SlideShare une entreprise Scribd logo

Into the Black: Explorations in DPRK (Mike Kemp)

Hackfest Communication
Hackfest Communication

North Korea scares people. Allegedly DPRK has a super l33t squad of killer haxor ninjas that regularly engage in hit an run hacks against the Defense department, South Korea, or anyone else who pisses of the Dear Leader. DPRK also has no real Internet infrastructure to speak of (as dictators don't like unrestricted information), although it does have a number of IP blocks (unused?). This talk examines some of the myths about DPRK, and some of their existing and emerging technologies. This talk also examines some of the available infrastructure associated with DPRK (funnily enough some of which is in South Korea and Japan) and explores the potential technical threats posed by a pernicious regime, as well as exposing some of the huge gaps in logic that have led to the world potentially engaging in chicken little syndrome when it comes to DPRK. No 0days will be demonstrated, however this talk will discuss some new information that hasn't yet been made public, and will hopefully call time on the whole 'cyberwar' sideshow. English conference

Technologie
1  sur  71
Into the Black: DPRK Exploration(Or How I Learned to Stop Worrying and Love the Bomb) Michael Kemp
Into the Black: DPRK Exploration / intro Standard Disclaimer The views, opinions and details presented in this resource are solely those of the author, and not of any present or previous employer or organisation. No warranty is inferred or granted. Additionally if I am black bagged, please contact North Korea and see if you can find me (although to be fair they largely stopped that in the eighties)
Into the Black: DPRK Exploration / intro “If there was hope, it must lie in the proles, because only there, in those swarming disregarded masses, eighty-five percent of the population of Oceania, could the force to destroy the Party ever be generated.” George Orwell, ‘1984’ “I am an Internet master” Kim Jong Il, 2007
Into the Black: DPRK Exploration / whoami
Into the Black: DPRK Exploration / about Fear Black holes Super hackers In & Out Relationships Apologies
Into the Black: DPRK Exploration / not about 0day Tech demo Vendor Pitch Fear & Loathing
Into the Black: DPRK Exploration / intro
Into the Black: DPRK Exploration / intro
Into the Black: DPRK Exploration / Inside Out Part the First Wherein an attempt is made to distil the infrastructure technology and relationships of a nation state into thirty slides
Into the Black: DPRK Exploration / Inside Out “Citizens are guaranteed freedom of speech, of the press, of assembly, demonstration and association. The State shall guarantee conditions for the free activity of democratic political parties and social organizations.” Article 67, DPRK Socialist Constitution Source: http://www1.korea-np.co.jp/pk/061st_issue/98091708.htm
Into the Black: DPRK Exploration / Inside Out Limited, Restrictive and Expensive Intranet (Kwangmyong) not Internet KCC – 2003 What’s going on?
Into the Black: DPRK Exploration / Inside Out “...all other people use Kwangmyong”
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out Kwangmyong is the ultimate walled garden...
Into the Black: DPRK Exploration / Inside Out Five landlines to every One Hundred people
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out Nobody really seems to know for certain how North Koreans connect to the Internet, but the reality is that very few do, and those that do, are highly and tightly regulated (apart from the upper party echelons)
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out 1990 – 3 Direct Lines to Japan 1995 – Direct line to USA (courtesy AT&T) 2000 – 29 direct lines to South Korea (total of 56 via 3rd country relays) 2008 – Majority of IDD connections disabled
Into the Black: DPRK Exploration / Inside Out DPRK International Operator = +850 2 18111 192 + 7 digit - Koryolink 3G Network (about more later)193 + 7 digit - SunNet GSM/900 Network Known DPRK City Codes 2 - Pyongyang31 - Moranbong39 - Nampho41 - Songnim43 - Songnim45 - Haeju53 - Hungnam57 - Wonsan73 - Chongjin85 - Rason
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out Tel: +44(0) 208 992 4965. E-mail: singuk.ha@btinternet.com
Into the Black: DPRK Exploration / Inside Out
Into the Black: DPRK Exploration / Inside Out Kwangmyong via dial up / South & North Korea direct connections Internet PC Room opens Information Technology Store opens 1986: INTELSAT launches Bright Star Launch Bright Star program KCC Berlin opens Kwangmyong via satellite / DPRK expands landlines Bright Star Crash US / DPRK direct connections Silibank offline IDD closed Japan / DPRK direct connections Silibank mail relays open / DPRK joins INTELSTAT
