North Korean Defector Spills Details On the Country's Elite Hacking Force

mattydread23 writes Business Insider interviewed Jang Se-yul, a North Korean defector who trained in the country's Mirim University alongside some of the hackers who make up its elite Bureau 121 hacking squad. He explains how they train: 'They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. Jang says a lot of time was spent dissecting Microsoft programs, like the Windows operating system, and how to attack the overall computer IT systems of enemy countries like the U.S. or South Korea.' He also explains that these hackers are among the elite in North Korea, and even though they have unfiltered information about the outside world that their countrymen lack, most of them would never dream of leaving. (See also this story from earlier this month about the life of North Korea's elite hackers.)

from C to linux eh?

[Anonymous Coward]

Well that's quite the range.

Re:

[Anonymous Coward]

Ho ho ho!

Santa had a hearty laugh when they referred to Linux as an 'operating system'!

GTFO and go back to your troll cave, RMS.

Oh, and merry Christmas!

Sorry media

[Anonymous Coward]

I don't believe you! I definitely think this hack was an inside job.

Re:

[Anonymous Coward]

those stories are so hilarious. Best thing is they keep coming and the get funnier.

Obviously most Americans dont remember the non existent WMD in Iraq. Well its the same thing. NK had nothing to do with the Sony debacle.

Re:

[dugancent]

I think you overestimate how much Americans care about this.

Re:

[Anonymous Coward]

those stories are so hilarious. Best thing is they keep coming and the get funnier.

Obviously most Americans dont remember the non existent WMD in Iraq. Well its the same thing. NK had nothing to do with the Sony debacle.

Let's not also forget, defectors are great at telling their latest new best friends exactly what their latest new best friends want to hear...

Re: Sorry media

[Anonymous Coward]

Actually there were WMD's in Iraq
http://www.nytimes.com/interactive/2014/10/14/world/middleeast/us-casualties-of-iraq-chemical-weapons.html?_r=0

Re:

[dryeo]

Actually there were WMD's in Iraq
http://www.nytimes.com/interac... [nytimes.com]

And America should have nuked whichever country supplied them to Saddam, zero tolerance and such.

Re:

[Jawnn]

I don't believe you! I definitely think this hack was an inside job.

Yeah, and global warming is faked by the left wing media, and vaccines are poison, and municipal water flouridation is a communist plot. Oh, and by the way, you don't really believe that you are anonymous here on /., do you?

Re:Sorry media

[PvtVoid]

Yeah, and global warming is faked by the left wing media, and vaccines are poison, and municipal water flouridation is a communist plot. Oh, and by the way, you don't really believe that you are anonymous here on /., do you?

Doubting the official line on the Sony hack is hardly the stuff of tinfoil-hat denialism. How's this for a scenario: (1) Garden-variety haxx0rz and/or a disgruntled employee steal a bunch of embarrassing files from Sony -- plenty of motive there -- and dump the files on the web. (2) Some moron in the media starts speculating that it has something to do with an idiotic movie about North Korea, and the echo chamber amplifies it as truth. (3) Haxx0rz, sensing an epic opportunity for lulz, play along with the feeding frenzy in the media with some crazy threats against screening the movie, then sit back and watch the fun as paranoia in the FBI and mindless nationalism in the population do the rest of their work for them.

Couldn't be.

Re:

[lsatenstein]

Yeah, and global warming is faked by the left wing media, and vaccines are poison, and municipal water flouridation is a communist plot. Oh, and by the way, you don't really believe that you are anonymous here on /., do you?

Doubting the official line on the Sony hack is hardly the stuff of tinfoil-hat denialism. How's this for a scenario: (1) Garden-variety haxx0rz and/or a disgruntled employee steal a bunch of embarrassing files from Sony -- plenty of motive there -- and dump the files on the web. (2) Some moron in the media starts speculating that it has something to do with an idiotic movie about North Korea, and the echo chamber amplifies it as truth. (3) Haxx0rz, sensing an epic opportunity for lulz, play along with the feeding frenzy in the media with some crazy threats against screening the movie, then sit back and watch the fun as paranoia in the FBI and mindless nationalism in the population do the rest of their work for them.

