Vigilante hacker attacks foreign nation internet infrastructure on behalf of the U.S. without the U.S.'s consent and wants to encourage the U.S. to perform more similar cyber attacks, but witout the approval of the chain of command, without thinking of the repercussions on international relations.
I don't know, but this doesn't sond likea good idea.
I don’t see the point in attacking North Korea when Lazarus et al are well known to do their digital wetwork via diaspora, so DDoS’ing a nation is effectively carpet bombing citizenry for government actions when you should be taking a scapular approach to threat actor countermeasures.
Seems like this person has anger blinders permanently affixed to their head and is only concerned with vamping up their own “hacker cred” to put weight behind selling their basic ass web vulnerability scanner.
Hard pass on both qomplex and punkspider.
Yeah good point on the anger glasses. He sounds like an agressive type of dude. Says he worked for Blackwater? The mercenaries company known for their crimes against humanity in Iraq, if I'm not mistaken? What normal person would want to work there?
Yep, blackwater (or whatever it’s named now) is a massive red flag and not the cred he thinks it is.
Erik Prince is the driving force behind those mercs, there’s a ton of quality information published about his misdeeds.
Top tier bastard imho
DDoS’ing a nation is effectively carpet bombing citizenry for government actions when you should be taking a scapular approach to threat actor countermeasures.
my understanding is that the only NK citizens that have access to the actual internet is microscopic and concentrated in information warfare / scams.
Thank you for the attribution.
I do love me some links to read after a nice pithy comment :D
Are you laboring under the false impression that the average citizens of North Korea have, forget regular, but ANY access to the internet? Carpet bombing doesn't work if you're already a ghost.
…therefore you would be fine with this same action if it’s not NK?
The person in this article wants this same baseline cyber response to any countries attacking.
Look down the road where this decision takes everyone.
No. No I'm just calling out that this particular cyberattack was not as impactful to the everyman of North Korea as it would fit any other, more modernized country. Your point gains more validity the more networked a country is.
The article is paywalled. Did you read all of it? Does it specifically quote the author as saying "I want the same baseline response. Doesn't matter who I attack"? Because I didn't see that, but I didn't bother to bypass the paywall. If you did and it's in there, cool, guys a weirdo. If not, quit making up shit to fill out your narrative. You don't know any better than anyone else unless you asked him or are him.
It was not paywalled when I read it all, so you can take your wrong ass half-baked opinions elsewhere.
I'll have you know I'm fully baked, and don't have any reason not to express myself here, so naturally, I'ma gonna.
Okay, that was always allowed, but seems like you’re just thirsty for conversation now.
Are you good?
Well, bless your heart. I can remember when I used to mistake stuff like this as the want for people to talk with me; we're not so different after all.
My friend, I asked because I’m legitimately concerned about your mental health.
Do you need help?
I generally agree with you but isn't the n Korean internet only used by the government and whatever rich people can afford it? I say fuck em.
I’ve heard the same and I generally view that as propaganda since NK have been actively maintaining a Linux distro since 98 (Red Star OS) so it’s not like they’re total luddites, just under oppressive dictatorial control.
I personally can’t condone attacking random people based on geoloc for the actions of their dictator but I absolutely understand your point of view.
Not trying to change your mind but if the general public has internet it's definitely just intranet. There's no way they're getting anything close to what we would recognize as the internet. Maybe I'm buying propaganda but I just can't fathom the possibility.
Heard.
All valid opinions, I won’t be visiting NK anytime soon to confirm for myself, but it’s a curious thought.
they aren't random people, NK users of the internet have explicit ties to scams and hacking. The rest never get to access the WWW.
You’re from North Korea to confirm this as fact?
No more than you are to assert the opposite, sir.
lol, it'd undermine my argument if I was, wouldn't it? Not sure if you're being intentionally dense or just... obtuse. But here's some further reading for you, you do you budnik.
Read usernames and the rest of the thread, friend.
I might need to go back and find sources but I could have sworn I read a thing that had Kim directly saying that it isn't allowed among the general populace because it's full of US propaganda. Same reason why jeans aren't allowed.