Into the Black: DPRK Exploration / Outside In Part the Second Wherein myths are debunked and questionable research results presented for purposes of edification and entertainment
Into the Black: DPRK Exploration / Outside In The Mystery of Unit 121
Into the Black: DPRK Exploration / Outside In X 17,000
Into the Black: DPRK Exploration / Outside In Dear Mr Coleman,I am currently seeking to obtain further details regarding a military unit as mentioned in your piece, http://defensetech.org/2007/12/24/inside-dprks-unit-121/ (published December 2007). As part of the preparatory work involved in preparing a presentation to be delivered at a number of international IT security conferences, I am currently engaged in research concerning the offensive capabilities of DPRK particular with reference to information warfare.The article published in December 2007 alludes to a seemingly unsubstantiated military unit with such capabilities (an attributable, named source seems somewhat hard to come by). I would be interested to know how such data was collated and sourced. The only sourcing I can find appears to be from the Yonhap News Agency (as funded by the South Korean government) or from an 'anonymous' source. Bearing in mind the arguable non-impartiality of the first agency, and the lack of journalistic best practice is quoting the second, I would like to enquire as to the source (if differing) of the material, and the journalistic accuracy of the assertions made in the article.
Into the Black: DPRK Exploration / Outside In To Me: A couple of things1.  The tone of your email puts me off as well as our ops team that responded to your email to info@technolytics.com.  They called me!2.  Google North Korea Unit 1213.  Look at the attribution of the July 4th cyber attacks on the U.S.  South Korea and the US both point back to North Korea.Other than that I am not inclined to issue any further data given you tone/attitude and the fact that most of our work is classified and not available for public disclosure.
Into the Black: DPRK Exploration / Outside In To Me: I suggest you contact your MI5 and Major Sin if you would like to substantiate N Korea's cyber capabilities or look at the attribution to the July 4th 2009 events To Me: Well there are those that think the unit number is 110 or 101 you might want to check that as well.. To Me: You clearly have an agenda and I am through wasting my time.
Into the Black: DPRK Exploration / Outside In To Kevin: The feeling is mutual I assure you. As for my agenda, if you call asking for attribution from a journalist whose 'evidence' is being utilised to shape public opinion, government policy, and doubtless company profit margin an agenda then, yes I do. It's called seeking to ascertain the truth (perhaps an oddity given the preponderance of unnamed and unnamable sources when 'reporting' on information warfare). As you seem unwilling, or unable to substantiate your claims, I'll treat them with the seriousness that they doubtless deserve. That said, many thanks for your time, and considered responses.
Into the Black: DPRK Exploration / Outside In The Point: Apparently the only sources for Unit 121 are ‘classified’ or otherwise obfuscated Presented as fact Kevin Coleman is associated with Technolytics which provide cyber war training and advice He also came up with the definition of cyber-terrorism (according to wikipedia) He also presents to US congress He can’t source his allegations publicly.... Errr.....
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In Kevin Coleman Worlds No. 1 Cyberwar Expert? Gregory Evans Worlds No. 1 Hacker?
Into the Black: DPRK Exploration / Outside In “Cyberspace has become the fifth domain of warfare, after land, sea, air and space” “A lot could be achieved by greater co-operation between governments and the private sector” “One response to the growing threat has been military. Iran claims to have the world’s second-largest cyber-army. Russia, Israel and North Korea boast efforts of their own”
Into the Black: DPRK Exploration / Outside In To: Economist PR (as they don’t have an editorial contact, and both Cyberwar articles are written by un-named ‘journalists’): I am writing to you with regards the Cyberwar / Leaders piece recentlypublished in your July 2010 edition of The Economist. For the last eighteen months I have been studying the technical capabilities present in North Korea, and the digital threat that they pose...In all my research thus far, I have not been able to source a single subtantive claim regarding the information warfare capabilities of North Korea...Given that in my research thus far, I have found no mention regarding the information warfare capabilities of North Korea from any source other than anonymous sources, or from organisations with a vested interest in claiming as much (e.g. organisations that provide information warfare training), I would be very eager to discuss the source for the claim made in this piece.
