91 comments

[ 3.9 ms ] story [ 116 ms ] thread
>> Corrections & Amplifications An earlier version of this article incorrectly included the name of a defector familiar with North Korea’s cyber training, whose identity was included in violation of the agreement with the source. (April 19, 2018)

Yikes!! I understand mistakes happen, but what an absolute betrayal of trust

This is something that should never ever happen. Where are the checks and where is the oversight?

What has become of this paper?

You mean since Rupert Murdoch bought it or some other event?
One hopes the page hasn't been cached anywhere
This is one of the problems with paywalls - I regularly see a full article posted in reddit comments and I doubt they're checking for corrections like this later on.
I think that it's safe to say that once the cat is out of the bag, there's no way it's going in again.
It has been unfortunately.
Can you try and at least send them an e-mail asking them to clear it?
Good idea. I’ll try it.
I don’t usually think someone should be fired for mistakes but this is so egregious. How does their name even end up in a draft, much less the published article? How will the convince anyone considering discussing something anonymously with the paper to move forward with a screw up like that?
The first thing anyone who is not asleep at the wheel would ask is, “does this person really want to be named?”
We are all human and humans make mistakes. While a devastating action, it was likely a process that failed rather than an individual being inept.
We hope there is a process. We can be sure that several individuals were inept. The journalist certainly knows the source wished to remain anonymous, and an editor certainly had to approve that.
Given all the down-votes, seems I am a sucker to give them the benefit of the doubt and not join the crowds calling for heads on plates. How dare I attempt to have faith in humanity.
So, if I make a mistake that puts you and your family on a hit list of a murderous dictatorship, you'd be cool with it?
Of course not. But having someone sacked won't reverse the mistake or prevent this happening again. It was a terrible, terrible mistake, but the absence of malice here should be considered.
Absence of malice is nice, but what should be considered more highly is the absence of care.

Remember, this error probably will get people killed.

A rapid & public sacking may not reverse the error, but will have at least some preventative effect -- some people learn from the mistakes of others.

Of course this should not be the only step, and they should also add processes & procedures to help make it more difficult for this error to get through again (default to no names for sources?, second set of eyes asking for every source?)

Yes hyumans make mistakes. And those mistakes have, and should have consequences.

When the likely result is to get someone killed, there should be serious consequences for the people, regardless of whether it was 'people' or 'process' that you put at the top of the fault chain.

That is the way it works in the real world. Small bits of inattention can lead to death. We don't say that 'it was just a small thing' when someone is texting while driving and crashes and injures/kills people, even tho it was just a a few seconds lapse of attention.

This source, and/or his family back home are now likely on a NK hit list. The employer has now had it's credibility for confidentiality destroyed for a decade. This lapse should have consequences.

(And if you don't like the potential consequences, either make sure you play the game right, or don't play the game.)

I'm not sure I understand your comment in full, but I wasn't suggesting there be no consequences for this mistake. I also don't see it in any way trivial. Sacking people is easy and a quick fix but what change was actually made to ensure this never, ever happens again.
Humans make mistakes, processes or the lack thereof allow them to happen.

When mistakes of a certain threshold happen, the organization should have a post-mortem to ensure such a scenario does not recur.

In addition, the person who failed should hold their own post-mortem in private, with the possible addition of a supervisor to determine how they failed, if at all, and how they can use the incident as a learning experience.

"Blame process, not people" is great in that it encourages folks not to pillory someone for a mistake that they themselves could have possibly made, but it is not a "Get out of jail free" card.

Humans make mistakes, but this was a mistake at multiple levels. The name shouldn't have been in a draft, certainly shouldn't have been anywhere near the final piece, and probably should have been caught by an editor.
It’s probably basic CIA move, you want to take out somebody from there, you “accidentally” cite them as source. It doesn’t matter if it just creates confusion and uncertainty there or complete removal of that person, you win in any case; if it’s temoval - it’s a big win.
The news business can no longer afford nonessential investments in institutional pride and professionalism, like copy editing.
Wtf. And why even include the name in the first place? Literally no good would have come from that in a story like this. If you must refer to a name use a pseudonym.

This really subtly shows one of the darkest sides of journalism, especially considering it's coming from the WSJ. The engagement of the audience and ad revenue is so important that protecting sources and journalistic integrity is so easily forgotten by the author and editors.

