many countries over the last 50 years or so, and generally left them worse off. I want that and the hawkish, pro-war, "the other guys are bad, and we are good" rhetoric to stop. That's it. We can't just bat away all criticism or context by dismissing it as "whataboutism". It is very tempting but it is lazy and it does not serve you - it lets our leaders off the hook, normalises hatred & suffering, and permits the cycle of violence to continue.
It also sounds like you're trying to rile me up by making a very "edgy" comment about the Prague Spring but that won't work because:
a) I'm not Czech (the "we" I'm referring to is the UK, my home country)
b) It was a poorly crafted analogy, in kinda poor taste
So you'd understand why I took offense to your comment that "North Korea didnt do anything wrong", and if you were Czech you'd take offense to the Prague Spring because you know that USSR "did very wrong".
I have trouble understanding people defending a country like North Korea out of all places with little understanding of the danger they pose and have posed since day 1.
Look, you're getting all worked up about a comment you invented about me (I never commented that NK did nothing wrong) ... and then you're trolling me assuming I did say it, and suggested I would've been upset about the trolling if I also satisfied another of your inventions (my nationality).
Dude, this is getting too weird for me I'm afraid. I'm out.
No, because not even Americans are stupid enough to believe the US will do a "military action" on a nuclear power. Fewer still see malware as casus belli.
We have "render safe" procedures for e.g. a collapse of the Pakistani government. We likely have similar plans for North Korea. In any case, the nukes aren't the insurmountable problem. It's the volumes of hidden artillery trained on Seoul that are problematic.
I find it intriguing that people somehow seems to know who's behind stuff. It's not exactly hard to hide all traces, so I find it hard to believe that a state would fail doing so.
The US is clearly the one to blame for WannaCry. If it wasn't for the NSA leaking and not reporting vurnerabilities this would probably never have happened.
Perfect operational security is insanely hard, especially once an organization grows beyond a few people.
Theorizing about the ways one might perfectly cover all traces of an attack is quite a bit different from executing an attack against a large organization, moving through their systems and networks to look for sensitive data, exfiltrating the data, and then repeating this process for dozens of targets, year after year, without ever being detected or ever leaving a trace of anything.
More intriguing to me is how some people here are trying to claim this isn't North Korea, where it has all the markings of past North Korean cyberattacks and consistent with published findings about their specific departments tasked with the goal of raising money for Kim's private fund.
My guess is that it's most likely just a kid somewhere who had some fun.
Considering the kill switch the person behind this clearly didn't have much experience, so I find it very very hard to belive that some other state than the US was involved in this.
You should really distinguish between "the US" and "the Trump admin". This may be a little hard, but the latter has no credibility internationally.
The Trump administration is clearly pushing for a stronger take on North Korea and its had no problems lying in the past. Sure North Korea might be behind this, but at this point Trumps credibility is so low they might as well be blaming unicorns.
> You should really distinguish between "the US" and "the Trump admin".
Is this a thing that is possible to do? Given that the trump admin is literally the highest office in the US, and it's common for the lower orgs to parrot things from the top, it seems very difficult to make this distinction.
I was about to write "I'm not sure pointing fingers like that is the best diplomatic attitude there is", but then I thought I should read the article first.
Amusingly enough, when the page showed up, I saw the accompanying video thumbnail which was precisely a hand with a pointing finger.
That's not as important as the fact that it spies on foreigners and hacks their computers. Americans somehow decided spying and hacking is OK as long as it's being done to others, not themselves. They shouldn't be surprised that other countries hold the reciprocal views.
Other countries will hold reciprocal views regardless of American sentiments on the issue. Nations are not people and hypocrisy doesn't matter on an international scale. Any student of history would see this.
> If you don't like what's being said, change the conversation...
Maybe. There's probably also a lot of countries who would love nothing more than to grab some popcorn and watch the U.S. and North Korea start nuking each other, much the same way that the U.S. 'manages' the Middle East and South America by getting random countries to start genociding each other.
And indeed, perhaps they have manipulated NK to become just the threat that they need. Scary enough, but not very dangerous. Except to SK and Japan. And to China, which may in fact be the primary target.
The issue with NK, as with virtually all international issues as regards our country, is the zeal those who run the country have for global military empire - US(NATO) global hegemony. China (understandably) does not want, and will not allow US troops to mass on their border. As long as South Korea remains a client state of the US(NATO) with tens of thousands of US troops, multiple bases, missiles, bombers, ships, and anti-missile batteries stationed there, the Chinese will do everything in their power to support the survival of North Korean regime as a buffer, no matter how insane or dangerous NK is described as being (or actually is). For the Chinese, it is far more dangerous to have US(NATO) forces, that(unlike North Korea) have proven their willingness to invade and topple governments resistant to their policy of global hegemony.
