Sanctions shut them out of the legitimate economy. Probably easiest make money in the black market for illegal goods than in the black market for goods everyone else can sell legally.
This article to me is just more evidence that North Korea was not behind the Sony hack and possibly other high-profile attacks attributed to them.
I mean on the Sony end you have something requiring extreme sophistication and technical knowledge to pull something like that off.. and this article depicts North Korean hackers exactly how you picture them. Barely owning computers, not having enough to survive themselves, poorly organized, and grinding video games and selling pirated software as a means to make ends meet.
These two parallel depictions of the same group never seem to cross except in the opening paragraphs of articles where the reader is meant to assume that these groups are one in the same.
What about the Sony hack required extreme sophistication? The GoP's original emails were ignored because they seemed like people who didn't know what they were doing. The source IPs were from a North Korean business in China. The malware matched what had previously only been used against South Korean banks, also from North Korean IPs. The reason the North Korean source IPs were seen accessing GoP's Facebook page and the compromised systems was due to sloppiness on the part of the attacker.
What motive does anyone else have to demand either that The Interview not be released or that the ending be modified so that Kim's death wasn't "too happy?"
What about the Sony hack required extreme sophistication?
Placing tailored screens on all user desktops, the way the data was found and exfiltrated.. it all might not have taken massive skill, but there was a lot of time, effort, and planning involved.
North Korean IP addresses mean nothing. My VPN provider allows me to have a north korean IP address, and hacking into other north korean systems to use them as jumping off points is not overly difficult.
As far as your motive question, this can only be answered with speculation.. but I mean even the us government had a larger motive than NK.
NK not only did not prevent the release of the movie, they made it more popular, and they got no money, profit, or benefit of any kind out of these actions.
At the time the attack happened the largest story in the news was the upcoming release of a CIA torture memo which detailed the horrifying abuse and torture of a large number of people.
There was a large back and forth in congress about the release of the memo and the damage its release would have on the country.
The Sony hack happened just before the memo was made public, and the Sony hack consumed the media news cycles and the torture memo was swept under the rug for most of the general public. I feel most people don't even remember the torture memo release, while everyone remembers the Sony hack.
Now, granted, there's no way to know anything for sure, but you wanted speculation about motive, and I would say there's more options that could fit the scenario than just assuming NK is responsible.
>What other motive do you have for a Sony hack where the perpetrators demand either that The Interview not be released or that the ending be modified so that Kim's death wasn't "too happy?"
That Lulzsec are engaged in a game of misdirection?
I've never found "Malware X was used in attack Y" or "it came from these IP addresses owned by Z" to ever be a convincing argument for attribution.
Whereas I'm fairly easily convinced that the party responsible for the hack would prefer it if the FBI believes that the real attacker is outside of their jurisdiction so they don't come knocking on their door.
The fact that North Korea is everybody's favourite bogeyman from the CIA down makes them a convenient mark.
North Korea also has a habit of admitting to and bragging about military attacks whereas this time they just said "wasn't us, good job though guys". I'm not entirely sure what motive they'd have for denying the fact that they revealed a bunch of movie star salaries when most people think it was them anyhow.
> North Korea also has a habit of admitting to and bragging about military attacks
They still claim no involvement in the death of Kim Jong Nam and the destruction of Korean Air Flight 858. You're confusing overt military actions with covert actions against civilian targets. Of course they will loudly boast about the former. Boasting about computer attacks that can help attribute other covert attacks is too stupid even for DPRK.
> I've never found "Malware X was used in attack Y" or "it came from these IP addresses owned by Z" to ever be a convincing argument for attribution.
That's just the publicly released evidence, which is enough to draw a conclusion. You think somebody who is doing it for the lulz wouldn't then brag about doing it for the lulz on IRC? That happens every other time, which is one reason why your explanation is less plausible.
>They still claim they didn't destroy Korean Air Flight 858.
North Korea maintains that it was a false flag attack. The awkward timing (it occurred during the last throes of South Korean military dictatorship - there was a power struggle going on), the fact that the North Korean agent convicted of the attack was weirdly pardoned and the fact that North Korea had nothing really to gain from this attack lends some credence to this view.
But, in any case, if it was them I can kind of see why they wouldn't want to admit to or approve of the wholesale murder of a bunch of civilians.
Revealing a bunch of movie star salaries, approving of it and not admitting to it? Can't see the what the point would be.
>That's just the publicly released evidence, which is enough to draw a conclusion. You think somebody who is doing it for the lulz wouldn't then brag about doing it for the lulz on IRC?
If they don't want the FBI kicking their door in, yeah.
>That happens every other time
...after which they got their doors kicked down.
> why your explanation is less plausible.
Because why would they learn from experience, right?
> Because why would they learn from experience, right?
You realize it isn't the same kid every time, right? The whole point of doing something for lulz is to laugh about it within a group of like-minded people who share techniques and hacks.
> Revealing a bunch of movie star salaries, approving of it and not admitting to it? Can't see the what the point would be.
See GP post for reason. That it was really about not showing a film making fun of the leader makes them look silly. If it really were the case that their leader is so beloved all over the world that non-Koreans did it of their own volition as they claim, that would not reflect poorly on Kim, but then these supposed non-Koreans messed up by having so much evidence point to DPRK.
> North Korea maintains that it was a false flag attack.
The bomb was put on the flight by a pair of North Koreans. You believe that they were turned prior to planting the bomb? And what do you believe about the Kim Jong-Nam killers?
