Category Archives: China

Shadow Hackers Attacking America, No Identity

Posted on by

If the whole truth bubbled to the surface on just how deep, far and wide cyber attacks hit America, they would truly be the most significant threats known to the West. Hackers hit targets in America so often daily that they cannot be measured for frequency or damage, but expert estimates are known and not revealed.

When it comes to the recent Sony hack and that of Xbox and PlayStation, black-hat types are brought in to investigate and opinions are set in motion. Even with all the attention paid to Sony, to date a culprit has not been fingered and certainly no punishment is forthcoming.

So, was the Sony hack really performed by North Korea? Was it at the hands of China as a proxy? Heck was it Russia or Iran? Was it an inside job working in collusion with both domestic and foreign entities? No one really knows or there is a refusal to explain. This is a major problem itself as blame may be misplaced for the sake of fouled diplomacy, fear of future retributions or the possibility of wide-spread panic across the country.

POLITICO Pro

FBI briefed on alternate Sony hack theory

By

FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator another example of the continuing whodunit blame game around the devastating attack.

Even the unprecedented decision to release details of an ongoing FBI investigation and President Barack Obama publicly blaming the hermit authoritarian regime hasn’t quieted a chorus of well-qualified skeptics who say the evidence just doesn’t add up.

Researchers from the cyber intelligence company Norse have said their own investigation into the data on the Sony attack doesn’t point to North Korea at all and instead indicates some combination of a disgruntled employee and hackers for piracy groups is at fault.

The FBI says it is standing by its conclusions, but the security community says they’ve been open and receptive to help from the private sector throughout the Sony investigation.

Norse, one of the world’s leading cyber intelligence firms, has been researching the hack since it was made public just before Thanksgiving.

Norse’s senior vice president of market development said that just the quickness of the FBI’s conclusion that North Korea was responsible was a red flag.

“When the FBI made the announcement so soon after the initial hack was unveiled, everyone in the [cyber] intelligence community kind of raised their eyebrows at it, because it’s really hard to pin this on anyone within days of the attack,” Kurt Stammberger said in an interview as his company briefed FBI investigators Monday afternoon.   More here.

Senator Lindsey Graham says it is China working in cadence with North Korea that hacked Sony.

Washington (CNN) — Sen. Lindsey Graham hinted at China’s involvement in the North Korean cyberattack on Sony Pictures and called for additional U.S. action against North Korea to make the hermit kingdom “feel the pain that is due.”

“I can’t imagine anything this massive happening in North Korea without China being involved or at least knowing about it,” Graham, a Republican from South Carolina, told CNN’s Dana Bash on “State of the Union.”

Graham called for more sanctions against the regime and said President Barack Obama should put North Korea back on the list of state sponsors of terrorism, something Obama is currently reviewing.

Russia is offering assistance to DPRK on the blame and it could be to determine the effectiveness or to hide evidence.

MOSCOW – Russia on Thursday offered sympathy to DPRK amid the Sony hacking scandal, saying the movie that sparked the dispute was so scandalous that Pyongyang’s anger was “quite understandable.”

Washington failed to offer any proof to back its claims of Pyongyang’s involvement in the hacking, Russian Foreign Ministry spokesman Alexander Lukashevich said at a briefing, adding that the US threats of retaliation were “counterproductive.”

The US has blamed Pyongyang for the recent cyberattack on Sony Pictures, which produced “The Interview,” a comedy depicting the assassination of DPRK leader Kim Jong-un. Pyongyang has denied a role in the hacking, but also praised it as a “righteous deed.”

In summary, it appears we are not going to know officially with tangible evidence, proof or even assurance, which is to say, each person and corporation must fend for themselves.

 

CyberWar on America Costs Close to a $Trillion

Posted on by

It is not just North Korea, the cyber warriors are also in Ukraine, China, Syria, Russian and Iran. America has some defenses, but normal users and the business industry has few robust and intolerant choices against cyber attacks.

We need to challenge Congress to declare cyber attacks as an act of war given the heavy costs to theft, risk and attacks on harden targets including the power grid systems, transportation, food, banks, water, yet most of all intelligence and military secrets.

The most recent attack on Sony intranet system is pointing to North Korea as having the cyber-soldiers and that brigade is called Unit 121.

