More on North Korean Online Warfare
I wrote about this in “North Korean Hacking Story,” and more detail emerges from a mail (or perhaps its a website? Hard to tell.) Anyway, this was eventually forwarded to Dave Farber’s IP list, Anyway, Brooks Isoldi, edidor of Intellnet writes:
North Korea has trained a small army of computer hackers whose
capability is equal to that of U.S. intelligence agencies, a South
Korean defense official said last week.
Byeon was referring to a 1997 U.S. military exercise code-named
Eligible Receiver that used National Security Agency officials posing
as North Korean hackers. Using software obtained publicly from the
Internet, the simulation showed that North Korea could shut down all
U.S. military communications in the Pacific and the entire electric
power grid in the western United States.
Ok, so lets see. Not only was it a simulation, but it was seven or eight years ago. And what it found was that Americans were able to hack into and shut down US military communications. Which is bad. But it was also seven years ago. Perhaps they’ve improved things a little since then.
The skeptical reporter might also consider what differences exist between Americans pretending to be North Koreans, and real North Koreans. This is made harder because North Koreans are subject to one of the nastiest dictatorships on Earth. You can’t go, hang out with some North Korean hacker kids, and learn how they think. They have essentially no industry (have you ever seen a product made in North Korea?) They have no infrastructure. The ability of the North Korean military to execute on complex operational plans is unknown, but given the Stalinist nature of the country, it is unlikely that the operators are encouraged to take initiative or creatively exploit what they find. That might be mitigated or made worse when your unit is operating from a cube farm, with officers around.
On the other hand, the North Koreans seem to have produced nuclear weapons, and their military frequently does things (suicide squads sent through the DMZ, landed by submarine, etc) which seem to make no sense.
So Eligible Reciever is probably a bad model, but it may also be the best model that anyone has.