Into the Black: DPRK Exploration / Outside In 1 – State something nobody can prove or disprove 2 – Watch it make press 3 – Reinforce claims 4 – Watch it make more press 5 – Panic spreads, so does spending 6 - ??? 7 – Profit?
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In Defcon 18 August 2010 Kim Jong Il& Me: How to build a cyber Army to attack the US Charlie Miller
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In 1 - DPRK does Juche 2 – Managing remote agents is hard 3 – Recruitment is a bitch 4 – Er, why?
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In >
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In From the Batshit Crazy Department...
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In korea-dpr.com – Official Webpage of The Democratic People's Republic of Korea naenara.kp – DPRK news and shopping portal kcna.co.jp – DPRK news service in Japan korea-np.co.jp – The Peoples’ Korea dprkorea.com – Holding page (looks to be a trade organisation) uriminzokkiri.com – Pro-Korean unification aindf.dyndns.org – Anti-Imperialist National Democratic Front alejandrocaodebenos.com – Korean Friendship Association (President) business-school-pyongyang.org – DPRK / Pyongyang Business School koryogroup.com – Koryo Tours / DPRK Tourism ournation-school.com – DPRK / Juche education? korea-publ.com – DPRK publications (Amazon for Kim Jong Il) korea-is-one.org – Pro-unification kdvr.de – German based, Korean pro-unification chongryon.com – General Association of Korean residents in Japan (pro-DPRK) juche.v.wol.ne.jp – International institute of the Juche idea eba.nosotek.com - DPRK European Business Association kcckp.net – Korean Computer Center
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Outside In Microsoft IIS = 6 Other = 1 Apache = 11
Into the Black: DPRK Exploration / Outside In Oldest iteration of IIS in use was 5.0 Oldest iteration of Apache was 1.3.41 Of the found hosts: 58% had FTP (TCP 21 open) 29% had SSH (TCP 22 open) 29% had SMTP (TCP 25 open) Most of the software used was deprecated (bug laden) Most of the sites had HTTPS/ALT set up for auth A couple *looked* to have trivially brute forced DB access... Most interesting was a custom Java component on one site which I wasn’t brave enough to play with...
Into the Black: DPRK Exploration / Outside In http://www.korea-dpr.com/paektu3/login.php
Into the Black: DPRK Exploration / Outside In Very odd North Korean kids TV and more @ http://www.youtube.com/user/uriminzokkiri#p/u/23/aWh9RmtRIIk DPRK does Twitter: https://twitter.com/uriminzok
Into the Black: DPRK Exploration / Outside In DPRK can hazMySQL
Into the Black: DPRK Exploration / Outside In
Into the Black: DPRK Exploration / Conclusions? So, are we all doomed? DPRK has a very tightly regulated use of ICT DPRK is a poor country with an evil little shit in charge It seems credible that the DPRK military may be thinking about information warfare (it’s cheap after all) The skills gap Outsourcing to China or elsewhere Instead of worrying about digital Armageddon; worry about human rights There may be a *lot* to explore; if you feel brave ;)
Questions? Questions? Comments? Abuse?
References RENK (Rescue! The North Korean People Urgent Action Network) http://www.bekkoame.ne.jp/ro/renk/englishhome.htm A Guidebook for European Investors in the DPRK http://www.dprkguidebook.org http://www.scribd.com/doc/15078953/Cyber-Threat-Posed-by-North-Korea-and-China-to-South-Korea-and-US-Forces-Korea http://defensetech.org/2007/12/24/inside-dprks-unit-121/ http://blog.bkis.com/en/korea-and-us-ddos-attacks-the-attacking-source-located-in-united-kingdom/ http://greylogic.us/ http://www.scribd.com/doc/24587105/The-Dark-Visitor-Scott-J-Henderson
References http://ashen-rus.livejournal.com/4300.html http://www.nosotek.com/ http://www.interview-blog.de/unternehmerinnen-und-geschaftsideen/interview-with-volker-eloesser-president-of-nosotek-jv-company-in-north-korea/ http://datactivity.com/ http://www.youtube.com/watch?v=_AZnlyKXGPM – video about EBA / Nosotek Developing a Reliable Methodology for Assessing the Computer Network Operations Threat of North Korea - http://www.fas.org/irp/eprint/cno-dprk.pdf http://www.hrw.org/asia/north-korea http://www.amnesty.org/en/region/north-korea
Contact / 접촉 Work (Hire us): www.xiphosresearch.com mk ’at’ xiphosresearch.com Personal (Stalk me): www.lowfisecurity.com clappymonkey ‘at’ gmail.com Twitter.com/clappymonkey Location (Find me): United Kingdom / Above the earths’ core
Thanks The con organisers for having me MF for putting up with late nights & paranoid rants All the crew @ XRL for read throughs & suggestions GCHQ for listening to my phone calls All the research bodies and NGOs doing active research into DPRK All the cyberwar pundits for pissing me off YOU for listening