Couldn't be.

What if you substituted the presidents name for that of NK? Would that go well with Americans? I bet it will go very very well with Arab countries and in those countries where American Companies (United Fruit, et. al) exploited those countries for their wealth. I bet the foreign country gets only 2% of the benefit and the Corp and bribes get the rest.

Re:

[Rich0]

Fair point, but you left out:
1a) Sony executive is faced with having to go to the press with "some teenagers completely destroyed our market cap and the stockholders probably should sack me for allowing it to happen" or "the US was the victim of a major cyber warfare attack by North Korea, and Sony got caught in the crossfire - I'm a patriot for promoting an anti-NK film when I'm not busy playing accounting games with movie revenues to avoid taxes and paying my employees."

Re:

[Jawnn]

Fluoridation experiments related to populace control was started by the Nazis, not the communists, fyi

Yes, but the public spazzing over flouridation came at the peak of the "red scare" years. "A communist plot", in other words. Get your history straight.

Communist "loyalty" exam...

[Anonymous Coward]

[...] these hackers are all aware of what’s going on in the outside world and how reclusive their country is — but they still won’t leave their country. “No matter how hard you try to convince them, they won’t leave [...]

Communist "loyalty" exam: do you love your family?

Re:

[Anonymous Coward]

Also, what's in it for them if they did defect - they'd probably end up working for the NSA targetting the same people and institutions as before.

Re:

[currently_awake]

The elites don't leave, their life abroad would be as a common worker and the "Party" would work hard to make sure they don't "live long and prosper".

Re:

[The Grim Reefer]

Sure they do. But leaving the country and leaving life are often the same in this case. I'm not sure many people would choose to leave. It's my understanding that those people in this group are treated extremely well. Especially compared to the average citizens of North Korea. Plus I'm sure if you have and love your family you're not going to screw it up for them either.

Re:

[abirdman]

The parallels to this country are simply amazing!

North Korea only has 1024 IP addresses.

[Anonymous Coward]

Might as well have them permanently DDOS'd.

Re: North Korea only has 1024 IP addresses.

[Kichigai Mentat]

Yeah, but you don't need more than 1024 IPs when almost everyone in the nation is restricted to using an intranet. https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[Spy Handler]

NAT and double NAT. With those 1024 IPs, they can get millions of computers online if they wanted to.

I'm not surprised they don't want to defect

[Nutria]

During the Cold War, how many KGB agents and upper level apparatchiks had unfiltered access to the West and yet stayed?

Love of County is a very powerful emotion, and elitist snobs who dismiss it can not understand a whole panoply of human motivations.

Re:

[Opportunist]

Love of Country sure is much easier if you're part of the nobility. Actually, fuck the country, but as long as it makes my life pleasurable at the expense of the 99% of the rest, what's not to love?

Re: I'm not surprised they don't want to defect

[Anonymous Coward]

Didn't you just describe the Wall St mentality?

Re:

[unixisc]

This!!! If they get to live almost like Kim Jong Un, what incentive is there for them to go to China, Russia, US or anywhere else?

Re:

[Opportunist]

Sorry if the truth hurts, but that's how the shit flies. Sure, some do it out of patriotism and with enough "the enemy is everywhere and trying to kill YOUR CHILDREN" propaganda anyone can be very patriotic until they find out that at the other side there's just exactly the same ordinary guy trying to live his life and getting by somehow. Few and far between are the hyped up supersoldiers who'll die gladly for land and fame. Usually you have a bunch of people who just want to make another day go by.

It's not

Re:

[fustakrakich]

Kill them and the world is a better place.

That's rather harsh. No killing is necessary. Just stop serving them and problem solved.

The 'real assholes' at the top didn't get there without help from the bottom. Wait... what? That sounds gross!

Re:

[tentative]

It's not just country, you know. These people have families they would leave behind at the mercy of their former comrades.

Re:

[Anonymous Coward]

My country right or wrong.

Often misunderstood because people don't remeber the other part of the quote

My country right or wrong. If right to be kept right. If wrong to be put right. (paraphased - Christmas morning no time or will to find the exact wording)

I love my country but I would not love a system that hurts my fellow citizens and I would fight to make my country right in that circumstance.

