North Korea Cyber Scape Goat of the World

North Korean Cyber War

Never before have so many misrepresented so much about so little…

In all my years in the security industry I do not believe I have read more misinformation than the nonsense surrounding the recent DDoS attacks. Apparently North Korea is waging Cyber Warfare, or if not an actual all out cyberwar they are behind a targeted “cyber attack”.

Let’s look at what we know…

  • Multiple US and South Korean websites fell victim to sustained distributed denial of service attacks (happens all the time)
  • The DDoS attack used tens of thousands of compromised hosts (I have seen bigger)
  • The compromised hosts appear to have been infected using well known and easily shielded against malware (What else is new?)
  • The organizations that were impacted and had taken proper measures to defend against a DDoS were not materially impacted (At least someone was thinking ahead)

This is just business as usual on the Internet – nothing to see here folks – these DDoS attacks could have been just as easily launched by an awkward prepubescent child with about 2 years of computer experience as they could have come from a coordinated, state-sponsored, North Korean attempt to test our defenses.

Just so we are clear this is no more Cyber Warfare than me running to the Mexican border and throwing 10,000 apple pies at the Mexican Federales is a coordinated US invasion of Mexico.

Of course crazy trumps logic and media attention always gravitates towards crazy as the last week has shown us that the recent North Korean “Cyber attacks” are the yellow cake uranium of 2009

Rep. Peter Hoekstra (here) the lead Republican on the House Intelligence Committee wanted to show that you didn’t have to actually be intelligent to be a member of the House Intelligence Committee, in fact I think it is generally frowned upon.

A key Republican lawmaker on Thursday urged President Obama to launch a cyber attack against North Korea, or increase international sanctions against the communist country, in the wake of an unknown hacker’s denial-of-service attacks on U.S. and South Korean websites.

Hoekstra, speaking on the conservative America’s Morning News radio show, produced by the Washington Times newspaper, said that “some of the best people in America” had been investigating the attacks and concluded that most likely “all the fingers” point to North Korea as the culprit.

He added that North Korea needed to be “sent a strong message.”

Really? Seriously? you want us to attack a sovereign country run by a madman with nukes because you think they may have possibly been involved with causing some disruption to some externally facing websites, the Bush administration must have loved you Pete – what a douche!

Pete wasn’t alone though, Michael Malone felt that he needed to bring a little bit of that Rush Limbaugh style of calm, introspective and open minded analysis to the debate (here)

At what point do we decide that such assaults on our sovereignty, our institutions and our fellow citizens are unacceptable? When do we get out of our defensive crouch and actively go after governments that are attacking us through cyberspace? Will it be after a Web Pearl Harbor catches us by surprise and crashes our financial markets — or kills thousands of people trapped in computer-controlled transportation systems run amok, or in a darkened city trapped in a blizzard or heat wave, or babies in microprocessor controlled incubators?

And long before then, why can’t we respond to such an attack by a foreign government not with bombs or missiles, but by crashing that country’s digital infrastructure? The worm turns, so to speak.

There is absolutely no proof that North Korea has done anything, and even if there were “proof” it’s validity would need to be scrutinized, but damn it “Cyberwar” is just about the sexiest thing to happen to computing since computing went mainstream and come hell or high water this event needs to be milked for all it’s worth. Anything is better than having to listen to yet another explanation about what cloud-computing is and isn’t.

In the mid-80s a made-for TV movie was released called “The Day After”, it was a dramatic, graphic and rather disturbing look at the effects of a nuclear attack on a Midwestern town in the heartland of the US. I propose a remake of this classic film but instead of a nuclear strike the inhabitants of a small Midwestern town must undergo the horrors of a full out Cyber attack.

Imagine a world with no goth porn, no LOLcatz, no fail blog, no email, no twitter, no you tube, no nothing…faced with the demise of all things digital the residents cope with the horror of learning to read the newspaper, shop at a brick and mortar and worst of all talk to each other face to face. It is chilling to think about and hopefully will serve as a stark reminder of the precarious situation we find ourselves in today.

Advertisements

12 thoughts on “North Korea Cyber Scape Goat of the World

  1. Amrit,

    Great post… But, given that these are the folks who still justify the war in Iraq because “Saddam was involved in 9/11” even after that been conclusively proved false, are you surprised?

    Seriously, some folks in DC are going to grasp any possible straw to avoid dealing the the problems at hand. These people are to be avoided at all costs.

    Otherwise, we might end up having to attack, oh – I don’t know, Andorra…

  2. @Armorguy

    a little dismayed, a touch concerned, perhaps even ambivalent about our future, but not surprised =)

    btw – everyone knows that Andorra is a tax haven and money laundering center for international terrorists, cybercriminals and North Korea’s Cyber War machine. We must bomb them now!

  3. RE:There is absolutely no proof that North Korea has done anything, and even if there were “proof” it’s validity would need to be scrutinized

    Really? No proof? Did “they” tell you that? Do you have the proof there is no proof?

  4. @Ben

    Yes. I called Kim Jong Il whose number was provided to me at a Hip Hop pool party thrown by Ahmadinejad. It was pretty awesome, we ate “French” Fries dipped in Harissa and sat around hating freedom, listening to NPR and watching the Best of Al Franken on SNL.

  5. @Ben

    No unfortunately he wasn’t invited, but Rupert Murdoch was there along with Sean Hannity and Bill O’Reilly – apparently they have done more to draw attention to North Korea and Iran than almost anybody and many wanted to thank them personally

  6. Hey Amrit, long time

    Great post – you are 100% right.

    Even Brian Chess, who I respect a lot, said “This was an old-school, blunt instrument kind of attack. It looks like everything else North Korea does,” he said. “They’re trying to promote their agenda not just with missiles, but in cyberspace.”

    What ARE the signs of a North Korean cyber attack? Since as far as I know, there has been none before, pointing the finger at North Korea – there is no evidence supporting that.

    There is a conflict going on in Washington over cyber-security and budgets and control. It could just as easily be a US intelligence agency.

    Or it could be a country or group that would benefit from a Korean conflict, and is performing a False Flag operation.

    Expect to see a lot more of this in the future. Expect blame to be pointed fast, but the facts to be murky.

    The threat of future attacks is great, but this attack is not significant in terms of scope or impact.

    If a few government websites aren’t reachable for a few days, I have the feeling that life will go on.

    I blogged on this topic last week

    http://www.quietmove.com/2009/07/cyber-warfare-trends-for-2010-network-attacks-are-the-21st-centurys-longbow/

  7. Hey Adam,

    Good points!

    One of the more troubling aspects of those that advocate an offensive response or for us to target in retaliation is that it is so difficult to prove one way or the other so the evidence would most likely be circumstantial. It would be very easy for one party to implicate another for their own benefit, or for a Cyber confrontation to escalate to kinetic weapons – both terrible outcomes if we proceed without caution.

  8. Pingback: Security Briefing – July 16th : Liquidmatrix Security Digest

  9. Thanks Amrit, for pointing out the prevalence of knuckleheads in the regime that proved the existence of WMDs which were used as the excuse to invade Iraq and whose use by date has long passed. (And this does not mean that Saddam

    Complicit is the media that gives coverage to these inane utterings as though they have credibility.

    Its good to have people who know what they are talking about.

  10. Pingback: Top 10 Most Overhyped Technology Terms « Amrit Williams Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s