Defense News: Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.
The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn’t come as a surprise to anyone, but North Koreas intense effort stands out among the top ten nations developing cyber weapons.
Unit 121 Capabilities Assessment:
Force Size: Originally 1,000 — Current Estimate:17,000
Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Koreas military budget is estimated to be the 25th largest in the world.
Goal: To increase their military standing by advancing their asymmetric and cyber warfare.
Ambition: To dominate their enemys information infrastructure, create social unrest and inflict monetary damage.
Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.
Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.
Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.
Capabilities
Cyber Intelligence/Espionage: Basic to moderately advanced
weapons with significant ongoing development into cyber intelligence.
Offensive Cyber Weapons: Moderately advanced distributed
denial of service (DDoS) capabilities with moderate virus and malicious code capabilities.
North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.
In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.
For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.
The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.
Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.

North Korea’s Elite Hackers Who Live Like Stars In Luxury Hotel 

Unit 121 is known to have two distinct functions: to carry out disruptive attacks against systems primarily in the United States and South Korea, both for purposes of sabotage and intelligence gathering, and to defend North Korea from incoming cyber attacks.

North Korea, however, has very little internet infrastructure, which analysts say actually gives the country an advantage. While North Korea can launch massive attacks against the West — the Sony attack being just the latest — outside nations can do little to damage North Korea’s own internal digital systems because they largely don’t exist.

Inside North Korea, use of the internet is strictly limited to government approved personnel. Ordinary citizens may utilize only an intranet run by Kim Jong Un regime, which allows access to government approved sites and state-operated media, but no access to what the rest of the world knows as the internet and the World Wide Web.

Instead, according to a report prepared in 2009 by a U.S. military intelligence analyst, Steve Sin, the Unit 121 hackers operate mostly from the luxurious Chilbosan in Shenyang, China, pictured below, a facility with amenities that would be unknown to all but the top level government elites inside North Korea, an impoverished country racked by famine.

The hotel is located in a military-controlled region of China just three hours from the border with North Korea. The central headquarters of Unit 121 is located in Pyongyang, in a district called Moonshin-dong, near the Taedong River

In fact, by North Korean standards, the cyber hackers of Unit 121 (also referred to as “Bureau 121″) are treated like superstars, afforded high-class lifestyles inconceivable to the vast majority of North Korean citizens.

In addition to Sin’s report, the Hewlett-Packard corporation conducted its own investigation into the threat posed by Unit 121 — which was created in 1998 and operates with a budget of more than $6 billion. Much of the information known about the highly-secretive unit comes from those reports, and from North Korean defectors who have passed information to U.S. and South Korean intelligence.

According to those accounts, the hackers who comprise the unit are the cream of North Korea’s academic crop in math and computer science, hand-picked from high schools around the country, who are then sent to study at Keumseong, the top high school in the North Korea capital of Pyongyang.

From there, the candidates who pass a rigorous series of tests and trials are sent to study at top universities — and then sent to Russia and China for an additional year of specialized training in computer hacking and cyberwar techniques.

Unit 121 is believed responsible for an attack on 30,000 computers inside South Korean banks and media companies in 2013, an attack that security experts say bore strong similarities to the Sony hack.

Against South Korea, North Korea allegedly has already carried out a series of disruptive and destructive operations in the past few years. Discounting previous distributed denial-of-service (DDoS) attacks on websites, the first major cyber-attack attributed to North Korea was on April 12, 2011, which paralyzed online banking and credit card services of Nonghyup Agricultural Bank for its 30 million customers. This is the first instance where North Korea used a disc wiping tool. While its ATMs were fixed within a couple days, some of the online services had taken more than two weeks to return to normal operating status, with 273 out of 587 servers destroyed. The second incident occurred in March 20, 2013, which used similar but improved tactics from April 2011. It was timed to simultaneously target multiple banks and broadcasting agencies with disc wiping tools and was preceded by an extensive advanced persistent threat campaign. The scale of the March 20 attack demonstrated that North Korea has at least one dedicated, permanent cyber unit directed against carefully selected targets and that they have the means to penetrate, exploit, and disrupt target systems and networks with sufficient secrecy.

Know Someone That Went Missing? Check North Korea

Posted on by

The decision by a U.N. General Assembly committee to condemn North Korea for crimes against humanity this week is historic. It could well lead to North Korean leaders facing trial at the International Criminal Court (ICC), forcing them to confront the numerous accusations made against their isolated regime.

There is still a long way to go, however. The resolution must pass the Security Council, where Russia and China — two important allies of North Korea — hold veto power. Also, the ICC itself has struggled with problems of legitimacy since it was established in 2002 to prosecute war crimes.

Even so, North Korea seems worried, and after Tuesday’s decision it offered a belligerent warning that it would conduct further nuclear tests. The reaction reflects a broader trend: In the past few months, the country has used crude insults and a curious charm offensive to try to deflect the U.N. criticism of its human rights offenses. At one point, it even released a list of the alleged U.S. human rights abuses, in a clear moment of “Whataboutism.”