>You realize it isn't the same kid every time, right? The whole point of doing something for lulz is to laugh about it within a group of like-minded people who share techniques and hacks.
Yes. I both realize this and posited the admittedly outrageous notion that rest may have reacted to one or two of them getting arrested by the FBI by developing better opsec and engaging in a bit of misdirection.
>See GP post for reason. That it was really about not showing a film making fun of the leader makes them look silly.
It was a film made by a foreign enemy that has threatened them countless times about the assassination of their leader. They were pretty open that they took it plenty seriously - if they didn't fear being made to look silly by complaining about it at the UN why would they fear looking silly because of the hack?
FWIW, if you made a similar film endorsing the assassination of a sitting US president the secret service would treat it as a national security threat.
>then these supposed non-Koreans messed up by having so much evidence point to DPRK.
As far as I'm aware there was no evidence that wouldn't have been easy enough to fake by hackers who had the skills to breach Sony's security. When I hear the word "sloppy" I can't help but think "deliberately placed in order to deceive".
> I both realize this and posited the admittedly outrageous notion
You apparently skipped why it is outrageous. There are no lulz if nobody knows about it.
> They were pretty open that they took it plenty seriously - if they didn't fear being made to look silly by complaining about it at the UN why would they fear looking silly because of the hack?
Complaining about how a country's leadership is depicted is one thing. If a President is depicted as a fool who gets assassinated by other countries, the US has every right to take offense. Retaliating with an illegal hack shows thin skin and (what you somehow have kept forgetting to address since GGGP post) exposes other hacks.
> As far as I'm aware there was no evidence that wouldn't have been easy enough to fake by hackers who had the skills to breach Sony's security.
And you have yet to give a plausible reason for anybody to go through that trouble. In the meantime, we have lots of public evidence that says that DPRK has done similar hacks in the past, and the agencies claim to have additional bulletproof private evidence that they don't want to burn their sources for.
>You apparently skipped why it is outrageous. There are no lulz if nobody knows about it.
I'm sure there were plenty of "lulz" to be had among their little group and while they'd like the admiration of joe bloggs as well as their peers, joe bloggs' admiration can be ceded if it means the FBI isn't kicking their door in.
>Retaliating with an illegal hack shows thin skin
This is how your cultural lens filters it but it is not how they would see it. From their perspective, this hack would demonstrate North Korean technological superiority (important, because they have an insecurity surrounding this), while the outcome would demonstrate the moral decrepitude, hypocrisy and incompetence of the American and Japanese "imperialist aggressors". This is the nature of both their mindset and propaganda and it is very consistent.
No innocent life was taken. There was nothing really immoral about the act from their perspective (or in general).
The simplest explanation is just that they didn't do it.
I can well imagine that they erroneously believed (and probably reported in pyongyang newspapers) that the hack was performed by a secretive admiring ally.
>If a President is depicted as a fool who gets assassinated by other countries, the US has every right to take offense.
I like how when the tables are turned you somehow see it as something more serious. Your cultural filter is on display.
>And you have yet to give a plausible reason for anybody to go through that trouble.
Trying to prevent your door from getting kicked in by the FBI is more than a plausible reason.
>In the meantime, we have lots of public evidence
Yeah, like "here are some IP addresses in a log that ended up there because they were 'sloppy'". No potential for fakery there.
>the agencies claim to have additional bulletproof private evidence
I trust that about as much as I trusted the CIA's claim that they had bulletproof unseen evidence of WMDs in Iraq. It wasn't put on display because of national security concerns. It wasn't put on display because it doesn't exist.
The CIA goes to Congress every so often with their cap in hand asking for more money. This is the exact kind of thing they use to justify their budget increase. I typically bear this in mind when I hear them cite evidence that we are being protected from seeing for our own good.
I never bought into the North Korean elite hackers for this reason, the country has already a lot of technological issues at the moment and having an hacker army in these conditions would be quite a feat.
I don't know, on the one hand, NK is objectively behind other nations, but on the other hand, it's still a nation-state, with millions of subjects and complete freedom in shaping their policies. They did manage to build something resembling nuclear weapon without help from outside...
Yes indeed but it took them a very long time to build some and we have a lot of traces of NK trying to get intelligence data about nuclear weapons, on the other hand, I've never seen anything which could indicate that they built a proper hacking army (not just an army of scammers to get more money).
> I've never seen anything which could indicate that they built a proper hacking army
Google for Bureau 121 and 91 Office. Just because this article is about a programmer who mostly cracked software doesn't mean that other programmers with other focus areas don't exist.
Among other things, they engage in:
* Manufacturing methamphetamine https://www.talkingdrugs.org/north-korea-increasing-crystal-...
* Fake money https://news.vice.com/article/north-koreas-counterfeit-benja...
* Counterfeit cigarettes and pharmaceuticals
* People trafficking
* A restaurant chain: https://en.wikipedia.org/wiki/Pyongyang_(restaurant_chain)
* Statues for African dictators: http://www.bbc.com/news/magazine-35569277
Their embassies are also expected to make a profit and sustain themselves, while sending money home.
The North Korean Embassy in Pakistan was suspected to be bootlegging alcohol: https://www.reuters.com/article/us-pakistan-northkorea-insig...
They rent out embassy owned land for a youth hostel in Berlin: https://www.washingtonpost.com/news/worldviews/wp/2017/10/05...
They also smuggle ivory in Africa: https://www.economist.com/news/middle-east-and-africa/217295...
It's almost comical. The North Korean regime is completely morally bankrupt.