How to bring North Korea to its cyber-knees
28 Dec 2014
By Matthew Gault
President Barack Obama, during his year-end news conference, promised a proportional response to North Korea’s cyber-attack on Sony Pictures Entertainment.
There are many ways Washington could strike Pyongyang in cyber space. One effective tactic would be to go after the black markets where hackers trade dangerous software. The Sony hack, as most people now know, was relatively unsophisticated. The tools used were crude and readily available on the Internet. Which means these tools will be hard to eliminate.
Hard but not impossible. Washington could learn something from the music industry.
In 2001, when Napster, the file-sharing service, was at the height of popularity, the music industry flooded the site with broken songs and obnoxious repetitive sounds dressed up to look like popular music. It worked. Millions of people downloaded files that hurt their ears. Washington could do something similar to the online black markets used by hackers.
This could mean flooding black markets with faulty software, malware and broken tools. The files would look like regular malicious software — but either wouldn’t work or would be engineered to backfire on the hackers.
US cyber teams could also go after the hackers aligned with Pyongyang and make their lives miserable. It’s an effective tactic. Bullies are notoriously susceptible to bullying.
Since the FBI has declared that the attack came from North Korea, there’s a good chance the bureau’s experts know which computers and even which hackers it came from. Hackers generally have robust online lives. They use social networks, maintain a presence in online forums and chatrooms and transfer money using Bitcoin or other cryptocurrencies. Washington could make their lives uncomfortably complicated.
It could break into the hackers’ email accounts and publish them — just as the hackers did to Sony Pictures executives. It could ban their Internet protocol addresses or infect their computers with destructive viruses and malware that could store every keystroke the hackers type. Every password, email, website visited would be recorded and stored in a US database. It might only sideline the hackers, by making them spend time and energy fixing the problem or even force them to buy entirely new hardware — a hacker’s worst case scenario.
US cyber teams could also pose online as commentators and ruin the hackers’ reputations among any communities they belong to. For example, they could upload faulty software to the black markets as the Guardians of Peace.
Of course, some security experts insist that the attack did not originate in North Korea, but was routed through it.
One group of expat North Korean hackers, known as Chongryon, is based in Japan. Their actions are crucial to Pyongyang, which uses the group’s grifts and hacks to spread propaganda and bring money to the state.
“The Chongryon are vital to North Korea’s military budget,” a recent report from HP Security analysts explained, “raising funds via weapons trafficking, drug trafficking and other black market activities.” .
Chongryon is just one of many groups that do Pyongyang’s dirty work while operating outside North Korea. Washington could work with its partners in other countries to pursue such North Korea’s satellite hackers and shut them down.
Richard Haass, president of the Council on Foreign relations, suggested attacking Pyongyang’s Internet infrastructure. A response-in-kind, for Haass, is an attack on North Korea’s political and military networks.
Yet disrupting North Korea’s internal networks is not a proportional response. The Guardians of Peace attacked Sony — not the Pentagon.
It would also be incredibly difficult if not impossible. Most of North Korea’s military communications are on “wired circuits that are not connected to international networks,” Martyn Williams, senior correspondent at IDG News Service who writes about Pyongyang for the blog North Korea Tech, told Reuters.
Though North Korea isn’t as wired as the United States, some of its people do have access to the Internet. That connection is slow, unstable and heavily censored by the state.
It’s possible for the United States to breach that connection and shut it down. All the connections run through China, however, and Washington would need to work with Beijing to make it happen. And Washington already has its own problems with Chinese hackers linked to the People Liberation Army.
Taking North Korea offline would be counterproductive in any case. The US intelligence community monitors all Internet traffic moving through North Korea. Shut down the country’s Internet and you shut off Washington’s ability to listen in.
Shutting down the country’s Internet might be the proportional response Obama mentioned. It might also, however, be a sign that China is punishing the country for its recent cyber activities. Beijing isn’t above reining in Pyongyang when it needs to.
But another sort of US retaliation would be to get The Interview into North Korea. So much of the fuss surrounding this hack concerns the film and Pyongyang’s reaction to it. Making it free online or uploading it into North Korea’s networks would take away one of the biggest gains the country got from the attack — getting the movie withdrawn from public view.
One human-rights group plans to achieve just this. This organization, Fighters for a Free North Korea, routinely airdrops over North Korea hydrogen balloons carrying DVDs. They aim to airdrop The Interview as soon as it’s available.