The simple truth is that we decimated Korea, a country on the other side of the world, with horrific bombings, an invasion and subsequent occupation that has lasted for over half a century (and which continues to this very day). The bifurcation of the Koreas was (and remains) the direct result of our military adventures. Our "ally" South Korea was a military dictatorship until well into the 1980s. Unfortunately not 1 in 100 Americans could find Korea on a map, let alone describe the history of our involvement there. Consequently, its very easy to paint the North Koreans as some sort of unhinged bunch of lunatics that simply "hate us for our freedoms" rather than for atrocities we actually committed. This lack of understanding and ignorance of history is what allows the "bipartisan" war party of Democrats and Republicans in Congress to paint opponents of war and advocates of peace as "Russian propagandists".
We stand on the edge of what could very well be a civilization-ending war (in more than one place) while most Americans nod dully, with glazed over eyes, uncritically accepting government propaganda as gospel. In the not-so-recent past I was chided by the owner of HN for quoting Goebbels to describe the tactics of our government and the ignorance of our people, but silence is complicity. The North Korea situation (like the "Russia conspiracy") once again demands its recitation:
Why, of course, the people don’t want war. Why would some poor slob on a farm want to risk his life in a war when the best that he can get out of it is to come back to his farm in one piece. Naturally, the common people don’t want war; neither in Russia nor in England nor in America, nor for that matter in Germany. That is understood. But, after all, it is the leaders of the country who determine the policy and it is always a simple matter to drag the people along, whether it is a democracy or a fascist dictatorship or a Parliament or a Communist dictatorship…
Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country.
Indeed, nations define and sustain themselves through their enemies. And, to perhaps belabor the point, that serves all nations in conflict. Or at least, it serves their ruling elites. Who are fundamentally all kleptocrats.
There's a sequence in Takashi Miike's "Izo" that's very reminiscent of that Goebbels quote: https://www.youtube.com/watch?v=RKG6eOSwSa4 Izo was a samurai/assassin who was crucified in 1865, and the film is an extended (and extremely bloody) meditation on social manipulation.
That isn't the point. The exploits WannaCry abused were known by this organization and not made known to Microsoft so that they could be exploited and not patched.
Since many of these machines ran critical services, this was a hostile act against the general public of the United States and all blame falls on them.
I've got to say, I'm incredibly impressed by how a country with zero computer education or infrastructure manages to launch a successful cyber attack against the most militaristically aggressive nation on earth right as that country is trying to pin them--a country with zero conflicts in 60 years--as the world's biggest threat.
There was some kidnapping, terrorism, artillery fire and missile launches in those 60 years. Not exactly what most people would call "zero conflicts".
It's not particularly hard to get some software people. You may notice they've trained and hired enough people to run their nuclear program. That's a lot harder than cobbling together some software exploits.
> Bull then started work on the "real" PC-2 machine, a gun that was 150 meters long, weighed 2,100 tonnes, with a bore of one meter (39 inches). It was to be capable of placing a 2,000-kilogram projectile into orbit.
Also noticed you were downvoted, can't figure why anyone would do that. Maybe they disagree that NK can employ black hats, but why not just comment on that in a reply...
As far as I'm aware, a gun can't shoot a projectile into orbit - no matter how high it shoots a ballistic, the ballistic will eventually come back to earth (unless it gets captured by another body's gravitational field). In order to achieve orbit, you need to impart additional energy onto the object in order for it to get enough velocity to actually orbit.
Not from the Earth, no (not easily, anyway). Bull's plan involved using a gun to replace the heavy first stage of a multi-stage rocket.
The Iraqis didn't have the rocket technology (of course, that's why they hired Bull!), which would probably have looked like the US "Sprint" missile, and at the very raw edge of what was feasible at the time.
Interestingly, though, you can get from the Moon back to the Earth using only a gun-type launcher, IIRC. Some lunar mining concepts use this as a way for mined minerals to get back home without uneconomical use of rocket fuel -- typical schemes I've seen tossed around use various electromagnetic launchers with solar panels or nuclear reactors providing the juice. I've never run the numbers myself -- maybe some Kerbal Space Program junkie can figure it out though?
Probably the best use case for gun-type launchers is for orbital transfers of unmanned cargo. There were some neat ideas tossed around in the 80s of having a big satellite or space station with a nuclear reactor serve as a launch platform for small cargo pods, which would lack their own engines. As long as you balanced the number of "up" and "down" pods, you could keep the launch platform in an approximately stable orbit, supposedly. Very hard to do without a big honking nuclear reactor though.