***

It gets worse:

Inside the Ring: North Korean document alleges Kim role in kidnapping program to create spies

By Bill Gertz

A secret North Korean document obtained by Western intelligence states the late dictator Kim Jong-Il conceived and directed a program to kidnap foreigners and bring them back to his communist country to force them to become spies against their home countries, The Washington Times has learned.

Diplomatic sources familiar with the discovery, who spoke only on condition of anonymity, said the recently obtained document for the first time provides details on how and why Kim, who died in 2012, directed a covert spy unit in the 1970s called the Investigation Department that kidnapped foreign nationals and brought them to North Korea.

The Investigative Department, part of the ruling communist Korean Workers Party Central Committee, carried out several dozen selective kidnappings and used the abducted foreigners for training its intelligence operatives, and to be dispatched overseas in foreign spy operations and propaganda activities, including film production, the document indicates.

The document, believed to have been produced within the past several years as part of a historical archive, is regarded by authorities as a classified North Korean government report, the sources said.

It is considered authoritative because of its origin and the importance within the North Korean system of precisely recording the words of supreme leaders, they added.

One source familiar with the document said there are no indications the report is a forgery.

According to translated portions obtained by Inside the Ring, Kim met with the chief of the Investigation Department, which is known by its Korean acronym “Josabu,” on Sept. 29, 1977, and Oct. 7, 1977. During the meeting he spelled out plans to use people from overseas in intelligence work.

Kim, who was succeeded in power by his son Kim Jong Un, told the intelligence chief and a group of party officials that forcibly training foreign nationals in their 20s for five to seven years in North Korea would produce valuable intelligence agents who would be useful until the age of 60, the document stated.

He then ordered spy teams dispatched to Southeast Asia, the Middle East, and Eastern Europe to secretly lure young men and women into supporting the regime. A special focus was placed on targeting attractive women.

Kim stated that targets of those brought to North Korea should include people who were loners or orphans. The abductions were to be carried out secretly using methods that could not be traced to Pyongyang’s agents, according to the document.

Among those kidnapped by the North Koreans after the 1977 orders was 13-year-old Japanese schoolgirl Megumi Yakota, who disappeared from Japan in 1977. She was taken to North Korea where she spent the rest of her life in captivity, and, according to the North Korean government, eventually died in the communist state.

On Aug. 25, 1977, Kim then ordered the Investigation Department to set up a covert Hong Kong unit devoted to inviting South Korean film actresses and the offspring of high-ranking South Korean officials to visit Hong Kong, the document states.

The objective of the covert group was to befriend selected people as targets and use them to obtain invitations to South Korea, where North Korean agents could produce films under cover.

That appears to be the motive behind the kidnapping in 1978 of South Korean actress Choi Eun-hee and her director husband Shin Sang-ok. The couple was taken to North Korea where it was hoped they would help the regime produce propaganda films. They escaped in 1986 during a visit to Vienna.

In October 1978, according to the document, Kim ordered his intelligence operatives to persuade the abducted foreign nationals to settle in North Korea. The Investigative Department arranged for the abductees to live in special guest houses where it was hoped they would reside comfortably, in contrast to the harsh living conditions faced by most North Koreans.

The kidnappings have long been known, but Kim’s role in the program has been unclear.

On Sept. 17, 2002, after then-Japanese Prime Minister Junichiro Koizumi met Kim in Pyongyang, the North Korean leader admitted that his intelligence services has carried out the abduction of 11 Japanese. The admission and apology was part of a bid to obtain Japanese aid.

But according to North Korea’s official statement at the time, Pyongyang asserted the kidnappings were carried out without Kim’s knowledge or approval.

The recently-obtained document contradicts that statement.

Ambassador Jang Il Hun, deputy chief of North Korea’s mission to the United Nations, denied the late leader was involved in the kidnapping operations.

“The abduction of Japanese nationals in 1970s was an act of individual heroism conducted by some people in the intelligence community who sought fame and reputation by such acts,” Mr. Jang told Inside the Ring.

Mr. Jang said the rogue operatives were motivated by “indignation” over Japan’s refusal to apologize for abuses during Tokyo’s rule over the Korean peninsula in the early 1900s.

“In no way was the government of the DPRK involved in the abduction case, to say nothing of our respected Supreme Leader Chairman Kim Jong Il,” he said in a statement, using the acronym for North Korea’s official name, the Democratic People’s Republic of Korea. “This is the truth.”

Mr. Jang added that “we had so many Koreans who were repatriated from Japan, there was no need for our government to use the Japanese nationals for any government purpose.”