Recommandé

Texas Star Chart Powerpoint
Texas Star Chart PowerpointTexas Star Chart Powerpoint
Texas Star Chart Powerpointbrigney
 
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)Le GPU à la rescousse du CPU (Charles Demers-Tremblay)
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)Hackfest Communication
 
Stack Smashing Protector (Paul Rascagneres)
Stack Smashing Protector (Paul Rascagneres)Stack Smashing Protector (Paul Rascagneres)
Stack Smashing Protector (Paul Rascagneres)Hackfest Communication
 
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)Hackfest Communication
 
Star Chart @ Edinburg High School
Star Chart @ Edinburg High SchoolStar Chart @ Edinburg High School
Star Chart @ Edinburg High Schoolmiked22
 
Texas S Ta R Chart
Texas S Ta R ChartTexas S Ta R Chart
Texas S Ta R Chartddbranch569
 
10 benefits of reading
10 benefits of reading10 benefits of reading
10 benefits of readingNada Zahro
 
The publishing industry: eboks vs traditional books
The publishing industry: eboks vs traditional booksThe publishing industry: eboks vs traditional books
The publishing industry: eboks vs traditional booksMaría José López
 

Recommandé

Texas Star Chart Powerpoint
Texas Star Chart PowerpointTexas Star Chart Powerpoint
Texas Star Chart Powerpointbrigney
 
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)Le GPU à la rescousse du CPU (Charles Demers-Tremblay)
Le GPU à la rescousse du CPU (Charles Demers-Tremblay)Hackfest Communication
 
Stack Smashing Protector (Paul Rascagneres)
Stack Smashing Protector (Paul Rascagneres)Stack Smashing Protector (Paul Rascagneres)
Stack Smashing Protector (Paul Rascagneres)Hackfest Communication
 
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)
PostNet, une nouvelle ère de Botnet résilient (Julien Desfossez & David Goulet)Hackfest Communication
 
Star Chart @ Edinburg High School
Star Chart @ Edinburg High SchoolStar Chart @ Edinburg High School
Star Chart @ Edinburg High Schoolmiked22
 
Texas S Ta R Chart
Texas S Ta R ChartTexas S Ta R Chart
Texas S Ta R Chartddbranch569
 
10 benefits of reading
10 benefits of reading10 benefits of reading
10 benefits of readingNada Zahro
 
The publishing industry: eboks vs traditional books
The publishing industry: eboks vs traditional booksThe publishing industry: eboks vs traditional books
The publishing industry: eboks vs traditional booksMaría José López
 
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Hackfest Communication
 
Books
BooksBooks
BooksTamara Chahine
 
Reading in the 21st century
Reading in the 21st centuryReading in the 21st century
Reading in the 21st centurykaren_rod
 
Flipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or FantasyFlipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or FantasyEilat Assif
 
Books VS. E-Books
Books VS. E-BooksBooks VS. E-Books
Books VS. E-BooksGriselda Aguilera
 
Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah Praveeni Rasiah
 
Hackerspace jan-2013
Hackerspace jan-2013Hackerspace jan-2013
Hackerspace jan-2013Hackfest Communication
 
Hackfest @ WAQ2011
Hackfest @ WAQ2011Hackfest @ WAQ2011
Hackfest @ WAQ2011Hackfest Communication
 
Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)Hackfest Communication
 
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...Hackfest Communication
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Hackfest Communication
 
Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...Hackfest Communication
 
Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)Hackfest Communication
 
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...Hackfest Communication
 
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)Hackfest Communication
 
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)Hackfest Communication
 
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)Hackfest Communication
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Contenu connexe

En vedette

Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Hackfest Communication
 
Reading in the 21st century
Reading in the 21st centuryReading in the 21st century
Reading in the 21st centurykaren_rod
 
Flipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or FantasyFlipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or FantasyEilat Assif
 
Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah Praveeni Rasiah
 

En vedette (6)

Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
Comment détecter des virus inconnus en utilisant des « honey pots » et d’autr...
 