Edit: I want to clarify that I would prefer the general populace had the internet so they could more easily educate themselves but AFAIK they don't.
I believe you, no sources required; my personally held belief comes from a gut feeling and general distrust based on their historical movements.
Their M.O. has always been subversion and misdirection to make them appear stronger than they actually are, so you can’t take them at face value at all.
Yes.
Internet access is available in North Korea, but is only permitted with special authorization. It is primarily used for government purposes, and also by foreigners ... Online services for most individuals and institutions are provided through a free domestic-only network known as Kwangmyong, with access to the global Internet limited to a much smaller group.
Wikipedia
Thank you for the attribution.
It sounds like a Hollywood movie. "Hacker tattoos"? Single person took on an entire country? I dunno, something about this is off, like it's too juicy of a story for Wired to scrutinize it properly and there's really more (or less) to the story.
Yeah, especially since the NSA or FBI or CIA has never accepted the dude's methods. And he's the only one giving his own testimoy about all of this. It's weird.
Are you saying you don't keep your pgp key tattooed on your face? How do people know if they are actually talking to you then?
Something tells me the last thing the world needs from a cybersecurity standpoint is a leaner, meaner Pentagon that can launch cyberattacks faster than they can assess the likely impact
You're saying it like they don't exist.
In the article it states the average lead time for a Pentagon-organized cyberattack is six months.
The main point of the article is that this guy is basically trying to push the Pentagon to be more like him, a guy who took personal offense when a North Korean hacker tried to drive-by hack him then took the entire country offline without first considering whether or not they might retaliate against an actual lone wolf attacker, or whether this is a rational response as an individual to the existence of organized nation-state attackers.
Basically, he's lucky the Pentagon took an interest in him. The article points out that the officials he shared his attack with were well aware the main reason they couldn't do something similar is literally just bureaucracy. He's not offering anything new on a technical level, he just wants the Pentagon to shoot from the hip more often and worry less about the consequences of their actions.
TBH, probably everybody in the world would prefer the slower, less aggressive Pentagon we have now rather than one that goes around picking fights with every nation-state and group that pisses it off for like, any reason.
100% agreed, the world doesn’t need a cyber pseudo-Kissinger heading offensive ops.
One was more than enough.
“cybersecurity entrepreneur with hacker tattoos on both arms“ what’s a hacker tattoo? Your IP address? This article was really short on how he did it.
Nah, the Kali Linux logo. Everyone knows using Kali makes you a hacker, and getting a kali tat gives you immediate hacker xp.
Everyone knows that hacker tattoos enable their wearer to be able to do sick hacks. The better the tattoo, the better the hacker skill.
Goatse qr code
There is a picture in the article. Its his previous handle and a what looks like a md5 hash along his entire left arm from hand to shoulder.
He took down all of it, like the whole three computers?
Their IP address range is hilariously small at 1024 addresses total (175.45.176.0/22). That's about one IP address for every 24,400 people.
DPRK has a reputation for using assassination and kidnapping on foreign soil. It’s probably not as bad as taking on a Mexican drug cartel, organized crime, or Donald Trump, but it’s still something I’d probably want to keep on the DL.
DPRK has a reputation for using assassination and kidnapping on foreign soil.
US has a history of that with a lot more deaths, so we should thank hackers who attack US infrastructure.
Do you just enjoy doing hot takes or trolling?
Nowhere did I imply that the DPRK’s practices justify the attack - that’s left to individuals to think about for themselves. I was saying that their tendency to engage in covert ops against individuals outside of their own borders means that, if I were the hacker, I wouldn’t want my name publicly known. The same goes for the US - even more so. I would expect that someone who managed to disable significant parts of the US internet infrastructure not to then immediately publish their identity.
I'm sure this had absolutely no benefit beyond pissing off the few DPRK citizens who have intranet access. What a dick
Tiday, he's a healthy young man, next week he'll die of a sudden and mysterious heart attack.
Wait north korea has internet ? Is it all used by kim lol ?
North Korea has a lot...just none of the citizens can use or know about it.
how do you think they conducted their state-sponsored hacks then?
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