Reminds me an article on Gerard de Villiers [1]

He was a French pulp spy novels writer (SAS), who turned out to be some kind of mailbox between intelligence services to share spy stories. So a lot of his books are directly inspired from real stories, with names changed. Until he forgot to change the name of a CIA station chief...

[1] https://www.nytimes.com/2013/02/03/magazine/gerard-de-villie...

This can get your entire family sent to a work camp. SERIOUS misstep there.
That correction is making it worse. Now they might search for cached versions. Ugh, serious mistake.
Non-paywalled version?
Replacing 'wsj.com' with 'fullwsj.com' works for any WSJ article. Redirects via Facebook.

https://www.fullwsj.com/articles/how-north-koreas-hackers-be...

Alternatively, save the following as a bookmark and click it on the article page:

    javascript:location.href='http://facebook.com/l.php?u='+encodeURIComponent(location.href)
That and the bookmarklet work for me, but only if I open an incognito window first.
I doubt they ever became good, because to grow good "anyone" is very hard in such a harsh dictatorship.

It's much more likely they just hire technical mercenaries.

(comment deleted)
Lots of "patriotic" hackers in Russia, one of North Korea's few friends...
You can buy books and access internet easily in russia.
In an authoritarian state, especially one where food is scarce to much of the population, learning a skill that is considered vital to the state is a good way to ensure you can eat.
It reminds me of all the 'Humanity started farming and it allowed people to specialize'.

Also, I imagine that those skills allow you to talk to the outside world without any old people knowing whats going on.

NK has a system where everyone with any kind of outside contact is paired up with a stranger who might be an intelligence agent or just a regular person whose family has been taken hostage, but in any case they're fairly likely to snitch. The East German Stasi used similar methods, and quite effectively.
Comparing the situation in Eastern Germany to North Korea is a bit of a stretch to put it mildly. I don't know first-hand how bad it is in NK, but I grew up in the GDR. Even the worst Stasi actions are most likely tamer than a normal day in North Korea (family members and friends ended up in jail for weeks or months for attempting to escape to the West, but I guess if the same happened in North Korea it's not done with a bit of jail time).

Most Stasi snitches (IMs) didn't need much 'encouragement' by the Stasi, most did it for purely egoistical reasons (money or favours).

>Even the worst Stasi actions are most likely tamer than a normal day in North Korea

as reported in doubtful articles and by sources with reasons to put some spice on their stories (e.g. to have them celebrated and promoted as heroic defectors as opposed to run of the mill immigrants).

Interesting thought, if N.K. is as connected as the USA, the master hacker would more or less own (pwn?) the country, right? "Luckily" for NK, most of their infrastructure are probably offline.
> Over the past 18 months, the nation’s fingerprints have appeared in an increasing number of cyberattacks, ...

Bullshit. Bullshit. Bullshit. No proof, no evidence, no nothing. This whole article is propaganda.

Does anyone really believe that a nation where 99% of people shit in simple holes in the ground could build a competitive cyber army? They lease their internet connections from China. Everything appearing to come from NK could just be China.

Start providing evidence and start doing your job WSJ. Stuff like this will just lead to people hating NK for no reason and enable the Trump administration to go to war with them.

> a nation where 99% of people shit in simple holes in the ground

Now that is propaganda.

Fair enough ;) But is it worth going to war over this fact?
> Start providing evidence and start doing your job WSJ.

They actually provided too much evidence, betraying their source and naming them. This information isn't unfounded.

<dons conspiracy theory hat>

It would be easy to put a name out there, then redact it and pretend it was a real source. That it is hidden makes it hard to track even if you managed to get a copy of it when they were displaying the name, and investigating if they really exists becomes hard to do because it is easy to paint the investigator as someone not being ethical, putting the sources life at risk, and perhaps even an agent of NK seeking to harm the source.

<doffs conspiracy theory hat>

> It would be easy to put a name out there, then redact it and pretend it was a real source.

However, if both sides refer to that name as a defector, and the other side denounces their actions, it adds considerable weight to the argument.