The total number of foreigners abducted during the intelligence operations of the 1970s and 1980s is not known but has been estimated to be several dozen people. They included nationals from China, Malaysia, Lebanon, France and Italy, in addition to those from Japan and South Korea.

In Japan, the government has elevated the issue of resolving past cases of at least 17 missing Japanese to a national priority.

Talks between Japanese and North Korean officials on the issue were held in October, and Japan earlier agreed to lift some sanctions on Pyongyang if the regime fully investigates outstanding cases of the missing nationals.

Bruce Bechtol, a North Korea specialist formerly with the Defense Intelligence Agency, said he doubts the North will investigate the cases of the missing.

“The whole idea of an ‘investigation’ is a sham,” Mr. Bechtol, a professor at Angelo State University, said in an email.

“The North Koreans obviously kidnapped several Japanese nationals,” he said. “Now I believe the debate in the North Korean ruling infrastructure will be whether or not to execute them and send the remains back, or to simply send those who are still alive back. Of course, all of this will depend on how much money the Japanese government offers to the government of the DPRK.”

Disclosures in the document bolsters the findings of a United Nations human rights report based on testimony of defectors and issued in February. The U.N. report found widespread “crimes against humanity” committed by the North Korean regime, including abductions linked to the country’s supreme leader.

North Korea “used its land, naval and intelligence forces to conduct abductions and arrests,” the report said. “Operations were approved at the level of the supreme leader. The vast majority of victims were forcibly disappeared to gain labor and other skills for the state.”

The issue of North Korea’s human rights abuses was discussed in a letter signed by 10 nations’ representatives on the 15-member U.N. Security Council last week. The letter urged the council to include the issue on its agenda. China and Russia in the past have vetoed measures for council meetings that were opposed by North Korea.

The U.N. General Assembly will vote later this month on a resolution that calls for referring North Korea to the International Criminal Court over the rights abuses.

Further evidence of North Korean interest in western films also surfaced recently. Hackers using techniques linked to North Korean cyberattacks on South Korea hacked Sony Pictures networks and stole large amounts of data, Reuters reported last week.

The cyberattack was carried out Nov. 24 and came one month before the release of Sony’s film “The Interview,” a comedy that has two American journalists tasked by the CIA to kill current leader Kim Jong Un. North Korea has said release of the film would be an “act of war.”

 

 

 

 

Behind Obama’s Executive Order on Immigration

Posted on by

Some key items are coming to the surface with regard to the executive order on immigration. Preferential treatment of chosen classes and conditions are targets of the White House while others are going to pay monetarily.

But off script, Obama admitted this past week that he DID change the law on immigration.

Fast forward to Tuesday, when Obama was speaking on immigration reform to a group in Chicago. When protesters began yelling at Obama to stop all deportations, the president became frustrated and answered: “There have been significant numbers of deportations. That’s true. But what you’re not paying attention to is the fact that I just took action to change the law.”

 

Rather than employing U.S. citizens that already have high tech skills and work history or rather than training U.S. citizens for employment in the technology sector, the White House has chosen foreigners to first priority.

Opportunities for Tech Workers, Firms in Obama’s Immigration Order

With Washington and much of the country abuzz about the politics and legality of President Barack Obamas executive order on immigration, it is useful to recognize the economic benefits of certain overlooked features of that order–things that, to a modest degree, enhance work opportunities for skilled immigrants.

For example, as immigration expert Vivek Wadhwa has highlighted, the president’s order makes the temporary (six-year) H-1B visa for technical workers portable.

H-1B visas, currently capped at 65,000 per year, are loved by the tech industry, and why not? They give employers market power over visa holders. Making it easier for these skilled immigrants to move to other employers benefits not only them but potentially many new or young companies in need of tech talent. While “coding academies” are springing up around the U.S. to train Americans of all ages on software coding, the tech market could still use a lot more talent, even if some of it comes from abroad.

The president’s order also could allow as many as 10,000 additional immigrant entrepreneurs to remain in the U.S. This step is significant in light of evidence compiled by Mr. Wadwha and his research colleagues that immigrants punch well above their weight in forming successful tech companies: They accounted for 25% of successful tech enterprises from 1995 to 2005, almost double the share of the U.S. population born elsewhere (13%). These successful immigrant-founded companies generate jobs for native-born Americans and are clearly a win for the U.S. economy.  Read more here.

But it gets worse. There is a money component, and collusion enters the White House plan.
Hiring Illegal Immigrants Will Earn Businesses $3,000 Per Employee Under President’s Plan 

Hiring illegal immigrants used to come with a hefty punishment if a business owner was found out, but now under President Obama’s plan announced through executive action last week, job creators will be rewarded.

