Sony Hack may have been a practice run for something far worse
North Korean defectors are saying that the hack of Sony may have been a practice run for the NoKo's real target; telecoms and energy grids.
The hacking attack on Sony Pictures may have been a practice run for North Korea's elite cyber-army in a long-term goal of being able to cripple telecoms and energy grids in rival nations, defectors from the isolated state said.
Non-conventional capabilities like cyber-warfare and nuclear technology are the weapons of choice for the impoverished North to match its main enemies, they said.
Obsessed by fears that it will be over-run by South Korea and the United States, North Korea has been working for years on the ability to disrupt or destroy computer systems that control vital public services such as telecoms and energy utilities, according to one defector.
"North Korea's ultimate goal in cyber strategy is to be able to attack national infrastructure of South Korea and the United States," said Kim Heung-kwang, a defector from the North who was a computer science professor and says he maintains links with the community in his home country.
"The hacking of Sony Pictures is similar to previous attacks that were blamed on North Korea and is a result of training and efforts made with the goal of destroying infrastructure," said Kim, who came to the South in 2004.
The North's most successful cyber-attack to date may be the hacking at Sony Corp that led to the studio cancelling a comedy on the fictional assassination of North Korean leader Kim Jong Un.
Although not officially accused by Washington, U.S. government sources said on Wednesday that investigators had determined the attack was "state sponsored" and that North Korea was the government involved.
"They have trained themselves by launching attacks related to electronic networks," said Jang Se-yul, a defector from North Korea who studied at the military college for computer sciences before escaping to the South six years ago, referring to the North’s cyber warfare unit.
For years, North Korea has been pouring resources into a sophisticated cyber-warfare cell called Bureau 121, run by the military's spy agency and staffed by some of the most talented computer experts in the country, he and other defectors have said.
Most of the hackers in the unit are drawn from the military computer school.
Almost everyone in the cyber security community believes we simply aren't doing enough to protect our power grid and communications. The question is, how realistic is the threat?
It appears that our enemies (read competitors) have made exceedingly greater progress in their sophisticated cyber-warfare techniques than we have achieved in defending ourselves. Now comes Admiral Michael Rogers, the head of the National Security Agency and the U.S. Cyber Command, who warned last week that China and perhaps two other unnamed nations had “the ability to launch a cyber attack that could shut down the entire U.S. power grid and other critical infrastructure.”
Such a dire possibility should well have gotten a wider prominent play in the media. Yet Admiral Rogers underscored that software detected in China could seriously damage our nation’s economic future by interfering with the electric utility power companies that the citizens of New York, Dallas, Chicago, Detroit and other urban centers require as the basic life blood of survival. This possibility is a great deal more dangerous than stealing 76 million names from JP Morgan Chase.
This not a Sci-Fi fantasy being perpetrated as a hoax on the American public. The NSA head flatly predicted that “it is only a matter of the when, not the if, that we are going to see something traumatic.” He admitted NSA was watching multiple nations invest in this dangerous capability. He called the danger a “coming trend,” where our vulnerability will be equivalent to a hole in our software systems that are unseen by the multinational company, the public utility, the telecom giant, the defense manufacturer, the Department of Defense.
It's common sense to make some plans to survive such a cyber attack. Extra canned goods and water, extra cash, making sure you have a clean gun and plenty of ammo, and perhaps a gas powered generator with extra fuel. Experts say that you should plan on at least two weeks being without electricity, with some analysts saying it could be 6 months to a year.
The point is, if you want to survive such a calamity, you have to plan for it. The warnings are becoming more frequent and this cyber terrorist act against Sony is only the tip of the iceberg.