The plan wasn't to get into orbit with the gun alone. They had designed shells that had rocket motors in them, to get them to orbital velocity. The gun was simply the first stage.
The critical problem with using a gun though, is the sheer amount of force applied when firing the gun. They couldn't even get dummy payloads to work correctly, the rockets motors warped due to the forces involved.
IIRC one solution is to use pressurized hydrogen gas pumped through a heat exchanger instead of explosive charges. That way, the pressures and temperatures involved can be controlled precisely.
> the ballistic will eventually come back to earth (unless it gets captured by another body's gravitational field)
Although ridiculously difficult and inefficient, it's possible to achieve orbit with just a gun, and another body's gravitational field. It doesn't need to be captured by said field, it can just be influenced enough to stabilise it's orbit.
> In a three-body or larger system, a gravity assist trajectory might be available such that a carefully aimed escape velocity projectile would have its trajectory modified by the gravitational fields of other bodies in the system such that the projectile would eventually return to orbit the initial planet using only the launch delta-v [1]
You are probably right, I just copied it from Wikipedia verbatim. I did have the "citation needed" label. My pedestrian take on this is if Iraq could afford to build a gun which shoots satellites into orbit, after all these years we'd have a few of those around by now. But it just highlighted the craziness and planned scale of the project. The assassination of course also adds to the intrigue.
It's not as if they don't have computers [1]. Besides, the WannaCry attack was mostly facilitated by exploits that were leaked by Shadow Brokers [2] [3]. The skills required to slap those exploits onto a basic ransomware tool weren't very demanding.
They don't have zero computer education or infrastructure though. Although the details will never be known, they've been known to have a pretty strong education system. I know this example can be considered moot, but their IMO (International Math Olympiad) performance has been stellar, so if they can apply the same methodology to Computer Science and Education, it's possible that they have some skilled "hackers."
Why? It's not like you have to invest in expensive equipment and enrol into some kind of specialist training programme that only some countries have access to. You just need a computer, access to material online and determination. Plenty of hacks and viruses are done by independent individuals and small groups not linked to the government.
Ya, but you need enable actors to learn. This is the dichotomy I too don't understand about NK - how do you presumably give software engineers access to the internet, while still restricting them to your firewall and still be able to create sophisticated malware. At some point those engineers will "stumble" on information that says "you're not free in your country...get out"...no?
Simply hearing the message "you're not free in your country...get out" is far from enough for the average person. They are completely inundated from birth with worship of the Great Leader.
There's an awesome book called "Mig Pilot" by John Barron that details the story of a Soviet defector in the 80s. He talks about how he believed everything from the US was actually propaganda. He didn't even believe the grocery stores were real. It's a fascinating read.
North Korea punishes your whole family if you misbehave.
If you're a North Korean hacker, you're probably living better than 95% of the country. You and your family probably get to live in Pyongyang and get good food, housing, healthcare, opportunities for your children, and so forth.
Why would you risk that? What could you, as one person, possibly do that would have any chance of success in fixing your country? The only thing you would get is your whole family thrown into a labor camp for the rest of your lives.
If you've ever seen NKs propaganda videos about Americans being brainwashed slaves to commercialism (set to insane black friday footage that makes their point very well) you will understand how being told that they are not free will have minimal impact. The "hackers" are probably part of the elite ruling party and quite happy with their position in society. Just like the SV software engineer living in the homeless hellscape of San Francisco is also quite happy whilst walking amongst the lost and destitute on a daily basis.
Just like how China funnels missile technology to DPRK and then feigns shock when they have a success, I wouldn't be surprised this was a gift from Unit 61398.
>right as that country is trying to pin them--a country with zero conflicts in 60 years--as the world's biggest threat.
What's the implication here? That the US is somehow unjustified in being alarmed by NK becoming a full nuclear power, soon with worldwide ICBM range?
Think about the situation in that country. A small cabal of crooks lives like kings while the rest of the country suffers a never ending reign of terror, involving public executions in school yards, horrific labor camps, total surveillance, punishment of whole families, etc. The guy in charge is a sicko who executed his uncle with an anti-aircraft gun, and probably had a good laugh throughout the whole thing. The previous leader, his father, did such things as kidnap South Korean actors to force them to put on shows for him. These are deeply deranged people.
Now imagine that regime on the verge of collapse, for one of the many possible reasons that could happen. The cabal of crooks know that they will all be executed by the North Korean people for their crimes.
