Junade Ali




Selected Works

North Korea kicked off internet by suspected DDOS attack | NK News

North Korea disappeared from the internet for several hours as crucial servers inside the country were unreachable on Friday morning, log files and domain records obtained by NK News show. The patterns of failing connectivity suggest that North Korea’s IT infrastructure may have been hit by a distributed denial-of-service (DDOS) attack, said cybersecurity researcher Junade Ali. “The intermittent connection issues, coming in waves, alongside the complete router failure, indicate this may be a D

Avoid complexity in data storage decisions

A little while ago, I faced the challenge of migrating a digital asset management system to the cloud. As part of this, I had to migrate out terabytes of data on legacy hardware to a new provider. Add to this the fact that the storage hardware was based in a staffed office in a rural part of England with significantly limited internet speeds. Ultimately, I managed to broker an agreement with a nearby datacentre to allow me to copy data physically to an external hard drive, plug it into a rented

North Korean group deploys sophisticated malware suite against DPRK watchers

With laser-like focus, DPRK-backed ScarCruft orchestrated attack one expert described as ‘devastating’ to privacy North Korean hackers orchestrated a highly targeted attack against prominent individuals in the DPRK-watching community, cybersecurity firm Kaspersky detailed in a new report on Monday, using multiple malware strains with what one expert called “devastating” effects for privacy. The report, which sheds new light on technical details of an attack against North Korean defector Kang M

How software development will change in 2022

Over the past year, I have studied in detail how the software development productivity space is changing. Over this time, I have spoken to engineering leaders from dozens of organisations, reviewed the latest literature and even conducted representative opinion polling among software engineers. While the future is uncertain, there are three key trends that technology leaders cannot afford to miss. How tech leaders implement these trends within their organisations will help to define how success

How to prevent developer burnout

Earlier this year, I led a joint research project between engineering productivity business Haystack Analytics and polling firm Survation, to understand the impact of burnout on developers. While there have been attempts to survey developer communities before, this represented the first time representative opinion polling was used to understand software engineers. When it came to burnout, the results were shocking. We found that 83% of software engineers reported that they were suffering from b

Hacked DailyNK website infected broad range of organizations | NK News

The North Korean malware attack against Seoul-based DailyNK has spread across multiple companies that accessed the website over the past few months, cybersecurity firm Kaspersky has told NK News. The infections contradict Daily NK’s claim that hackers inserted the malicious code on pages only accessible to its own staff, and raises questions about the organization’s decision to keep its readers in the dark about the security breach. Senior Kaspersky Security Researcher Seongsu Park said the ma

Half a dozen North Korean domains offline after apparent server outage | NK News

At least half a dozen North Korean websites and email servers dropped off the internet last weekend in a sign of growing instability of the country’s IT infrastructure. The server outage on Saturday night disrupted access to the websites of Air Koryo, the Ministry of Foreign Affairs, the Naenara web portal, Kim Il Sung University, as well as the email servers for Sili Bank and Star Joint Venture, cybersecurity researcher Junade Ali told NK News. The outage followed a change last month in how b

Hackers infect DailyNK website with malware to spy on readers | NK News

For at least two months, hackers linked to North Korea have been attacking readers of the DailyNK website with custom malware capable of stealing files and passwords, cybersecurity firm Volexity revealed in a report on Tuesday. The attack used two known vulnerabilities in Microsoft’s Internet Explorer and Edge web browsers to install malware dubbed “Bluelight,” according to the researchers. Once launched, the malicious software reportedly takes frequent screenshots, copies files, steals passwor

EngProd: The Secret of Elite Developer Teams

For companies to be successful, it is important to be able to get new ideas in front of users quickly, so you can keep up with the market and iterate based on real-world feedback. When technology teams find themselves unable to keep up with the pace of product development, they become the blockers of an organization. Ineffective technology leaders will pressure their developers to ship ever more work, causing developer burnout and software instability. By contrast, effective technology leaders

Report: 83% of UK software engineers suffer burnout, COVID-19 made it worse

A report on the wellbeing of UK software engineers (developers and DevOps professionals) found 83 per cent suffering from some degree of burnout, with most agreeing that COVID-19 was partly to blame. This survey [PDF] was conducted in June 2021 by pollsters Survation, on behalf of DevOps company Haystack, and although the number of participants was small (just over 250) it was conducted by interviews, rather than online forms which are vulnerable to low-quality responses. The respondents were