What kind of “evidence” would you ever accept? If they show you server logs with NK IPs, you would point out that those are just text files, and can easily be faked. In fact, there is no evidence whatsoever that an online publication could provide if you refuse to accept peoples’ testimony.

This idea of distrusting institutions like the media is probably meant to make you appear smart and in-the-know. But it’s really just nihilism that leads to the breakdown of civil discourse.

The WSJ is generally regarded as an ethical and professional source of reporting, some upheaval in the last months nonewithstanding. And that’s how the system works: you can never verify all the facts of a single article. But you can judge a publisher on their track record. And, by all means, call bullshit on anything the National Inquirer writes. But if it’s a reputable source of news, and generally gels with a lot of other reporting by other sources from all along the ideological spectrum, don’t throw a temper tantrum and expect people to believe you over them.

So this very dangerous hackers that haven't yet found VPNs, Tor, etc... ?
The National Enquirer hasn't tricked us into multiple wars by dutifully parroting false pretexts. (E.g., every USA war in my parents' lifetimes.) You know that wars are bad, right? Lots of people die and lots of resources are wasted.
Don't they teach in logic classes that appeals to authority are an invalid form of logic?

If we don't trust authorities, in the world of the internet where anything goes, where does that leave us?

If we don't trust anybody, it leaves us nowhere. We will not be able to judge any statement made by anyone, except when we were eye witness ourselves. That would be a very sad state.

Logic is a valuable academic exercise, but also leaves you nowhere if the situation to assess becomes slightly complex.

Maybe logic classes are sometimes wrong?at the very least, invoking them is itself an appeal to authority.

You cannot start evaluating each and every statement from first principle.

Example: if your spouse asks you to give them your car keys, you are more likely to comply than when a stranger makes the same request.

That’s because you trust them, and because they have a lot to lose by betraying that trust. It’s no different with media outlets, the EFF, your doctor, and many other institutions.

It’s insane to pretend that you’re never trusting some authority: every time you log into your email provider or bank, you’re trusting them with information and money, based on your knowledge of their past behavior, and your understanding of their respective incentive structures.

Agreed. Any state nowadays has the resources to just move teams of hackers to other countries, sub-contract, create disguised VPN services in other countries. Use VPNs, Tor, VMs, etc...

It is just dangerous this kind of "journalism", that keep building on suspicion stories.

> Does anyone really believe that a nation where 99% of people shit in simple holes in the ground could build a competitive cyber army?

If you replace "cyber army" with "nuclear program" do you feel the same way?

We've already asked you to please not rant like this. Would you please comment civilly and substantively instead?
You expect substance from the comments while these articles lack any form of evidence? Stop muting every kind of discourse. Sometimes civil unrest (in the form of these rants) is needed. As I already stated above, the WSJ has a large audience and provides no evidence for serious claims. Claims that could be enough for someone like Trump to start a war on a nation (even nuclear).
To add a bit to what Scott said: one important reason to post substantive critiques of bad information, instead of flamey rants, is that a flamey rant makes it easy for readers to dismiss what you're saying. Assuming your view is correct, and the information you're ranting about really is bad, the net result is that by trying to defend the truth you actually discredit it, or at best make it seem partisan.
> "The researchers emphasize that catching hackers is difficult, and that they can’t be 100% certain that every attack attributed to North Korea was orchestrated by its cyberwarriors."

That's about the facts of this story.

> "Many North Korean hackers are using perfect English or embedding other languages into coding to make it appear hacks came from other countries, the researchers have concluded"

Everyone ends up using English even in comments. It's just easier. Everyone knows it. And it's where most resources are.

"Perfect English" is something that triggers me though; most comments I've seen are colloquial and limited, more like personal notes than anything. Or maybe that's just me.
I think they mean perfect as in flawless in its execution, relative to the context of comments in code.

Obviously comments don't need to be in MLA form, ya know?

As an ESL I can tell you that it also depends on your exposure to English. Non-native English speakers are often taught and exposed to mostly (classical) literary works and/or formal speak (for example, math and science). It's one of the reasons why their speech might sound stilted in person, but "perfect" in writing. What you think is "colloquial and limited" might be considered "perfect native speak" by the ESLs who often don't get that kind of environmental exposure to English.
Does ESL stand for English as a secondary language ?

Is that in common usage ? I have never seen it used to designate a group of people.