Books
BooksBooks
Books
 
Reading in the 21st century
Reading in the 21st centuryReading in the 21st century
Reading in the 21st century
 
Flipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or FantasyFlipbook-The Right To Be Forgotten: Fact or Fantasy
Flipbook-The Right To Be Forgotten: Fact or Fantasy
 
Books VS. E-Books
Books VS. E-BooksBooks VS. E-Books
Books VS. E-Books
 
Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah Flipbook- Praveeni Rasiah
Flipbook- Praveeni Rasiah
 

Plus de Hackfest Communication

Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)Hackfest Communication
 
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...Hackfest Communication
 
Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...Hackfest Communication
 
Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)Hackfest Communication
 
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...Hackfest Communication
 
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)Hackfest Communication
 
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)Hackfest Communication
 
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)Hackfest Communication
 

Plus de Hackfest Communication (11)

Hackerspace jan-2013
Hackerspace jan-2013Hackerspace jan-2013
Hackerspace jan-2013
 
Hackfest @ WAQ2011
Hackfest @ WAQ2011Hackfest @ WAQ2011
Hackfest @ WAQ2011
 
Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)Du fuzzing dans les tests d'intrusions? (Éric Gingras)
Du fuzzing dans les tests d'intrusions? (Éric Gingras)
 
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
Quelles lois sont applicables au hacker? Énormément moins que tu penses. (Bot...
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)
 
Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...Conservation et la circulation des renseignements personnels des services de ...
Conservation et la circulation des renseignements personnels des services de ...
 
Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)Mots de passe et mécanismes d’authentification (Thomas Pornin)
Mots de passe et mécanismes d’authentification (Thomas Pornin)
 
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
Comment détecter des virus inconnus en utilisant des « Honeypots » et d’autre...
 
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
La détection d'intrusions est-elle morte en 2003 ? (Éric Gingras)
 
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
Responsabilisation des données confidentielles en entreprise (Étienne Dubreuil)
 
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
802.1X filaire, un monde idéal illusoire? (Olivier Bilodeau)
 

Dernier

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 

Dernier (20)

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 

Into the Black: Explorations in DPRK (Mike Kemp)

