N. Korea Threatens The World With Cyberwarfare - Not Nuclear Missiles

For a country that’s as “off the grid” as you can get, North Korea is remarkably plugged in to cyberwarfare. And their efforts here should concern you as much as their nuclear and missile programmes.

North Korea has been linked to some of the biggest cyber-attacks in history, including the Sony Hack, the WannaCry Ransomware, the Central Bank of Bangladesh Heist, and countless other attacks against South Korea and Japan and even US interests. And they are getting better.

Cyber activities are a key part of North Korea’s war strategy. According to a great report from the centre for Strategic and International Studiesa bipartisan think-tank- “North Korea sees cyber operations as a relatively low-cost and low-risk means” of operation. This allows them to “upset the status quo with little risk of retaliation or immediate operational risk.”

For Pyongyang, cyber capabilities are “an effective means to severely disrupt or neutralise the benefits of having a networked military.” If you read between the lines, that means the United States and its allies.

We shouldn’t be surprised by this. Cyber capabilities are rapidly becoming a tool in the arsenal of every military and intelligence organisation about the world.

Cyber-attacks are most effective against highly networked countries and militaries in places like the United States, the European Union and several governments in Asia, but less effective against disconnected countries like North Korea.

Think about that. North Korea can execute some of the most sophisticated and destructive cyber-attacks created, but their low-tech infrastructure makes them less vulnerable to those same kind of attacks.

To give you an idea of how much the country is unplugged, just look at a night time satellite photo of the Korean Peninsula. To the south, you have a glowing nation. To the north, darkness.

North Korea is clever in their use of cyber capabilities, deploying their cyber warriors outside their borders to conduct the attacks. That helps them hide the origin of the attack and deflect attention from Pyongyang, which naturally always denies any involvement. In the case of the Sony Attack, they even kindly offered to help find out who was responsible.

North Korea isn’t just using cyber capabilities to advance their military goals. They are also acting like cyber criminals. They’re using cyber tools to steal cash, allowing them to make money despite strict economic sanctions imposed by the international community.

According to a defector, a former professor of computer science in North Korea, Pyongyang has a dedicated unit– Unit 180– that focuses on raising money from overseas hacking. Researchers say this effort has been more successful than other efforts to raise money and get around the sanctions. And it’s certainly more cost effective.

An official in South Korea says their government suspects Pyongyang had a role in attacks against banks in Poland, Vietnam, and the Philippines. In 2016 alone, North Korea is also suspected in hacks against more than 160 companies and government agencies in South Korea.

So what do we do?

As a first step we always need to maintain good cybersecurity here at home. Basic cyber hygiene on an individual level will do wonders in protecting you from any attack. As always, think twice before clicking an attachment or link because that’s how hackers get in.

At the national level, the United States needs to confront North Korea when it finds evidence it is responsible for an attack. The President’s direct calling out of Pyongyang from Sony put North Korea on notice. We will need to do more of that on the international stage.

And, of course, there are the covert efforts that may or may not be taking place. But I wouldn’t know anything about those.

IntellAsia:

You Might Also Read:

North Korea, WannaCry, Cyberattacks And Lazarus:

North Korea's Cyber War on Australia:

 

« US Tries To Keep Up with Terrorists Tech
Data Scientists Remain Top Of ‘most wanted’ Employees »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Oodrive

Oodrive

Oodrive is the first trusted European collaborative suite allowing users to collaborate, communicate and streamline business with transparent tools that ensure security.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

GrrCON

GrrCON

GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people.

CipherBlade

CipherBlade

CipherBlade specializes in blockchain forensics, data science and transaction tracking.

BrandProtections.Online

BrandProtections.Online

BrandProtections.online offer end-to-end customer support solutions to help protect against threats which may affect your brand online.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

OpenAVN (DefenseArk)

OpenAVN (DefenseArk)

Defending your life online, keeping your data safe and private. We detect digital threats magnitudes faster than the leading antivirus software.

TuxCare

TuxCare

TuxCare make Linux more secure. We take care of Linux so that organizations can use Linux to support environments that require high levels of Cybersecurity, stability, and availability.

Cool Waters Cyber

Cool Waters Cyber

Cool Waters Cyber manage cyber security governance, risk and compliance.