How sure are you that, when that moment comes, the regime won't launch nukes against all of their longtime enemies, just for the hell of it as a parting fuck you to the world?
That North Korea is justified in building up their arsenal to protect themselves from a country that has actively sought to topple other governments it simply just doesn't like.
That vast majority of threats North Korea makes are "If America does this, we will retaliate." Meanwhile, American politicians endlessly call for preemptive strikes on Iran and North Korea because they've allegedly been on the verge of wiping out humanity for decades now. I've stopped buying the bullshit, but the "Kim Jong Un got gout from cheese and died but only before killing his uncle with an antiaircraft gun" headlines keep rolling.
Considering their likely military budget, it's not hard to imagine they could train a small percentage of the military in cyberespionage. Or they could outsource it to other nation-states or organizations. It isn't that difficult to find talented, (ostensibly) nationalistic kids, train them for years, and have them conduct operations like this.
Lol. They have a determined crew of 6,000 hackers. [0] They stole $100 million from the Bank of Bangladesh in a Dridex attack, and nearly made off with another billion dollars or so. Now, stealing from a needy country like Bangladesh, that's despicable. [1]
They also have perhaps the most controlling state in history and they are disciplined, if poor. In fact, according to a holocaust survivor who was subsequently a judge at the International Court of Justice at The Hague, North Korea's political prison system is as bad as or worse than the Nazis'. [2]
They have zero human rights, no real justice system, gays and lesbians are put to death, mixed-blood children are murdered by the state (the government is openly and bone-chillingly racist).
As for "zero conflicts" you can thank geography and Pax Americana for that as there has been no one for the North Koreans' to attack, though have been constant int'l abductions and assassinations (incl an attempt on the South Korean president), the destruction of a passenger jet, the torpedoing of a South Korean navy vessel, the shelling of a South Korean island, constant drug sales and arms sales by the government including the sale and construction of a nuclear plant to and for Syria, the sale of chemical weapons (those kids killed in gas attacks in Syria, yep, North Korean gas), the overseas sale of hard drugs by the government to raise foreign revenue, and most important and egregious, the wholesale murder and enslavement of their own citizens, if the word "citizen" can be used. In the 1990's during the "Arduous March" the government allowed up to a million people, 5% or the population, to starve unnecessarily while food aid was diverted to the military and funds were used to build up their nuclear program. Malnutrition was the norm. Since being established by the Soviet Union, the DPRK (Democratic People's Republic of Korea -- and the only honest word that name is "Korea") have consistently threatened their neighbors, once invading South Korea with full force after receiving Stalin's approval (a fact which can be read in the Soviet archives). If they haven't attacked again, it's purely because they don't have the means. Oh yes, and they have been hacking, and are considered one of the world's seven cyberpowers along with the U.S., Russia, China, the U.K., Iran, and France. [3]
I don't mean to say that nobody ever has a happy life in North Korea. And I don't have time to go on and on about North Korea, but to pretend that they are mere victims is ludicrous. They inherit some of the worst aspects of the old Joseon Dynasty, the Japanese Empire, and Stalin-era Soviet Union, and manage to add to that.
This isn't to say that the U.S. is without significant blame, of course not. For example the U.S. punished and traumatize North Koreans with an unbelievably destructive wartime bombing campaign after the North invaded the South. But despite serious mistakes the overall aim of the U.S. has been to create a world of growth and stability. During this Pax Americana, with and because of the help from allies and the creation of a global community of states, the world has indeed grown faster than ever before, despite everything that's gone wrong, and there has been less violence.
I'm not saying it's not NK,just that there are plenty of well funded large scale advanced blackhat organizations (e.g. - Dridex). It's also known that NK has foreign offices in China and elsewhere. Russians recruit hackers for their APT work and in exchange let the hackers do whatever they want,why not NK hackers?
If you were a NK hacker in china,wouldn't it cross your mind to weaponize a treasure trove of NSA tools into a profitable ransomware? Code similarities with lazarus group tools can be explained by this and other similar plausible theories.
NK is low on cash so it could have been a pyongyang directive. But the whole operation lacks a lot of the operational and organizational details a typical APT operation would exhibit. A kill switch but no whitelist to avoid annoying allies. when kill switch was discovered I would expect a nation state operation to quickly adopt. Nation states love hoarding strategic compromises (typically websites,botnets,etc...) As far as I know,no pre-existing botnet or compromised sites took part in catalyzing the worm.
Again,not saying it's not NK,I'm just saying a few too many things seem off, I take this attribution with a few grains of salt.