Re:

[Osgeld]

its not love of country, its love of being more powerful than others in your country. These people get treated special, they get special privileges, they get news stories around the globe, and if they left ... well they wouldn't get any of that

Re:

[Scot Seese]

Don't forget the "..if you defect, we will imprison and torture your entire extended family and anyone you ever smiled at" program.

Re:

[ohnocitizen]

and elitist snobs who dismiss it can not understand a whole panoply of human motivations

I feel like there's more you want to say here. Who are these "elitist snobs" you're railing against?

Re: I'm not surprised they don't want to defect

[antifoidulus]

Let's also not forget "love of pussy" and "love of money". These elites are also often essentially bribed to stay with access to premium housing and often whatever women they want.

Is it available online?

[Tasha26]

I bet it's better than this shit Security Course you get at Stanford.

his name is Nayirah al-aba ?

[citizenr]

this is Nayirah al-aba all over again
https://en.wikipedia.org/wiki/... [wikipedia.org]

CIA/NSA propaganda machine is in full force. I predict US will be "liberating" north Korea in 2015.

Re:

[stinerman]

I wouldn't bet on it. North Korea wouldn't be able to take us in a conventional war, but they would inflict pretty severe casualties on us and our South Korean allies.

Re:

[cheesybagel]

You overestimate their abilities. The South Korean army alone could take them on and win if they mobilized. The Norks have utterly obsolete military equipment.

The problem is it would not happen without large casualties and probably a bombing of Seoul so I doubt they want to do it.

Re:

[Xenx]

Actually, to me it sounds like they pretty much are saying the same thing. NK has no hope of winning, but can blow up a bunch of people in retaliation before they fall.

Re:

[abirdman]

How did we start from someone hacking the network of the distributor of a 3rd rate Xmas-release comedy to apocalyptic throw-downs from a child dictator? This sounds like a South Park episode.

Re:

[sound+vision]

I'm sure they're writing it already.

Re:

[cheesybagel]

Well imagine South Korea installed a system like Iron Dome or THEL around Seoul which could successfully intercept most of the artillery shells the Norks could fire. Then an invasion of North Korea would be quite likely to be successful with minor losses.

Re:

[currently_awake]

The USA doesn't "Liberate" countries with nuclear weapons. Uncle Sam doesn't want to risk getting hurt while taking the other kids lunch money.

Re:

[Jawnn]

this is Nayirah al-aba all over again https://en.wikipedia.org/wiki/... [wikipedia.org]

CIA/NSA propaganda machine is in full force. I predict US will be "liberating" north Korea in 2015.

You are an idiot, then. NK has very little we want and they are not a real threat as a nation state. No, they are not. There's no profit in fucking with them, and nation states don't go in for terrorism. Despite all the absolutely silly bluster, the Norks aren't going to invite the staggering reprisals that would be sure to follow if they actually carried out a tenth of what they threaten.

Re:

[cascadingstylesheet]

Seriously? "Insightful" for believing that North Korea doesn't need liberation?

They forgot to mention.

[EnsilZah]

They forgot to mention how the final test, called the Kobayashi Maru, involves hacking a Gibson by playing tic-tac-toe while receiving a blow job from Jeff Bridges.
By this point it's not that difficult, because it's Unix and you know this, but making your MacBook interface with the alien computer you built from the schematics sent by Setec Astronomy is a bit of a challenge.
And of course those who fail will be taken away by agents and made to mow the lawn for the rest of their lives or something.

Re:

[cdrudge]

And of course those who fail will be taken away by agents and made to mow the lawn for the rest of their lives or something.

If you're lucky, that might be your fate. If you're unlucky, you still get to spend time with the lawn, but as fertilizer.

Skeleton

[Chris Bradley]

They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. And no lessons on how to draw a skeleton.

Part of your defection acceptance..

[koan]

Will be to tell everyone about the uber elite, super scary NK hacking force, or we are sending you back.

Sounds like an awsome place to work

[confused one]

In-house technical training available, daily. Unfiltered access to the internet at work. Nearly 100% retention rate. Must be an awesome place to work!

