>P4x notes that while his attacks at times disrupted all websites hosted in the country and access from abroad to any other internet services hosted there, they didn’t cut off North Koreans’ outbound access to the rest of the internet.
Did this achieve anything or did he just push them to patch vulnerabilities that could have been put to better use?
Almost certainly the latter. Chances are good "allied" states like the US or S.Korea, with their cybersecurity budgets many times larger than either N.Korea or any private firm or group, also already knew about these and many other vulnerabilities, and were saving them for an emergency response in case N.Korea attacks someone in the region; instead this irregular has just burned this part of that puzzle for no gain except making himself into a peacetime media darling for magazines shortsighted enough to fawn over him like Wired. This is also why they say no plan survives contact with the enemy.
nah, I used commonly known memory exhaustion denial of service vulns ONLY. There were other vulns but I did not reveal those publicly ;-). In other words, no operations were affected or compromised here.
check out my twitter @_hyp3ri0n and tell me to post something (discreet please) to prove it’s me.
>In other words, no operations were affected or compromised here.
How do you know this? Did you check it with the NSA, or Cyber Command, or the CIA, or literally anyone before running your "attack"? Will they confirm this discussion? If you're going to make the claim of truly being on the US side of the Pacific theater, it'd be nice to have a little concrete evidence of such. I don't particularly care what vulns you use at all; what I care about is that you're wise enough with any of them to not push us into the tragedy of the commons for your own short-term gain. (For similar reasons I also do not particularly care what someone who passed beneath the intelligence ceiling for writing in wired magazine has to say about you. This is like a university professor trying to claim an interview in the campus student paper as a citation of their work.)
If they were "commonly known", then you exploiting them seems even more, not less, likely to have removed them from stockpiles, no? Because the North Koreans were clearly not going to fix them on their own anytime soon (because they hadn't bothered to all that time), until you came along and offered free pentesting services; while those vulns were even more likely to have already been included in stockpiles (being so well known).
> So Caceres is now arguing that it’s time for the US to try the P4x approach: that a part of the solution to foreign cybersecurity threats is for the American government’s own hackers to show their teeth—and to use them far more often.
I wonder if we don't because we are far too vulnerable. How secure is our basic public infrastructure? (Power grid, water purification, home networks of political figures, etc.) In terms of political strategy, I'd bet we use our military might to compensate for our relative vulnerability on the 'cyber' front.
It would probably expose all the NSA backdoors built into US made hardware and software (I'm looking at you, intel IME), then the rest of the world would stop buying computer products made by American companies.
Stuxnet was us. And there have been zero days that we know the NSA has had for years. I'd say we are more rarely being caught, our goal isn't to knock their internet offline for weeks but to be inside their machines for years.
The rarity of "being caught" could certainly mean that we're very good at this.
I got the impression at the time that stuxnet was Israel (albeit likely with US involvement). Has it been shown to be the US for sure? Or are there still competing theories?
it’s true and we do. It’s a really astute observation. But it’s not because it’s a strategic move by NSA or CYBERCOM or DoD in general. We have more than enough bandwidth (both metaphorical and in the technology sense) to conduct loud attacks concurrent with other operations. Why we don’t is a pretty amazing reason: bureaucracy. Literally everyone i’ve talked to about it has told me it’s because of “authorization this and authorization that” and by the time they MIGHT get approval (rare) the point is already moot.
It also just makes us look incompetent in the field on the world stage IMHO. These brazen attacks by other countries have been extremely effective. Why not treat it like another sanction? We’re the big dick US, if they retaliate we can rereretaliate even harder. And yes i know that’s not a word and yes this is actually p4x from the story (can prove however you want)
we absolutely do compensate. Our power grid is horribly insecure and people have been ranting about it for a decade and a half. Critical infra like that is on ANCIENT systems that go down if you look at them the wrong way.
However i don’t think that’s what leads to inaction because other country’s same critical infra is EVEN WORSE. I think that’s really why we just in general don’t see those kinds of attacks
Yeah, it seems like it could be construed as an attack on civilians - take down the power grid somewhere hot like AZ, and all the elderly would die of heatstroke. Maybe just an implicit agreement similar to MAD - we'd all be so completely screwed that no-one even wants to go first.
