#recorded future

Hacker Obtains Sensitive Manuals for Military Drone, Tank, Etc.

How did a hacker manage to snag a maintenance manual for an MQ-9 Reaper Drone as well as a list of Arimen who worked with them? How about  the specs for an Abrams Tank? Those and other sensitive documents were stolen by a hacker and placed on the “dark web” for sale. Fortunately a cybersecurity group called Recorded Future revealed the chink in our armor and is working with law enforcement to fix…

#RecordedFuture Awarded Threat Intelligence Contract for Accelerated Security With U.S. Cyber Command. #USCYBERCOM

Recorded Future today announced it has been awarded a Production-Other Transaction Agreement (P-OTA) contract facilitated by the Defense Innovation Unit (DIU) for threat intelligence, paving the way for the company to provide real-time threat analysis to approved federal agencies on an expedited basis.

The P-OTA, with a ceiling value of $50 million, also marks the first P-OTA contract awarded by…

By Craig Timberg and Ellen Nakashima, Washington Post, July 25, 2017

Western researchers recently began sifting through troves of North Korean Internet data, looking for activity related to missile launches or malicious cyber activity within the famously isolated country.

What they found instead surprised them.

North Korea’s tiny circle of elite families--among the few people in the country with unfettered access to the Internet--turned out to be strikingly like the rest of the world in their digital habits. They use their smartphones to check Gmail, call up their Facebook accounts and browse for goods at Amazon and Alibaba, a China e-commerce company, according to a report to be released Tuesday and provided in advance to The Washington Post.

“These leaders are doing many of the same things that we do when we wake up in the morning,” said Priscilla Moriuchi of Recorded Future, a threat intelligence firm that wrote the report. “They’re not isolated.”

These observations apply to only a tiny sliver of North Koreans because the vast majority of the nation’s 25 million people are poor and have no access to the Internet. Even the few who have mobile devices--a number estimated as high as 4 million people--are confined to a heavily censored, government-run national network called Kwangmyong.

But some North Koreans do have direct access to the Internet through universities, select businesses and perhaps the homes of top government or military officials. Whoever they are, 65 percent of their overall Internet traffic was devoted to gaming and streaming online content. Among the most popular streaming services are China’s Youku video-hosting service and iTunes.

North Koreans with Internet access have a particular fondness for Baidu, a Chinese search engine and Internet services firm, as well for a multiplayer online game called World of Tanks, the researchers found.

The researchers also found that few of the elites on the Internet in North Korea used virtual private networks or other tools for cloaking the origin of digital activity, although one iPad used a virtual private network “to check a Gmail account, access Google Cloud, check Facebook and MSN accounts, and view adult content,” the report found. Other people with Internet access used virtual private networks to make purchases using bitcoin, follow Twitter and upload documents to Dropbox.

“If it’s real, it’s very interesting because it shows more access from North Koreans to the Internet and more access to information,” said technology journalist Martyn Williams, who runs the North Korea Tech website from his home in northern California.

Recorded Future, based in Somerville, Mass., reached its conclusions by examining data collected by Team Cymru, a nonprofit Internet security research group, between April 1 and July 6 on three sets of Internet address blocks they think are used by North Koreans.

The trove of data probably did not include Internet use by foreign embassies or international groups based in the country, which typically use their own Internet links, the researchers said. But the data may have included some small amount of traffic from foreign journalists or other visitors to the country.

The findings track loosely with other research showing that North Koreans are more plugged in to global information flows than commonly assumed, said Victor D. Cha, a former White House North Korea expert and now a senior adviser to the Center for Strategic and International Studies, a Washington think tank.

He said interviews conducted with people living in the country have revealed alternative sources of information for North Koreans beyond government propaganda, and that people working in professional settings often speak privately of their frustrations with the regime of Kim Jong Un.

“There’s a surprising level of awareness of the inadequacies of the government,” Cha said.

The report by Recorded Future also shows that North Koreans are reaching the Internet through access available in India, Malaysia, New Zealand, Nepal, Kenya, Mozambique and Indonesia--all countries where North Korea also has at least some small base of operations through government programs, universities or other institutions.

Recorded Future researchers said they saw a “near absence of malicious cyber activity” from the North Korean mainland in the April to July time frame, which indicated to them that the regime is conducting most of its malicious activity from abroad. U.S. intelligence analysts say that North Korea conducts most of its cyber operations from outside the country--primarily in China, but from other countries, such as Malaysia, as well.