4 years ago, the most famous cyber attack of the DPRK occurred – Sony was the target.
On Monday, Sony Pictures employees turned on their computers and found a strange message. It said that the film company was attacked by the hacker group #GOP (Guardians of Peace). The text over the image of the red skull said that all the secrets of the company were abducted, they would soon become known to the whole world, and all employees “will go to hell.” No claims unknown hackers never put forward. As a result of the attack, Sony’s digital infrastructure has been severely damaged: employees for about a week were forced to use phones and fax to communicate and wrote notes by hand.
Hackers stole copies of several films of the company, which were instantly posted on the Internet. Among them – “Rage” with Brad Pitt in the title role, for the first days downloaded more than a million times. Also, hackers got at their disposal a lot of materials that just as quickly turned out to be open access to Reddit. These are files with passport data, visas and other personal information of the actors and crew members, including John Hill, Cameron Diaz and Angelina Jolie. The network has also lost information about the salaries in the company: it has already become the occasion for Sony’s accusations of racism and sexism.
Who are the Guardians of the World? Many believe that this is a group of hackers from the DPRK. Experts even call it a new form of cyberwar, when a country attacks a private corporation. Why does not North Korea like Sony and what is its cyberarmia capable of?
- DPRK hackers have their own style.
The Wall Street Journal, referring to the FBI, writes that the attack on Sony strongly resembles Operation Dark Seoul. Then about a year ago, as a result of an attack by unknown hackers in South Korea, several television companies and banks suffered. Seoul blamed the incident on its northern neighbors, but Pyongyang did not officially blame the incident. The FBI believes that the methods of hackers in both cases are very similar. After the attack on Sony, journalists asked for a comment to a representative of the DPRK at the UN. Here’s what he said: “Enemy forces blame North Korea for everything. I strongly recommend that you just wait and you will know the whole truth. ” It sounds menacing.
- The DPRK has a reason to be angry with Sony, though not serious.
The main reason that most experts suspect North Korean hackers is the approaching premiere of Interview, in which actors Seth Rogen and James Franco are trying to kill the leader of the DPRK, Kim Jong-un. Pyongyang zealously criticized the Sony-produced picture in the summer. In an official statement, the film was called a provocation, which deserves “severe punishment.” “Cyberattacks are a very attractive way to show your anger. Because you are not threatened with any serious consequences, “said Tobias Fikin, director of the Australian International Cyber Policy Center. According to him, the DPRK authorities like to demonstrate the capabilities of their country.
- Hackers from the DPRK should not be underestimated.
North Korea is effectively cut off from the Global Network, and local residents can only use the intranet. But this gives the DPRK an important advantage: the country can attack opponents, but it is almost invulnerable. The capabilities of local hackers should also not be underestimated. The security department of Hewlett Packard Company released a detailed report in the summer, which tells about the abilities of cyber-soldier Kim Jong-un. It is also noted that in schools in the DPRK, teachers are especially focused on mathematics. This, HP representatives write, helps them subsequently teach future programmers.
- In the DPRK’s cyber-army, at least two units.
Hackers from the DPRK organized more successful cyberattacks on the digital infrastructure of the US military than crackers from China and Russia. To combat external enemies, the leadership of the DPRK at the beginning of the zero created several special groups of hackers – “Division 121” and “Laboratory 110”. According to some reports, they can work over a thousand people. They are trained in China and Russia, as well as in Iran – two years ago Pyongyang signed a cooperation agreement with Tehran to defeat “common enemies in cyberspace”.
- Some of the DPRK hackers work in an expensive Chinese hotel.
In 2004, one of the deserters from North Korea reported that most of the hackers are working in an expensive hotel in the Chinese city of Shenyang, which is a few hours’ drive from the border between the countries.
It is interesting that the hackers did not spread the Interview to the Internet.
- Hackers from North Korea like to attack on holidays.
Often, attacks on cyber-DPRK attacks occur on days of important events. For example, last year’s attack on South Korea during the operation “Dark Seoul” occurred on the anniversary of the beginning of the Korean War. On July 4, 2009, on the US Independence Day, supposedly North Korean hackers tried to hack into several US government websites.
- Hackers from the DPRK love video games.
Several years ago, South Korean authorities arrested several people, which unfairly added virtual goods in the popular online game Lineage, which were then sold for real money. The whole operation was allegedly sorped by the authorities of the DPRK, who received their share. Hackers from the DPRK also infested computers of players in online video games, and then used them to organize DDoS attacks.
Even if hackers from North Korea are not involved in the attack, it’s still a victory for Kim Jong-Un. DPRK hackers may have a motive (albeit a little strange), but their participation in the attack on Sony has not been proven yet. However, this is in any case a victory for Kim Jong-un and his comrades-in-arms.
- “Even if North Korea is not to blame, what has happened is working on the image of the country that ruthlessly avenges anyone who taunts the great leader,” says Leonid Petrov of the Australian National University.