  • 1. Into the Black: DPRK Exploration(Or How I Learned to Stop Worrying and Love the Bomb) Michael Kemp
  • 2. Into the Black: DPRK Exploration / intro Standard Disclaimer The views, opinions and details presented in this resource are solely those of the author, and not of any present or previous employer or organisation. No warranty is inferred or granted. Additionally if I am black bagged, please contact North Korea and see if you can find me (although to be fair they largely stopped that in the eighties)
  • 3. Into the Black: DPRK Exploration / intro “If there was hope, it must lie in the proles, because only there, in those swarming disregarded masses, eighty-five percent of the population of Oceania, could the force to destroy the Party ever be generated.” George Orwell, ‘1984’ “I am an Internet master” Kim Jong Il, 2007
  • 4. Into the Black: DPRK Exploration / whoami
  • 5. Into the Black: DPRK Exploration / about Fear Black holes Super hackers In & Out Relationships Apologies
  • 6. Into the Black: DPRK Exploration / not about 0day Tech demo Vendor Pitch Fear & Loathing
  • 7. Into the Black: DPRK Exploration / intro
  • 8. Into the Black: DPRK Exploration / intro
  • 9. Into the Black: DPRK Exploration / Inside Out Part the First Wherein an attempt is made to distil the infrastructure technology and relationships of a nation state into thirty slides
  • 10. Into the Black: DPRK Exploration / Inside Out “Citizens are guaranteed freedom of speech, of the press, of assembly, demonstration and association. The State shall guarantee conditions for the free activity of democratic political parties and social organizations.” Article 67, DPRK Socialist Constitution Source: http://www1.korea-np.co.jp/pk/061st_issue/98091708.htm
  • 11. Into the Black: DPRK Exploration / Inside Out Limited, Restrictive and Expensive Intranet (Kwangmyong) not Internet KCC – 2003 What’s going on?
  • 12. Into the Black: DPRK Exploration / Inside Out “...all other people use Kwangmyong”
  • 13. Into the Black: DPRK Exploration / Inside Out
  • 14. Into the Black: DPRK Exploration / Inside Out Kwangmyong is the ultimate walled garden...
  • 15. Into the Black: DPRK Exploration / Inside Out Five landlines to every One Hundred people
  • 16. Into the Black: DPRK Exploration / Inside Out
  • 17. Into the Black: DPRK Exploration / Inside Out
  • 18. Into the Black: DPRK Exploration / Inside Out
  • 19. Into the Black: DPRK Exploration / Inside Out Nobody really seems to know for certain how North Koreans connect to the Internet, but the reality is that very few do, and those that do, are highly and tightly regulated (apart from the upper party echelons)
  • 20. Into the Black: DPRK Exploration / Inside Out
  • 21. Into the Black: DPRK Exploration / Inside Out 1990 – 3 Direct Lines to Japan 1995 – Direct line to USA (courtesy AT&T) 2000 – 29 direct lines to South Korea (total of 56 via 3rd country relays) 2008 – Majority of IDD connections disabled
  • 22. Into the Black: DPRK Exploration / Inside Out DPRK International Operator = +850 2 18111 192 + 7 digit - Koryolink 3G Network (about more later)193 + 7 digit - SunNet GSM/900 Network Known DPRK City Codes 2 - Pyongyang31 - Moranbong39 - Nampho41 - Songnim43 - Songnim45 - Haeju53 - Hungnam57 - Wonsan73 - Chongjin85 - Rason
  • 23. Into the Black: DPRK Exploration / Inside Out
  • 24. Into the Black: DPRK Exploration / Inside Out
  • 25. Into the Black: DPRK Exploration / Inside Out
  • 26. Into the Black: DPRK Exploration / Inside Out
  • 27. Into the Black: DPRK Exploration / Inside Out
  • 28. Into the Black: DPRK Exploration / Inside Out Tel: +44(0) 208 992 4965. E-mail: singuk.ha@btinternet.com
  • 29. Into the Black: DPRK Exploration / Inside Out
  • 30. Into the Black: DPRK Exploration / Inside Out Kwangmyong via dial up / South & North Korea direct connections Internet PC Room opens Information Technology Store opens 1986: INTELSAT launches Bright Star Launch Bright Star program KCC Berlin opens Kwangmyong via satellite / DPRK expands landlines Bright Star Crash US / DPRK direct connections Silibank offline IDD closed Japan / DPRK direct connections Silibank mail relays open / DPRK joins INTELSTAT
  • 31. Into the Black: DPRK Exploration / Outside In Part the Second Wherein myths are debunked and questionable research results presented for purposes of edification and entertainment
  • 32. Into the Black: DPRK Exploration / Outside In The Mystery of Unit 121
  • 33. Into the Black: DPRK Exploration / Outside In X 17,000