Re:

[Joe_Dragon]

but the pay is likely lower then US min wage and how many hours a week are you putting in?

Re:

[guruevi]

From the articles (if they're true), they are treated like rock stars in their country and make more than most people in their country. It doesn't matter how much you make on a world-scale, if I move to Africa with my 'wealth' even though I wouldn't survive more than a few months in the West before being broke, I could probably live there for a decade without working.

Re:

[sudon't]

but the pay is likely lower then US min wage and how many hours a week are you putting in?

Perhaps it's like bartending, where you rely upon tips to make up for low pay? Tips from foreign bank accounts, say. Gotta have some kind of incentive...

Bollocks.

[Anonymous Coward]

Bollocks.

lol

[Anonymous Coward]

What about their Elite Photoshopping Force?

To anyone who believes this malarkey....

[REALMAN]

I've got bug free Microsoft Software for sale.

Dirt cheap!

from C to Linux

[Anonymous Coward]

Well.

So who payed this shit 3-million-dollarsUS?-currency

Oh! it Was YaHoo.

Now, that explains it all.

Yahoo can't tell C from A! Or A/UX from Linux. Or FORTRAN from FORT.

That means that North Korea Government Servers are running A/UX on 68k-based Macintosh with an FPU and a paged memory management unit.

Splendid. I have enough info the do a nasty, just for shits and giggles.

Ha ha.

You can't believe the defectors

[7-Vodka]

Learn from the past. Iraqui defectors swore up and down that there were massive nuclear programs. They were physicists, they were believable, they testified in secret, in public, on TV. None of it mattered, they were proven liars after we invaded.

Claims from defectors require extraordinary evidence, especially when what's coming out of their mouths is what the government or the intel agencies want to hear.

Re:Dem haxxorz dey be haxxin.

[greenfruitsalad]

I'm also sure the guy who was never in the inner circle knows all the details and isn't making anything up.

Re:Dem haxxorz dey be haxxin.

[Anonymous Coward]

Maybe we can torture him to confess a link between North Korea and al Qaeda?

Re:

[Anonymous Coward]

I think he'd just admit that we installed a puppet regime in NK.

Re:

[AmiMoJo]

Considering what we learned from Edward Snowden I'd say this is actually the absolute minimum I'd expect them to be doing. When your enemy is the United States, obviously you are going to have strong cyber defence.

Re:Dem haxxorz dey be haxxin.

[Opportunist]

In a country where the internet is about as commonplace as for us having your own rocket launch system in the backyard? Please. How do you hit NKor via internet? Take down their online payment system? Hack their official pages so their citizens would get to see defaced pics of li'l Kim?

How?

I can see that as an offensive force, but defense? Please.

Re:

[AmiMoJo]

Well, someone did DDOS their entire country offline, taking down their official news outlets etc, so apparently they do need some kind of cyber security force.

In fact they do have an internal network, used by universities and companies, and a 3G mobile network. There is something to defend.

Re:

[CaptainLard]

Well, someone did DDOS their entire country offline,

Yeah, all 1000 NK IP addresses were DDOS attacked. The California University of Pennsylvania (you read that right) network dwarfs NK's. The only "defense" they need is some guy to call everyone on a landline to tell them to shut their computer down till tomorrow.

Re:

[sound+vision]

Presumably their internal network only has a few closely-watched links to the wider internet that can easily be cut in the event of a DDOS, leaving the internal network running. AFAIK, the DDOS only affected their connectivity to the wide internet, which is essentially just a toy for the elite anyway. I haven't seen any reports to the contrary.

Re:

[lsatenstein]

In a country where the internet is about as commonplace as for us having your own rocket launch system in the backyard? Please. How do you hit NKor via internet? Take down their online payment system? Hack their official pages so their citizens would get to see defaced pics of li'l Kim?

How?

I can see that as an offensive force, but defense? Please.

From what I read, and what I am led to believe, probably every water treatment plant, every electrical generating system, including the interconnects, has been identified and an attack prepared. The USA electrical grid needs only a core state to fail, and the entire country would fail.

