90% of a large scale hack, like this one is intelligence collection.

It starts off with gathering public info on the target. Names of employees etc.

Then you gather public info about those employees. Social media is a gold mine for this step.

Then you look at the backgrounds of these people. The more info you have on them, the easier the actual hack is. This data will be used in later parts of the attack for password cracking and social engineering (I can call an employee and say that I'm Steve Smith from IT and need them to give me remote access to fix an issue. They will believe it because Steve Smith really does work in IT.

Then you look for the public face of their network. DMZ servers, email servers, border routers, firewalls, etc. With this you begin to build a network map.

Next they will begin checking for open ports on the network. This will not only tell them avenues of approach, but it will tell them a lot about how business is conducted within the company. You can learn what software is in use, what operating systems you're dealing with and so on.

This is still all in the intelligence collection phase of the attack.

Learning what services computers are using can tell you did like netbios names and domain names. This leads you to domain controller servers.

Now you can see where the hash values are stored for passwords. You can copy those and toss them into a password cracking computer(s).

Once you have a good collection of who works where and does what, and you have a detailed lay out of the devices on the network, software in use and user credentials, you can begin the actual attack.

Place a few hidden rootkit bots through out the network for things like keystroke recording etc, you have a hidden backdoor where time is on your side. Record everything everywhere.

You're in and out of the network in mere seconds undetected never need to return.

The Intel you can get on a business and the people in it is mind blowing. The damage that could be done with all of that would cripple a business and ruin people's lives.

Think Sandra Bullock in The Net...

Could the norks do this? Yep!

Would it benefit them? Oh hell yeah.

To get caught is amateur hour. Which is also believable for it being norks.

I think it's plausible and likely that it was done by them. I don't believe they acted alone though


"Our Constitution was made only for a moral and religious people. It is wholly inadequate to the government of any other." - John Adams

Turdlike, by default.