  • 34. Into the Black: DPRK Exploration / Outside In Dear Mr Coleman,I am currently seeking to obtain further details regarding a military unit as mentioned in your piece, http://defensetech.org/2007/12/24/inside-dprks-unit-121/ (published December 2007). As part of the preparatory work involved in preparing a presentation to be delivered at a number of international IT security conferences, I am currently engaged in research concerning the offensive capabilities of DPRK particular with reference to information warfare.The article published in December 2007 alludes to a seemingly unsubstantiated military unit with such capabilities (an attributable, named source seems somewhat hard to come by). I would be interested to know how such data was collated and sourced. The only sourcing I can find appears to be from the Yonhap News Agency (as funded by the South Korean government) or from an 'anonymous' source. Bearing in mind the arguable non-impartiality of the first agency, and the lack of journalistic best practice is quoting the second, I would like to enquire as to the source (if differing) of the material, and the journalistic accuracy of the assertions made in the article.
  • 35. Into the Black: DPRK Exploration / Outside In To Me: A couple of things1.  The tone of your email puts me off as well as our ops team that responded to your email to info@technolytics.com.  They called me!2.  Google North Korea Unit 1213.  Look at the attribution of the July 4th cyber attacks on the U.S.  South Korea and the US both point back to North Korea.Other than that I am not inclined to issue any further data given you tone/attitude and the fact that most of our work is classified and not available for public disclosure.
  • 36. Into the Black: DPRK Exploration / Outside In To Me: I suggest you contact your MI5 and Major Sin if you would like to substantiate N Korea's cyber capabilities or look at the attribution to the July 4th 2009 events To Me: Well there are those that think the unit number is 110 or 101 you might want to check that as well.. To Me: You clearly have an agenda and I am through wasting my time.
  • 37. Into the Black: DPRK Exploration / Outside In To Kevin: The feeling is mutual I assure you. As for my agenda, if you call asking for attribution from a journalist whose 'evidence' is being utilised to shape public opinion, government policy, and doubtless company profit margin an agenda then, yes I do. It's called seeking to ascertain the truth (perhaps an oddity given the preponderance of unnamed and unnamable sources when 'reporting' on information warfare). As you seem unwilling, or unable to substantiate your claims, I'll treat them with the seriousness that they doubtless deserve. That said, many thanks for your time, and considered responses.
  • 38. Into the Black: DPRK Exploration / Outside In The Point: Apparently the only sources for Unit 121 are ‘classified’ or otherwise obfuscated Presented as fact Kevin Coleman is associated with Technolytics which provide cyber war training and advice He also came up with the definition of cyber-terrorism (according to wikipedia) He also presents to US congress He can’t source his allegations publicly.... Errr.....
  • 39. Into the Black: DPRK Exploration / Outside In
  • 40. Into the Black: DPRK Exploration / Outside In Kevin Coleman Worlds No. 1 Cyberwar Expert? Gregory Evans Worlds No. 1 Hacker?
  • 41. Into the Black: DPRK Exploration / Outside In “Cyberspace has become the fifth domain of warfare, after land, sea, air and space” “A lot could be achieved by greater co-operation between governments and the private sector” “One response to the growing threat has been military. Iran claims to have the world’s second-largest cyber-army. Russia, Israel and North Korea boast efforts of their own”
  • 42. Into the Black: DPRK Exploration / Outside In To: Economist PR (as they don’t have an editorial contact, and both Cyberwar articles are written by un-named ‘journalists’): I am writing to you with regards the Cyberwar / Leaders piece recentlypublished in your July 2010 edition of The Economist. For the last eighteen months I have been studying the technical capabilities present in North Korea, and the digital threat that they pose...In all my research thus far, I have not been able to source a single subtantive claim regarding the information warfare capabilities of North Korea...Given that in my research thus far, I have found no mention regarding the information warfare capabilities of North Korea from any source other than anonymous sources, or from organisations with a vested interest in claiming as much (e.g. organisations that provide information warfare training), I would be very eager to discuss the source for the claim made in this piece.
  • 43. Into the Black: DPRK Exploration / Outside In 1 – State something nobody can prove or disprove 2 – Watch it make press 3 – Reinforce claims 4 – Watch it make more press 5 – Panic spreads, so does spending 6 - ??? 7 – Profit?
  • 44. Into the Black: DPRK Exploration / Outside In
  • 45. Into the Black: DPRK Exploration / Outside In Defcon 18 August 2010 Kim Jong Il& Me: How to build a cyber Army to attack the US Charlie Miller
  • 46. Into the Black: DPRK Exploration / Outside In