And if you include airports in their attack catalogues then the North Korean protections are complete. Attack them and most probably, the USA part of the internet, and possibly the entire world would be downed.

So, its ok to

North Korea

[Anonymous Coward]

I just wonder what the Korean peninsula would be like if MacArthur followed orders instead of being an arrogant ass.

As long as we have dictatorships like in N. Korea, we will be a World that will always be in turmoil. I think the US and the rest of the World including (especially) China should do everything they can to undermine and discredit the leadership in that country. And then move on to other oppressive regimes around the World - I vote for Saudi Arabia and Iran as the next targets.

Do not get me wron

Re:

[AqD]

But South Korea was just as shitty when they made peace with NK, if not worse. It wasn't any better than Saddam's Iraq or Gaddafi's Libya.

Also US did top the Iranian government before - A true democracy replaced by an authoritarian and oppressive regime.

Not again.

Re: North Korea

[Frosty Piss]

The South made peace with NK? when did this happen? Clearly you have never been to South Korea. There is an armistice but they are certainly not at "peace". Indeed a few years ago NK shelled an island controlled by the South.

Re:

[rogoshen1]

don't be pedantic, it was clear he was referring to the nominal end of the Korean War. When the armistice happened, SK was a third world nation. NK was slightly better off due to aid from russia and china.

Re: North Korea

[unami]

yes, nk, iran and saudi arabia have rotten, oppressive regimes. but responsible for the turmoil in the world? look around, where the turmoil is happening right now... ukraine, mexico, israel & co., lybia, iraq, syria, south-sudan, ... ( https://en.m.wikipedia.org/wik... [wikipedia.org] )

Re:

[Anonymous Coward]

I wonder if Kim Jong Un has given this elite unit extra "field guidance" in light of their recent failure to quash the movie? Maybe a few of these l33t h4x0rs have been exterminated as an example for others.

Re:

[Bite The Pillow]

Did you read the article? This defector was as inner circle as it gets without doing the actual haxxorz. Whether he is lying is a different story, but your dismissal is groundless.

Re:

[brxndxn]

Gotta agree with your sarcasm. Se-yul is also saying the exact things US officials would want him to say if they're trying to justify a typical bloated 'cyberwarfare' budget and new laws that limit freedoms in the US. "OMG the scary North Korea and their elite hackers are going to bring the US (home to the programmers of most of the worlds' major software) to its knees!"

Re: FUD?

[Anonymous Coward]

There's plenty of news articles where security firms are saying this hack was an inside job by workers facing layoffs, who decided to go along with the conclusion that this was state-sponsored to mitigate any potential penalties they might face if found out. Seems more likely to many...

Re:

[Anonymous Coward]

As far as I know, FBI has still not presented any solid evidence that North Korea cracked into Sony's systems.

Re:

[Opportunist]

So it isn't me, it is kinda odd that this guy's defection comes conveniently at exactly this point in time?

Some people really know to come right on cue.

Re:FUD?

[mjm1231]

He defected in 2007, if facts matter to you.

Re:

[radarskiy]

That just shows you how deep the conspiracy goes!

Re:

[abirdman]

This will surely nudge some patriots to update their Symantec license, amirite?

Re:

[Noah Haders]

It's also available for rent on YouTube, so you can watch without stealing if you're so inclined.

Re:

[Zontar The Mindless]

It's also available for rent on YouTube, so you can pay for the questionable privilege of viewing this film if you happen to live in the US and you're so inclined.

TFTFY.

Re:

[iluvcapra]

"I've decided your movie is worthless, therefore I can torrent it and it's not actually stealing..."

Re:

[Zontar The Mindless]

"I live outside the US, so I can't rent or buy it even if I wanted to."

Re: The Interview hits warez sites

[thesupraman]

Stop showing off about how much better off you are than the masses!

Damn skite!

Think of the children! ( who may actually have to SEE this film!)

Re: The Interview hits warez sites

[Anonymous Coward]

Not that uncommon. Infact I just saw a dropper (malware payload delivery ststem) in an .mp3 the other day. .avi is not that far fetched.