Developer burnout isn't going away. Employers need to act now

Big workloads continue to have a huge impact on resource-strapped software teams, with a new survey by Haystack finding that more than 8 in 10 developers suffer from burnout at work. Technology has played a key role in the fight against COVID-19, with IT teams helping businesses to adapt to remote working and digital-first operations. But this rapid adoption of technology has had a massive impact on those tasked with implementing it, with various reports highlighting the mental strain develope

83% of Developers Suffer From Burnout, Study Finds

Eighty-three percent of software developers suffer from workplace burnout, according to a study from Haystack Analytics. The top reasons for burnout include high workload, cited by 47% of respondents, inefficient processes, cited by 31%, and unclear goals and targets, cited by 29%, according to "Study to Understand the Impact of COVID-19 on Software Engineers." Burnout worsened during the pandemic, the study says. The study also finds that 83% of developers are concerned about software reliabi

Experts warn report on North Korea’s cyber power understates true threat | NK News

A new analysis of cyber capabilities and national power has ranked North Korea in the lowest of three tiers, arguing that the DPRK’s offensive cyber operations are of low sophistication and hampered by the limited number of skilled hackers in the country. The report published on Monday by the International Institute for Strategic Studies (IISS) put North Korea’s “cyber power” on the same level as Indonesia and Malaysia — an assessment that experts said underestimates the true abilities of North

North Korean websites go dark after botched server upgrade | NK News

More than a dozen North Korean websites were knocked off the internet on Tuesday morning due to a failed software update, according to screenshots obtained by NK News. Websites affected by the outage included the online presence of The Pyongyang Times, the Ministry Of Public Health and at least 14 other sites hosted on the same server, records on the internet’s Domain Name System (DNS) showed. “The fact these websites are hosted on a single server which is liable to be taken offline by such out

How To Assess And Improve Your Software Engineering Team's Performance | Hacker Noon

How To Assess And Improve Your Software Engineering Team's Performance Suppose your SRE team has just rolled out a brand new fully self-serve Kubernetes infrastructure, how do you show your boss that it's helped the engineering team deliver faster? Imagine your product engineering team has finally managed to pay down some tech debt through refactoring, how do you show the Product Manager that it was worthwhile for helping your team deliver business value in the long term? As an engineering ma

North Koreans sharpen their cyberskills at online coding competitions

Free platforms may offer insights to threat researchers but help the DPRK build its cyber force, experts say Dozens of North Korean software developers appear to be honing their skills on freely accessible coding platforms that may help the DPRK build its cyber force, an NK Pro investigation of profiles across several such websites showed. But cybersecurity experts said that the participation of North Korean programmers in these coding competitions may also reveal interests, techniques and prog

North Korean hackers breached sensitive defense network at Russian firm

DPRK-linked Lazarus Group accessed restricted data by using “highly interesting technique,” according to Kaspersky In a successful attack that shows how quickly North Korean hackers are able to evolve, the DPRK-linked Lazarus Group stole sensitive information from a Russian defense firm, cybersecurity firm Kaspersky said on Thursday. According to the report, the hackers compromised a router in mid-2020 to create a bridge into a strictly separated network — a “highly interesting technique” that

North Korean Hackers Hide in Plain Sight | Hacker Noon

On the evening of the 25th January 2021, Google’s Threat Analysis Group published details of a campaign targeting security researchers attributed by them to “a government-backed entity based in North Korea”. Google described the attack as using a “novel social engineering method”. Social engineering usually describes attacks that target the human factors of computer security, such as by using phishing emails or phone call impersonation. Whilst highly-competent security experts may consider them

3 Software Ownership Models and Joint Care for Dev Teams | Hacker Noon

In traditional software operations, software would be "thrown over the fence" to operations teams. Technical operations teams would be aided in operating a service using Standard Operating Procedures (SOPs). With the advent of practices like DevOps and the growth in hiring SREs (Site Reliability Engineers), development and operations are increasingly unified. This has allowed "chore" work like deployments and maintenance to be automated. Standard Operating Procedures still play a role in this w
Load More Articles