back to article NORK spy agency blamed for Bangladesh cyberheist, Sony Pictures hack

A fresh analysis, from a slightly different perspective, once again fingered North Korea as the likely culprit behind hacks against Sony Pictures and the $81m heist from an account held by the Central Bank of Bangladesh. Moscow-based threat intelligence firm Group-IB has "no doubt" that Lazarus Group – a cybergang that …

  1. Your alien overlord - fear me
    Facepalm

    I was a Nork spy agency. Until the police caught me and said I was just a peeping tom :-)

  2. Anonymous Coward
    Anonymous Coward

    Still not convinced

    Looking at NK, I see one of the most impoverished, isolated, misgoverned shitholes on the planet. Why would a nation so benighted, so technologically weak, be at the forefront of cyber espionage and theft?

    Poor though is, it still has a GDP of about $13bn, so stealing $81m isn't really going to keep it rolling for long. And as for the espionage - so what? The value of intelligence depends on what you can do with it. Bunged up in a barrel, I'd wager there's little that the Norks can do. Now, when things concern South Korea, things are different, but that's got little to do with crapping on Sony, or stealing from Bangladesh.

    Hopefully Fat Boy Kim will choke on his quadruple hamburger and ultra large fires tomorrow (or anytime really), but I can't see the fat twat masterminding a cyberwar scheme that's kept the major power's guessing for years.

    1. frank ly

      Re: Still not convinced

      You don't need a world class technological infrastructure to become good at 'coding' and doing cyber-espionage/theft. You need people who are motivated to learn, to spend long hours learning and practicing and working as part of a team. I'm sure it's very easy to motivate people in North Korea.

      P.S. They've developed ICBMs and are on their way to having reliable nukes so they can do the hard stuff.

      1. Anonymous Coward
        Anonymous Coward

        Re: Still not convinced

        You don't need a world class technological infrastructure to become good at 'coding' and doing cyber-espionage/theft.

        I think you're missing my point. It isn't that they can't do it, rather that that there's so little benefit for the obvious risk and very high opportunity cost. If I were a comedy fat, evil dictator who executed people with flamethrowers and anti-aircraft guns, I'd want a better pay off than leaking a bit of internal data from some toss-pot movie studio; Wouldn't you?

        1. Mark 85 Silver badge

          Re: Still not convinced

          Up to a point, you are correct. He is a typical megalomaniac though so things of this sort can't be put past him and his regime. Consider his total power and how he's (according to news results) constantly guiding his people via personal appearances at missile launches, factory operation, etc. He knows all. This is just another piece of the mythological power of his persona.

          Then again, this behavior is exhibited by, for all intents and purposes, all leaders of all countries. The world has become a scary place with these folks in charge.

        2. allthecoolshortnamesweretaken

          Re: Still not convinced

          "If I were a comedy fat, evil dictator who executed people with flamethrowers and anti-aircraft guns, I'd want a better pay off than leaking a bit of internal data from some toss-pot movie studio; Wouldn't you?"

          If was predominantly rational then probably yes.

          However, if I was a spoiled kid who has grown up into an insecure, unstable, paranoid megalomaniac, used to having it my way, and enjoying being the centrepiece of a personality cult that presents me constantly as a never erring demigod... and then someone insults me by making a satirical movie about me and my country - guess how rational my recation would be.

          1. MrDamage

            Re: Still not convinced

            > "guess how rational my recation would be."

            Would it be a musical lament about you being ronery?

        3. Cuddles Silver badge

          Re: Still not convinced

          "there's so little benefit for the obvious risk and very high opportunity cost."

          What risk? They're already international pariahs under crippling economic and diplomatic sanctions and they spend most of their time* trying to find new ways to piss off the international community, including their sole ally and virtually exclusive trading partner. When you keep setting off nuclear bombs while shouting to the world that you'll start launching them at people any minute now, how exactly is hacking a few banks to steal a few million dollars going to make things worse? "These guys just exploded another nuclear bomb, sank a ship killing several Korean sailors in the process, and kidnapped a couple more American citizens, but now they've hacked a film company so they're really in trouble!"

          *They being the people at the top of course; most of the population are too busy trying not to starve to worry about international politics.

          1. Alan Brown Silver badge

            Re: Still not convinced

            "When you keep setting off nuclear bombs while shouting to the world that you'll start launching them at people any minute now, how exactly is hacking a few banks to steal a few million dollars going to make things worse?"

            The one is theatre (if the norks were to launch a nuke outside their own borders, they'd find Chinese and Russian nukes parked in their front yard as well as american ones.)

            It distracts from what they're actually doing - amongst other things, the world's most sophisticated currency counterfeiting operations, massive levels of methamphetamine exports, various other gangster activities. This cyber-ops stuff is just branching out.

            The general concensus is that China "tolerate" the Norks - and not because of the USA being in Seoul (if the Koreas are united, the UN mandate expires and USA troops get to go home) or because S.Korea is wealthy. The _real_ risk is 20-something million starving people heading north looking for food, which is something that noone's equipped to handle.(*)

            Bear in mind that North Korea is a creation of Stalin, not Mao and that Russia has historically been the Norks' largest trading partners.

