Red Star OS, North Korea’s official Red Hat-based Linux distro, is very easy to install in a VM. Given recent revelations of its many security holes, it’s an excellent opportunity to install the operating system in a local VM and then pound it for vulnerability assessment. At the very least, this will let you derive a baseline vulnerability footprint irrespective of any firewalls or security protection devices that a real North Korean target may be running.
Below is North Korea's National Defense Commission's official statement regarding the December 2014 Sony cyberattack – grammar and spelling errors left intact. The statement was published on December 22, 2014 by the country's official news agency, KCNA. I've highlighted all the interesting (and humorous) parts.
US-CERT released alert TA14-353A today detailing a "SMB Worm Tool" recently used by cyber threat actors against a "major entertainment company". Given the timing of the US formal accusations against North Korea, this certainly hints that the malware toolset being referenced is the one used by the Guardians of Peace (GOP) in the recent Sony Entertainment Pictures attack and data breach. Given my initial review of the malware's characteristics – now I'm a little more impressed.
In an odd but not totally unexpected twist to the story, a hacking group claiming to represent Anonymous has threatened Sony with the same type of bitch slap they got from [cough] North Korea’s GOP if the movie The Interview is not released as planned. This was followed by other messages from a poster claiming to represent Anonymous in which the group announced plans for a "first strike" in the name of "free speech" and debated how, and if, to continue.
The following just went across the wire, released by the FBI, in which they "concluded that the North Korean government is responsible" for the attack and leak of Sony Pictures Entertainment data. The FBI based their conclusion on similarities in attack code and "infrastructure" previously tied to North Korea and threw down the gauntlet stating, "the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests."
In the wake of Sony’s embarrassing system breach and data leak, their delay of the upcoming movie, The Interview, may not be the cowering, knee-jerk reaction it appears to be. Assuming the attack against their corporate data systems came from the North Koreans, Sony’s play just might be brilliant.
A Pastebin dump attributed to Guardians of Peace (GOP) was released a few hours ago followed by the purported screenplay for the upcoming movie The Interview. In the dump, the GOP continued to harp on their Christmas Day threat while including an invite to the public for special “requests”. The dump included another little surprise too – a threat to anyone who attends The Interview movie.
NBC news reports the manager of a London hair salon was visited by unhappy North Korean embassy officials after using a picture of their fearless leader as an advertisement promoting a cure for “bad hair days”. Salon manager Mo Nabbach, who runs the M&M Hair Academy, said the salon is just a few miles from the North Korean embassy (which is oddly enough, a detached house on a residential street).
Although they pale in comparison to the United States’ Predator and Global Hawk military drones, North Korea apparently has a military drone program of their own, albeit Kim Jong-un’s version is little more than a RC plane with GoPro cameras strapped on. South Korea said today that two of the drones crashed outside their military installations near Paju, just south of the Korean DMZ.
A few hours ago, Twitter and Flickr accounts belonging to a North Korean news agency have been hijacked by Anonymous just one day after they announced “war” against the North Korean government. The Twitter and Flickr accounts represent Uriminzokkiri (meaning "Our Nation"), a North Korean news and known propaganda site. The Twitter page, which has over 14,000 followers, switched from Korean to English this morning and began broadcasting various pro-Anonymous and anti-North Korean messages while unflattering portrayals of North Korean leader Kim Jongun began appearing on the hacked Flickr account.
Anonymous has announced a new initiate “Operation Free Korea” that is targeting North Korea in an effort to install a free democracy in that country. Anonymous is demanding controversial leader Kim Jong-un resign, that North Korea abandon its nuclear ambitions, and for the government to give universal and uncensored Internet access to its citizens. They claimed to already have access to the country’s local intranets, mail servers, and web servers and are threatening to wage war if their demands are not met.
North Korea followed through with its plans announced last month and carried out its third nuclear test yesterday. Initial reports of a 5.1 magnitude artificial tremor in the northeast section of the country began to trickle out late yesterday evening with confirmation of the nuclear test coming out an our or so later. United Nations Secretary-General Ban Ki-moon released a statement condemning the nuclear test as a "clear and grave violation" of UN resolutions. President Obama echoed the outcry in his own statement, calling the test a "highly provocative act" that "undermines regional stability."