That's how people in governments want it. Vulnerabilities in our infrastructure allow government entities to justify there existence.
The population rely way too much on political institutions. People in positions of political power will, in most cases, have agendas that run counter to the will of its people.
He’s essentially asking for modern day piracy. I do believe we’re very much on the receiving end of piracy from all our openly hostile enemies (e.g. China, Russia, NK, etc) it’s time to level the playing field.
What do you mean "level the playing field"? You have an NSA and a CIA. Y'all have been on the offensive for at least 200 years. All the american chips have backdoors and y'all have the biggest military budget.
who said it had to be fair? Yes we do that stuff and yes we have been on the intelligence side covertly on the offensive.
I’m advocating for loud and proud here though. We have more than enough bandwidth in every sense of the word to do both. IMO we treat it like any other sanction.
Your point is well received though, we have been very much on the offensive. Which is how you know that if we had the capability to do loud and effective shit and have the world stage see it, we would do it. But we don’t because everyone is for some reason afraid to do it.
I worked for DARPA for about a decade and a half, we weren’t ever allowed to use the word hacking. Think about how fucked that is. They were making advanced tanks, drones, missiles, all kinds of weapons to kill people. But hacking??? Way too far man! That’s too much!!
i don't care who you are. the us already bills itself as "the greatest nation on earth" (in spite of any evidence to the contrary lol) and constantly flaunts international law. how can you be more loud and proud than that?
You get your nation’s technological foundations crippled or your financial institutions robbed, I’m betting which bureaucratic requisition form used to authorize it is inconsequential.
Pirates are not authorized by any bureaucracy, which makes them much more difficult to stamp out. Pirates are also known for being much more brutal and indiscriminate (hence the Jolly Roger used to advertise that fact). Privateers were not kind either, but they're somewhat comparable to an extension of a navy in its raids on merchant shipping.
My guess is that the "piracy" direction got killed by higher ups because we've likely already infected many of the foreign systems that we want to control. Piracy would just make them look a bit too hard at their existing systems, we don't want them to look, we want them to think they are winning because we're not retaliating.
Ransomware actors are petty thieves, trying to make a buck. Sometimes, allegedly, on behalf of a state.
The idea that we should collectively punish an entire nation (as "p4x" allegedly did to North Korea) because some cyber-bandits used IPs that are geolocated there is utterly barbaric.
> All of that hacking against the West, he argues, has been carried out with relative impunity. “We sit there while they hack us,” Caceres says.
STUXNET was a joint American-Israeli project. That's just the most public example.
Overall, what a great exposition of the inhumanity that populates the "war community" in Washington. This is the exact same mentality that leads to devastating sanctions and wars against civilians and other forms of barbaric collective punishment. This cybercriminal, sorry, "vigilante hacker" is upset that the government isn't going full-throttle with cyberattacks and now WIRED is giving him a platform. Yuck.
there’s no “allegedly” about it. These countries do it and they do it openly. Or do you really think that there’s a bunch of really good North Korean hackers with the time and money to be stealing crypto in sophisticated attacks with no association to the government?
And I see the cyber realm as an alternative to missiles and bombs. Yes it’s like another sanction - why do you think sanctions are bad? It puts the onus on the country leader to figure it out without the help we give them.
Also what crime did i commit? The US and much of the world don’t even recognize NK as a country, they’re a terrorist state. If hitting a terrorist state with a simple cyber attack is “too much war community” for you what do you suggest? That we ask real nice? I think we’ve tried that. It didn’t go well.
Also let me clarify - I hit NK’s internet. The people of north korea DO NOT have access to the internet. It is the elites and the government only. So literally no civilian was harmed. It really doesn’t get any more targeted than that. I’m not advocating for hitting innocent civilians with attacks all day. Hit the ones causing the pain and suffering for their own people and others.
