Cyberwarfare: US Launches DDoS Attacks Against N. Korean Spy Agency

The United States has reportedly been engaged in offensive cyberattacks against North Korea, but with no destructive results. According to a report by the Washington Post, President Donald Trump signed a directive earlier this year of putting pressure against North Korea that involved several diplomatic and cyber-military actions, including using cyber activities against the country.

The United States Cyber Command, which was elevated to a Unified Combatant Command by the President earlier this year, targeted North Korea’s military spy agency, the Reconnaissance General Bureau. The attack was a distributed denial of service (DDoS) campaign with an aim to flood North Korean spy agency’s servers with traffic, crippling its access to the internet.
“The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries,” the White House had said when the President had elevated its status to a combatant unit. 
“Through United States Cyber Command, we will tackle our cyberspace challenges in coordination with like-minded allies and partners as we strive to respond rapidly to evolving cyberspace security threats and opportunities globally.”

It is unclear when exactly the DDoS attack was launched and how long it lasted, but  overall campaign, that included a diplomatic campaign to push other countries to sever all ties with Pyongyang, was started in March, this year.

The officials in the US believe that the campaign wasn’t destructive and was merely designed to put pressure on the country. “Nonetheless, some North Korean hackers griped that lack of access to the Internet was interfering with their work,” WaPo reported citing an official. 

While North Korea isn’t going to find any vocal allies, the latest DDoS attack does make a point that the United States is capable of crippling an adversary’s cyberwar capabilities, even if temporarily. 

“In effect, it went live with a stable link between Russia and North Korea shortly after the US Cyber Command action finished,” the report adds. Analysts believe that with the DDoS attacks, the US could have had two goals: send a warning to the country and push it to reveal its other channels of internet access or use those that are potentially being monitored.

Some, however, worry that the operation, while not destructive when looked through the US officials’ eyes, might be taken as an act of war by the North Korean administration that could retaliate against the United States using its critical infrastructure that some believe has already been compromised.

North Korea hasn’t been innocent itself when it comes to cyberattacks. “What I can tell you is that North Korea has itself been guilty of cyberattacks, and we are going to take appropriate measures to defend our networks and systems,” a US official said. But Eric Rosenbach, former assistant secretary of defense, warned that “there’s accompanying risk of an escalation and a North Korean cyber-counterattack.”

WCCFTech

You Might Also Read:

Cyberwar: A Guide:

US Steps Up Its Cyberwar Capability:

Trump Tells US Cyber Command To Get More Aggressive:
 

« China Denies Targeted Cyber Attack
Russia Provides New Internet Connection to N.Korea »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Galois

Galois

Galois specializes in the research and development of new technologies that solve the most difficult problems in computer science.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Shift Technology

Shift Technology

Shift Technology provides insurance companies with an innovative SaaS solution to improve and scale fraud detection.

Spanish Network of Excellence on Cybersecurity Research (RENIC)

Spanish Network of Excellence on Cybersecurity Research (RENIC)

RENIC is a membership based sectoral association that includes research centers and other agents of the research cybersecurity ecosystem in Spain.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

Deepwatch

Deepwatch

deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

Basil Security

Basil Security

Basil is a policy enforcement tool for applications and infrastructure, as well as for security, development and operations (DevSecOps).

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

National Security Services Group (NSSG)

National Security Services Group (NSSG)

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.