Still, disrupting the black markets and hounding the hackers responsible remain the two best options. It’s a direct punishment levied against the individuals responsible — and has the added effect of slowing down or stopping more attacks.�REUTERS
By Matthew Gault
President Barack Obama, during his year-end news conference, promised a proportional response to North Korea’s cyber-attack on Sony Pictures Entertainment.
There are many ways Washington could strike Pyongyang in cyber space. One effective tactic would be to go after the black markets where hackers trade dangerous software. The Sony hack, as most people now know, was relatively unsophisticated. The tools used were crude and readily available on the Internet. Which means these tools will be hard to eliminate.
Hard but not impossible. Washington could learn something from the music industry.
In 2001, when Napster, the file-sharing service, was at the height of popularity, the music industry flooded the site with broken songs and obnoxious repetitive sounds dressed up to look like popular music. It worked. Millions of people downloaded files that hurt their ears. Washington could do something similar to the online black markets used by hackers.
This could mean flooding black markets with faulty software, malware and broken tools. The files would look like regular malicious software — but either wouldn’t work or would be engineered to backfire on the hackers.
US cyber teams could also go after the hackers aligned with Pyongyang and make their lives miserable. It’s an effective tactic. Bullies are notoriously susceptible to bullying.
Since the FBI has declared that the attack came from North Korea, there’s a good chance the bureau’s experts know which computers and even which hackers it came from. Hackers generally have robust online lives. They use social networks, maintain a presence in online forums and chatrooms and transfer money using Bitcoin or other cryptocurrencies. Washington could make their lives uncomfortably complicated.
It could break into the hackers’ email accounts and publish them — just as the hackers did to Sony Pictures executives. It could ban their Internet protocol addresses or infect their computers with destructive viruses and malware that could store every keystroke the hackers type. Every password, email, website visited would be recorded and stored in a US database. It might only sideline the hackers, by making them spend time and energy fixing the problem or even force them to buy entirely new hardware — a hacker’s worst case scenario.
US cyber teams could also pose online as commentators and ruin the hackers’ reputations among any communities they belong to. For example, they could upload faulty software to the black markets as the Guardians of Peace.
Of course, some security experts insist that the attack did not originate in North Korea, but was routed through it.
One group of expat North Korean hackers, known as Chongryon, is based in Japan. Their actions are crucial to Pyongyang, which uses the group’s grifts and hacks to spread propaganda and bring money to the state.
“The Chongryon are vital to North Korea’s military budget,” a recent report from HP Security analysts explained, “raising funds via weapons trafficking, drug trafficking and other black market activities.” .
Chongryon is just one of many groups that do Pyongyang’s dirty work while operating outside North Korea. Washington could work with its partners in other countries to pursue such North Korea’s satellite hackers and shut them down.
Richard Haass, president of the Council on Foreign relations, suggested attacking Pyongyang’s Internet infrastructure. A response-in-kind, for Haass, is an attack on North Korea’s political and military networks.
Yet disrupting North Korea’s internal networks is not a proportional response. The Guardians of Peace attacked Sony — not the Pentagon.
It would also be incredibly difficult if not impossible. Most of North Korea’s military communications are on “wired circuits that are not connected to international networks,” Martyn Williams, senior correspondent at IDG News Service who writes about Pyongyang for the blog North Korea Tech, told Reuters.
Though North Korea isn’t as wired as the United States, some of its people do have access to the Internet. That connection is slow, unstable and heavily censored by the state.
It’s possible for the United States to breach that connection and shut it down. All the connections run through China, however, and Washington would need to work with Beijing to make it happen. And Washington already has its own problems with Chinese hackers linked to the People Liberation Army.
Taking North Korea offline would be counterproductive in any case. The US intelligence community monitors all Internet traffic moving through North Korea. Shut down the country’s Internet and you shut off Washington’s ability to listen in.
Shutting down the country’s Internet might be the proportional response Obama mentioned. It might also, however, be a sign that China is punishing the country for its recent cyber activities. Beijing isn’t above reining in Pyongyang when it needs to.
But another sort of US retaliation would be to get The Interview into North Korea. So much of the fuss surrounding this hack concerns the film and Pyongyang’s reaction to it. Making it free online or uploading it into North Korea’s networks would take away one of the biggest gains the country got from the attack — getting the movie withdrawn from public view.
One human-rights group plans to achieve just this. This organization, Fighters for a Free North Korea, routinely airdrops over North Korea hydrogen balloons carrying DVDs. They aim to airdrop The Interview as soon as it’s available.
Still, disrupting the black markets and hounding the hackers responsible remain the two best options. It’s a direct punishment levied against the individuals responsible — and has the added effect of slowing down or stopping more attacks.�REUTERS