This shit needs to stop from NK because they literally give 0 fucks what they do to us. They hit our civilians, hell they kidnap people, torture them, and murder them (see the Warmbier case).
Either way, always up for suggestions! What route would you go down? What would you do about this?
Thanks for chiming in. I stand by everything I said in my previous comment.
> These countries do it and they do it openly.
Please share a SINGLE example of a government openly taking credit for a ransomware attack.
> Yes it’s like another sanction - why do you think sanctions are bad?
Sanctions against individual entities are okay. Sanctions against entire countries are barbaric; collective punishment is a violation of international law. Why do you think diabetic Syrian children should be starved of insulin because a hostile foreign government unilaterally decided the Syrian state needs to be overthrown (e.g. Caesar sanctions)?
> Either way, always up for suggestions! What route would you go down? What would you do about this?
You clearly have a misinformed and underdeveloped view of geopolitics and non-Western countries like North Korea, which is why I think it is a travesty that you are talking about unleashing terror (industrial sabotage) upon those countries AND that the US government and mainstream media are entertaining those thoughts. The idea that North Korean civilians, particularly those involved in commerce, don't have any access to digital communications is utterly preposterous.
DPRK/North Korea is made up of regular humans that have wildly different cultural and political norms than us. Their country and population was horrifically devastated ~75 years ago on a scale that we in the Western hemisphere simply cannot conceive. They were shut out of the Western-dominated global order and are kept on a leash as a nuclear-armed pariah state; an permanent "threat" that warrants enormous investment in the South Korean, Japanese, and US military complexes.
My suggestion is this: have a modicum of curiosity and empathy about your "enemy" especially when it's an entire demographic. Why are they the way they are? What is a "siege mentality"? I don't have any issue with targeting specific entities including governments that are clearly associated with cyberwarfare or other crimes, but collective punishment is evil. Do a little bit of research about what Koreans on both sides have gone through, instead of dehumanizing them and committing evil.
Yea, and sections of the article lend the idea that he wasn't aware he was putting himself in physical danger - when angus warned him he should be aware that he could be violently mugged or have his medications tampered with and he got scared, that would have been one of my first considerations.
He ended up purchasing firearms and bulletproof vests (living in Florida) but continued with his crusade. That's conviction, whether or not it was the most effective path forward.
thank you and yeah, I’ve exhausted every other vector i can think of and i’m pretty well connected in the intelligence community and DoD! So fuck it, I’m not someone that likes to sit around and hope someone does something. Obviously there’s possibly stuff i just didn’t think of but this seemed like a natural and effective way to get people to listen. It worked, they listened but no real funding or action. Now this piece, i’m kicking asses forward to do something! But i’m not afraid to admit that i’m not the pinnacle of intelligence i’m just persistent af and know how to get peoples attention. And i’ve practiced hacking in very very many disciplines my whole life, so i’m not too bad at it.
we all need all kinds of perspectives in the discourse of how to proceed I think! my usage of "crusade" may have been loaded, I can respect your approach
oh i knew haha. It was just made very real by angus and he told me the attack vectors to watch out for. I’m not a gun guy, which is why he told me to get some. Which I did.
I’m not a gun guy either but have had to respond to threats to my safety as well. Good luck and be safe, will definitely be following your journey because I think you are 100% correct.
I think the assumption is that North Korea already knows who he his: He didn't make a big deal of hiding who he was when he hacked them in the first place. Some people within the scene quickly figured out it was him, so it's fair to assume that North Korea figured it out too.
this ^^^^. You nailed it spot on. They knew and have known for a couple of years. Coming out actually makes me a bit safer from them because now everyone knows i’m ACTUALLY affiliated heavily with the IC and DoD. Try murdering someone like that… well that person might have contingencies in place so that things just start to randomly burn down in your country……………
Not to mention any official action of murdering YET ANOTHER US citizen (see the Warmbier case) but this time with very real military connections. May make them think twice.
I’m far more afraid of our own government than theirs to be frank. Though i didn’t break any laws that i know of. I attacked a “country” that we don’t even recognize as a country but a terrorist state! So are they gonna prosecute me for attacking terrorists with a pretty minor attack in the grand scheme of things? I hope not and i don’t think so…. but FBI is gonna FBI.