The president’s call to offer undocumented workers a path to citizenship will come with a $3,000 per employee financial incentive to any business that wants to hire these workers.

Fox News points out that because of a “kink” in the Affordable Care Act (aka Obamacare), “businesses will not face a penalty for not providing illegal immigrants health care.” Furthermore, these workers will not be eligible for public benefits “such as buying insurance on ObamaCare’s health exchanges.”

“If it is true that the president’s actions give employers a $3,000 incentive to hire those who came here illegally, he has added insult to injury,” Rep. Lamar Smith, a Texas Republican, commented to The Washington Times. “The president’s actions would have just moved those who came here illegally to the front of the line, ahead of unemployed and underemployed Americans.”

President Obama doesn’t believe that bringing undocumented workers into the workforce is a bad thing, as he stated in recent comments on the executive action.

“Immigrants are good for the economy. We keep on hearing that they’re bad, but a report by my Council of Economic Advisers put out last week shows how the actions we’re taking will grow our economy for everybody,” he said.

John Husing, chief economist for the Inland Empire Economic Partnership in California, one of the most immigrant-heavy states in the nation, agreed that President Obama’s plan was a good thing in comments to the Pasadena Star News.

“Most of those people are probably already working anyway,” Husing said. “And when you talk to any demographer they will tell you that one of the biggest problems we have as a society is that our labor force is getting very old. Most of the undocumented people who are here tend to be younger and they would add to the available workforce in the age group that employers need.”

In the same publication, California Republican assemblyman Tim Donnelly disagreed.

“If you introduce 5 million individuals into the labor force — and I think that’s a really low figure — it will have a dramatic impact on those who are already seeking work…. It will especially have an effect on people who are working at lower income levels where any change in the labor market has the effect of lowering wages. This could depress wages. That’s a real concern.”

What do you think about giving employers financial incentives to hire illegal immigrants — good move, or will it depress the job hunt for native workers?

 

 

 

Iran ‘Richer’ Today Due to John Kerry

Posted on by

The legacy of the Obama administration will not be Obamacare, it will not be amnesty, it will be eliminating America’s enemies and Iran has become the closest ally to the U.S. State Department under the edict of the White House with John Kerry leading the charge.

Obama wrote a letter to the Mullahs back in 2008 as he became the presidential nominee. The letters to the Ayatollahs continued and open talks have continued such that John Kerry led the charge to move the needle to stop the Iranian nuclear weapons program. The expiration date for the agreement was today and they failed. The talks have now officially been extended another 7 months.

Iran is a state sponsor of terror and has been an avowed enemy of the United States going back to the late 70’s but John Kerry has dismissed all the history. A deal with Iran or no deal with Iran on their nuclear weapons program is bad news either way….the point is the program needs to be destroyed, there is and never was a peaceful nuclear program.

Each day that passes, Iran’s centrifuges continue to spin putting a nuclear warhead only months away. Iran does have everything to hide and to lie about such that Iran refuses the International Atomic Energy Agency access for inspections which has been agreed to and performed in the past and often.

There is a nuclear arms race in the Middle East and not only is Israel in jeopardy with its virtual existence but Saudi Arabia is also.

The story gets worse however as additional sanctions against Iran have been lifted. Some early sanctions were lifted just to get Iran to the negotiation table, and indeed since many months have passed with no resolution, additional sanctions were lifted by John Kerry to keep Iran at the table for the next 7 months.

Iran’s economy has been slipping from stability for a very long time due to effective sanctions, but their economy has received huge positive money shots due to lifted sanctions but now it gets better for them as additional sanctions will provide Iran with an economic income of seized monies up to $700 million a month. Iran has been rewarded for bad behavior and for stonewalling talks, hence John Kerry is either being a naïve dupe or a willing participant in allowing Iran’s to thrive.

Now the question is what will occur during the 7 months of extended talks? Could Saudi Arabia get involved to stop the enrichment? Will Israel be drafting war plans? Will John Kerry continue on a fool’s errand during the next 7 months to keep the talks viable and will they ultimately fail then?

Congress has been purposely left out of the loop of the talks yet they are in fact aware of some conditions. This is a time they will use once the 114th Congress is seated in January to stop the madness, pass additional irrevocable sanctions and the division in Congress and the State Department will continue.

All sides have been working from a thin ‘framework‘ such that Iran had little to do for compliance and now Iran is asking for a secondary framework to be developed.

It is going to be difficult in coming months due to continued military sequestration, the expanding footprint in Afghanistan, the expanding footprint in Iraq, a new Congress and then immigration. 2015 will not start off well.

Question is who is gonna notice and be proactive?