Re:

[sound+vision]

And under what circumstances will data in an .mp3 execute? Windows won't execute it without the old .mp3.exe trick, and probably a UAC prompt as well. Linux and presumably OS X won't execute without setting the x permission. And any sane media player isn't going to execute anything from inside a media file.

Then again, most people use insanely bloated and stupid media players like WMP and iTunes, I could see those executing random code in a media file as some harebrained "feature"...

Re: The Interview hits warez sites

[TheRaven64]

What secure OS do you run where the video codecs have had a full security review? Google found (and fixed) around 300 exploitable holes in libavcodec / libavformat in the last year. Do you want to bet that they found them all? Do you always run video codecs in an unprivileged process?

Re:

[K. S. Kyosuke]

Wouldn't a file like this have to exploit a whole variety of codecs simultaneously? Surely there must be many decoders on the market, some of them even in hardware. Or has libavcodec recently become the most popular target? I would have thought that an attacker would go after the Windows Media Player instead, simply because of the installed base.

Re:

[dadman]

No, 80% of the apps are using 20% of the codec varieties, so one only need to target those 20% of commonly used codec libs, and that's usually less than a handful.

Re:

[TheRaven64]

There are basically only three decoders that cover most of the market: Microsoft's DirectShow filter, libavcodec / libavformat, and QuickTime. Hardware decode doesn't help much, because you still have the same software path as everyone else doing the de-encapsulation and file parsing, which is where the exploitable bugs often show up. If you have vulnerabilities in each of these then it's not generally hard to hide them all in the same file, as the codecs aim to be resilient to corrupted data so will usua

Re:

[K. S. Kyosuke]

Hah, time to rewrite major codecs and file formats in Lisp? (:-) I find it rather somewhat amusing that such things as exploits of data file formats should be even technically possible. One feels like living in the 20th century. Is there any list or summary of those 300 issues found by Google? Just for me to check what kinds of problems were found. It seems intriguing.

Re:

[Rich0]

Do you always run video codecs in an unprivileged process?

Heck, if you use Windows with all the DRM the video codec probably has more privs than your admin account.

Re:

[Anonymous Coward]

What about an AVI that launches, and looks exactly like VLC, and then asks for permission to install an "update" ;)

Re: The Interview hits warez sites

[Anonymous Coward]

mplayer on command line to launch media. Use ffmpeg to convert the media if you're really paranoid. Let's see what crud survives .. Methinks none does in almost all circumstances

Re:

[grumling]

Except that 1) your neighbor has no lawn mower, 2) your neighbor has no lawn.

Yep, a worker’s paradise.

Re:

[flappinbooger]

Who teaches these fabled courses?

This article is pure bs.

Previous graduates maybe. It had to start somewhere though.

Even if this is real (which is really hard to believe) it is going to be outdated, wrong, and useless like nearly everything else NK does that isn't given to them by China and Russia.

Maybe it's taught by the Chinese. Possible I guess.

I just can't help but imagine a bunch of Norks gathered around a Tandy 1000 hooked up to an acoustic modem with an egg timer. Every 10 minutes they switch off. "Ok, now you a hacker."

Re:

[Spy Handler]

I just can't help but imagine a bunch of Norks gathered around a Tandy 1000 hooked up to an acoustic modem with an egg timer. Every 10 minutes they switch off. "Ok, now you a hacker."

Smug sense of superiority. Are you an American by any chance?

Yes N. Korea is poor, but do not underestimate your enemies. Look at what they've actually done instead of making fun blindly.

Training people in C and Linux and Windows exploits is not all that hard or expensive compared to, say, building your own nuclear warheads and ICBMs. Former can be done for a few million bucks. The latter costs billions and the engineering is orders of magnitude harder than teaching coding.

In case you didn't know, the Norks

Re: It's like something taken out of a novel

[F.Ultra]

Kim is afaik found of Hollywood movies so he probably thought that section 121 sounded cool.

Re:

[abirdman]

I, for one, plan to purchase every anti-virus product I can possibly put on my credit card, and then I'll send a letter to StratFor, to find out what they recommend for additional security hardening for the upcoming conflict. I expect they'll recommend I switch to Linux immediately, and to help me protect myself as well as my neighbors, I shall be following that advice.