I fear that you’re setting yourself up for danger by thinking your DoD contacts can save you from assassination… North Korea have assassinated more important people in airports of all places…
> Try murdering someone like that… well that person might have contingencies in place so that things just start to randomly burn down in your country……………
I don't even know where to start with this. The article portrayed your interaction with the DoD to giving them a Powerpoint presentation and making various attempts to catch their attention. Which you've portrayed here as a 'heavy affiliation'... so heavy that the state conducts special operation behind enemy lines to avenge you.
they already knew and have known for a while is why. Putting my name out there actually makes me safer because i have very real associations with the DoD that can be confirmed.
His identity has been an “open secret” since before the original story broke - he had tweeted some screenshots of his shenanigans on his personal account.
Kind of interesting that he so openly admits to getting up to stuff now though.
It's also worth noting though because the first half of TFA makes it out to be some kind of big reveal.
What I find most interesting is that apparently he has been “green lit” to do this kinda stuff, there was another story in the BBC today about some pro-Ukraine hackers in the US who also seem to have been largely “given the nod” by USG. https://www.bbc.com/news/technology-68722542
I’m not against this at all, and approve of it personally, but it’s interesting nonetheless. I’d honestly have expected the Feds to show up and knock on the door and go “ok, please stop”.
Being green lit with a simple nod allows for plausible deniability later though. At any point, the green lit person/team can take it further than what was initially thought, the repercussions become more severe than anticipated, or any thing really, and the that green light suddenly becomes red. They can then scoop up the "bad actors" in a face saving move to those that were offended to say it was just rogue actors doing unsanctioned stuff. See, we put them in jail...now.
Sup people, it’s P4x, proof above. just hearing opinions from everyone. Great so far and giving me lots of ideas. I’ll be in and off here in general so feel free to ask me any questions or throw out any comments. Just don’t be a dick about it and i’ll answer :).
This risks starting a nuclear war by accident. It's not certain DPRK can/will reliably distinguish a decapitating strike by the US military, from some random hacker trying to show off (by committing acts of war).
Who the heck knows how DPRK's nuclear command and control works? Who knows which parts are unexpectedly vulnerable, or how the paranoid, malnourished generals will interpret scary situations that wake them up at 3am? It'd be a ridiculously sutpid way to start a nuclear exchange—and I think it's a plausible one, I don't understand any reason to confidently reject it. Wars have always started for incredibly dumb reasons: a 19-year-old vigilante hero started World War I all by himself.
The consent manufacturing department of US Government also known as mass media. NSA knows what’s up. Joe Sixpack often does not, and pays trillions for it later.
They’ve only recently started commercializing them in Spain as far as I’m aware, so a gentle reminder for people like me was perfectly in order too. Hats off if AI can write with such a fine attention to detail.
They're insanely popular in hispanic communities so over the last 5+ years they've slowly climbed out of Mercadonas/Texas to other places and more general stores like 711. Like we started getting them in CO a few years ago and I moved here from TX where they're everywhere.
Same with Pepino Limon Gatorade, which I think is absolutely disgusting but it flies off the shelves with hispanic groups.
"Intellectual Property" lawyers might demand that someone else write that. You know, like when you read some corporate butt kissing article and everything has a "TM" or (R) or (C) on it, and brands are consistently used as adjectives. Big Mac(TM) brand ground beef patty sandwiches....
As a millennial who makes a lot of convenience store runs, I've never seen anyone of my generation or older with Takis. It's definitely zoomer food. The damned kids, what, with their spicy corn snacks and loud rock music on the music television channel. Back in my day, we only had Doritos, and we thought we were lucky just to have that.
>P4x notes that while his attacks at times disrupted all websites hosted in the country and access from abroad to any other internet services hosted there, they didn’t cut off North Koreans’ outbound access to the rest of the internet.
Did this achieve anything or did he just push them to patch vulnerabilities that could have been put to better use?