> Does ESL stand for English as a secondary language ?

I believe so.

I picked up this usage (ESL as a descriptor of person) from forums and boards around the internet. Not sure how correct it is.

It's been in use for a long time. I remember seeing it in the 70's in colleges that taught immigrants English for free in night classes.
It is accurate and also still in use in academia. In every educational institution I have worked, "ESL" is used both verbally and in digital records.
I recently noticed that some of my firefox bookmark folders were renamed. But it was not me that renamed it.

It was a very strange feeling. Whoever had renamed it was replying to the subject of the bookmark folder. So Eg. If the folder was called "Fast cars", then it would have been relabelled something like "I, this is fast cars pal." Both the "I" at the start and the "pal" are typically Scottish, which is where I'm from.

I deleted the folder.

Check for a gas leak
I dont understand you
This is one of the strangest stories of Reddit, both scary and useful. Glad to see it here.
Can confirm it is not that.
Don't even need to click that to know what it is =)
Wait, if they were forgetting that they were writing the notes, why did the handwriting look like the landlord's and not their own?

This reminds me of something similar that I experienced.

When I was younger my mother and I started noticing food missing in that there would be less of a bag of chips than we recalled. Nothing was ever completely eaten and the food had to have been opened first. We were pretty sure something weird was happening, and then one day we got home and I noticed there was a can of pop missing. I was absolutely certain I knew how many were left, so at this point we were convinced someone other than ourselves was responsible. After talking to other residents in the townhouse complex we find out we're not the only ones that this is happening to.

Fast forward a few days and I'm locked out of our townhouse. I went to my friend, who lived a few townhouses down, and asked if I could hang out for a bit as I was locked out. He proceeds to tell me that the caretaker's daughter who lives in one of the townhouses has a master key and can let me in, as she did it for him before.

We walk over to her place and he asks her to let me in with her master key. I will never forget the mix of anger and fear in her face as she weakly tries to deny having the key, only for him to bring up past incidents she has let him in. She relents and walks us over to my townhouse and lets me inside.

Amazingly, after that day we no longer had food and pop go missing.

> why did the handwriting look like the landlord's and not their own?

TLDR: carbon monoxide is a helluva drug

The likelihood that someone compromised your system just to rename your bookmarks is approximately epsilon.

The most likely explanation is that you did it and have no memory of it; this can be caused by taking certain sleep medications, having a sleep disorder, or by other environmental conditions (like a CO leak, already mentioned).

The next most likely is that a friend or family member with a bizarre sense of humor is playing a prank on you.

It is more likely that you own a cat, who is literate and can operate a computer, than that your system was remotely compromised for the purposes of renaming your bookmarks.

I did not say that it was for the purposes of renaming bookmarks.

However, the folder in particular was a collections of links, one of which I suspected had a virus. So I named it "folder with possible virus links". I can only imagine whoever was in my computer, could not resist renaming this.

I have no medication, no negative environmental conditions and I am, by normal standards, a sane individual.

Someone did it while you were in the bathroom.
I am the only one who uses my computer.
I occasionally work with code originating in South Korea and it is full of comments in Korean encoded in some windows Codepage I don't even know how to get vim to display them correctly. The identifiers are English but sometimes with spelling errors or odd idioms.
>Everyone ends up using English even in comments. It's just easier. Everyone knows it. And it's where most resources are.

I wish. I inherited a project full of third-party libraries that were commented in Cyrillic (I assume Russian).

> Everyone ends up using English even in comments. It's just easier. Everyone knows it. And it's where most resources are.

I don't know how they can be described as dangerously good hackers seeing as they forgot to strip off all the debug information when they compiled the code .. :]

I'm no hacker. But if I were I'd first hack North Korean servers, then use those servers to do all my outward hacking. This would ensure no cooperation of authorities and no traceback. North Korea is essentially a black hole for hackers to launch their attacks from. Not sure why people think this third world country is fostering the creativity and science and engineering background necessary for the hacking that's attributed to them.
Even if its a third world country they just need to foster a few hundred students and teach them to become hackers... Possible even if everybody else is starving.
We know with at least some degree of certainty they are fostering a rocketry program. I'm not sure why this would be any different.
Did dear leader buy his team a subscription to 2600?