            (*) It's arguable that if the chinese high speed rail network was built into Shenyang "just so", then it could be used as a logistical jumping off point to ensure not only that food and medical supplies can be gotten to the border rapidly, but that refugees can be moved away from the area to better-equipped locations too. That's somewhere in the future though. If the chinese do it in a blatently obvious fashion before other expansion is done then the Norks might get nervous and start throwing a hissy-fit. As it stands the lines running close to the border are all low speed ones.

      2. John Ko

        Re: Still not convinced

        They have BM, *not* ICBM. Big difference.

        Media loves glossing over the details and pointing fingers to anyone who can't defend themselves.

        P.S. Are you still looking for WMD in Iraq?

        1. Yet Another Anonymous coward Silver badge

          Re: Still not convinced

          Britain is safe though.

          One of the excuses for upgrading Fylingdales 20years ago (violating a bunch of ABM treaties) was that it would protect Britain and her allies from Iranian and N Korean missiles.

          So we can prevent any ICBMs that decide to fly from N Korea via Russia and head over Harrogate on their way to Washington - somehow

    2. This post has been deleted by its author

    3. Florida1920

      Re: Still not convinced

      Hopefully Fat Boy Kim will choke on his quadruple hamburger and ultra large fires

      If he keeps messing with other countries' finances, he may indeed be choking on ultra-large fires. The U.S. is not the only threat to his continued existence.

    4. Yet Another Anonymous coward Silver badge

      Re: Still not convinced

      This was a sophisticated targeted cyber-attack it could only have been launched by a sophisticated state level actor like North Korea.

      This was a crude script-kiddie attack which would likely have been launched by a poor backward country like North Korea

      (delete as applicable)

    5. wildpark

      Re: Still not convinced

      The original Bangladesh hack was looking at a $1 billion payout; had that succeeded, they'd have got a significant % of their GDP in one go.

  3. Paul Crawford Silver badge

    Hmm, so Russian researchers conclude "To mask malicious activity, the hackers used a three-layer C&C infrastructure and pretended to be Russians.” No possible conflict of interest here, move along now...

  4. Anonymous Coward
    Facepalm

    Who's going to protect us from the North Korean boogeyman

    Why would a Moscow-based group be corroborating the FBI, what was the quid-pro-quo. Is this fiction designed to distract from the true source of the hack. I mean can it be a coincidence that NORK is Uncle Sams current bogeyman.

    What 'complex botnet infrastructure'. The initial Sony hack occurred at a hotel in Thailand where a Sony executive was staying, presumably to engage in personal negotiations with the locals. Little or no security applied internally on the Sony network, an unwillingness to spend money on quality technical staff and the chief IT techie, being technically illiterate who only got the job because he was good at office politics.

    It is possible that there are more than one player involved in the Sony Hacks and for differing motives. The Bangladesh hack was done for monetary gain. It beggars credulity that NORK would knock off a bank in Bangladesh and then use the same tools to hack SONY and do this from their own territory and leave Korean text in the malware and .. and .. and for f-sake do they seriously expect us to believe this cyber-BS.

    1. JLV Silver badge

      Re: Who's going to protect us from the North Korean boogeyman

      As I recall, NK has repeatedly gotten caught smuggling heroin & meth using its diplomats. So, claiming that this type of stuff is below them doesn't stand up. And... yes, NK is a bit of a bogeyman with their nukes, innit? Crazy enough to use them in a fit o pique too, unlike almost any other nuke-capable country.

      I find hacking Bengladesh esp reprehensible, considering how poor that country is.

      Here's hoping Fat Boy meets a timely end.

    2. Yet Another Anonymous coward Silver badge

      Re: Who's going to protect us from the North Korean boogeyman

      Unless North Korea is a hoax cooked up by a movie studio

      Nobody has ever been there, the actors playing staring roles never change, half their missile tests have been revealed as photoshop - I think the whole country is done on a back lot at Sony

  5. John Smith 19 Gold badge
    Coat

    So Fat Boy Kim is Fat Boy (cyber) Crim

    We'll see.

  6. Anonymous Coward
    Anonymous Coward

    I'm not sure why people are shocked about NK hacking prowess...

    They (the hackers) are probably highly motivated. It could be patriotism, threats, money, women, etc.

    Let's say it's money.

    If NK let's the hackers keep 25% of what they steal that's a huge amount given currency conversion.

    The hacker criminals are also completely immune from prosecution. No one will ever be extradited from NK...

    If your a poor but bright North Korean this kind of job has to be enormously appealing.

    For the NK government it's a win-win. They get a dedicated group stealing military/corporate/secrets/money etc. and it basically costs them nothing.

    I'm sure they run the operation at an enormous profit. Never assume your enemy is stupid...

  7. Anonymous Coward
    Anonymous Coward

    '....and government subnets in various countries that Group-IB was abusing to run its attacks.'

    Surely you mean Lazarus Group, not Group-IB?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020