  • 47. Into the Black: DPRK Exploration / Outside In
  • 48. Into the Black: DPRK Exploration / Outside In
  • 49. Into the Black: DPRK Exploration / Outside In 1 - DPRK does Juche 2 – Managing remote agents is hard 3 – Recruitment is a bitch 4 – Er, why?
  • 50. Into the Black: DPRK Exploration / Outside In
  • 51. Into the Black: DPRK Exploration / Outside In
  • 52. Into the Black: DPRK Exploration / Outside In >
  • 53. Into the Black: DPRK Exploration / Outside In
  • 54. Into the Black: DPRK Exploration / Outside In
  • 55. Into the Black: DPRK Exploration / Outside In
  • 56. Into the Black: DPRK Exploration / Outside In From the Batshit Crazy Department...
  • 57. Into the Black: DPRK Exploration / Outside In
  • 58. Into the Black: DPRK Exploration / Outside In korea-dpr.com – Official Webpage of The Democratic People's Republic of Korea naenara.kp – DPRK news and shopping portal kcna.co.jp – DPRK news service in Japan korea-np.co.jp – The Peoples’ Korea dprkorea.com – Holding page (looks to be a trade organisation) uriminzokkiri.com – Pro-Korean unification aindf.dyndns.org – Anti-Imperialist National Democratic Front alejandrocaodebenos.com – Korean Friendship Association (President) business-school-pyongyang.org – DPRK / Pyongyang Business School koryogroup.com – Koryo Tours / DPRK Tourism ournation-school.com – DPRK / Juche education? korea-publ.com – DPRK publications (Amazon for Kim Jong Il) korea-is-one.org – Pro-unification kdvr.de – German based, Korean pro-unification chongryon.com – General Association of Korean residents in Japan (pro-DPRK) juche.v.wol.ne.jp – International institute of the Juche idea eba.nosotek.com - DPRK European Business Association kcckp.net – Korean Computer Center
  • 59. Into the Black: DPRK Exploration / Outside In
  • 60. Into the Black: DPRK Exploration / Outside In Microsoft IIS = 6 Other = 1 Apache = 11
  • 61. Into the Black: DPRK Exploration / Outside In Oldest iteration of IIS in use was 5.0 Oldest iteration of Apache was 1.3.41 Of the found hosts: 58% had FTP (TCP 21 open) 29% had SSH (TCP 22 open) 29% had SMTP (TCP 25 open) Most of the software used was deprecated (bug laden) Most of the sites had HTTPS/ALT set up for auth A couple *looked* to have trivially brute forced DB access... Most interesting was a custom Java component on one site which I wasn’t brave enough to play with...
  • 62. Into the Black: DPRK Exploration / Outside In http://www.korea-dpr.com/paektu3/login.php
  • 63. Into the Black: DPRK Exploration / Outside In Very odd North Korean kids TV and more @ http://www.youtube.com/user/uriminzokkiri#p/u/23/aWh9RmtRIIk DPRK does Twitter: https://twitter.com/uriminzok
  • 64. Into the Black: DPRK Exploration / Outside In DPRK can hazMySQL
  • 65. Into the Black: DPRK Exploration / Outside In
  • 66. Into the Black: DPRK Exploration / Conclusions? So, are we all doomed? DPRK has a very tightly regulated use of ICT DPRK is a poor country with an evil little shit in charge It seems credible that the DPRK military may be thinking about information warfare (it’s cheap after all) The skills gap Outsourcing to China or elsewhere Instead of worrying about digital Armageddon; worry about human rights There may be a *lot* to explore; if you feel brave ;)
  • 68. References RENK (Rescue! The North Korean People Urgent Action Network) http://www.bekkoame.ne.jp/ro/renk/englishhome.htm A Guidebook for European Investors in the DPRK http://www.dprkguidebook.org http://www.scribd.com/doc/15078953/Cyber-Threat-Posed-by-North-Korea-and-China-to-South-Korea-and-US-Forces-Korea http://defensetech.org/2007/12/24/inside-dprks-unit-121/ http://blog.bkis.com/en/korea-and-us-ddos-attacks-the-attacking-source-located-in-united-kingdom/ http://greylogic.us/ http://www.scribd.com/doc/24587105/The-Dark-Visitor-Scott-J-Henderson
  • 69. References http://ashen-rus.livejournal.com/4300.html http://www.nosotek.com/ http://www.interview-blog.de/unternehmerinnen-und-geschaftsideen/interview-with-volker-eloesser-president-of-nosotek-jv-company-in-north-korea/ http://datactivity.com/ http://www.youtube.com/watch?v=_AZnlyKXGPM – video about EBA / Nosotek Developing a Reliable Methodology for Assessing the Computer Network Operations Threat of North Korea - http://www.fas.org/irp/eprint/cno-dprk.pdf http://www.hrw.org/asia/north-korea http://www.amnesty.org/en/region/north-korea
  • 70. Contact / 접촉 Work (Hire us): www.xiphosresearch.com mk ’at’ xiphosresearch.com Personal (Stalk me): www.lowfisecurity.com clappymonkey ‘at’ gmail.com Twitter.com/clappymonkey Location (Find me): United Kingdom / Above the earths’ core
  • 71. Thanks The con organisers for having me MF for putting up with late nights & paranoid rants All the crew @ XRL for read throughs & suggestions GCHQ for listening to my phone calls All the research bodies and NGOs doing active research into DPRK All the cyberwar pundits for pissing me off YOU for listening