N. Korea Threatens The World With Cyberwarfare - Not Nuclear Missiles

For a country that’s as “off the grid” as you can get, North Korea is remarkably plugged in to cyberwarfare. And their efforts here should concern you as much as their nuclear and missile programmes.

North Korea has been linked to some of the biggest cyber-attacks in history, including the Sony Hack, the WannaCry Ransomware, the Central Bank of Bangladesh Heist, and countless other attacks against South Korea and Japan and even US interests. And they are getting better.

Cyber activities are a key part of North Korea’s war strategy. According to a great report from the centre for Strategic and International Studiesa bipartisan think-tank- “North Korea sees cyber operations as a relatively low-cost and low-risk means” of operation. This allows them to “upset the status quo with little risk of retaliation or immediate operational risk.”

For Pyongyang, cyber capabilities are “an effective means to severely disrupt or neutralise the benefits of having a networked military.” If you read between the lines, that means the United States and its allies.

We shouldn’t be surprised by this. Cyber capabilities are rapidly becoming a tool in the arsenal of every military and intelligence organisation about the world.

Cyber-attacks are most effective against highly networked countries and militaries in places like the United States, the European Union and several governments in Asia, but less effective against disconnected countries like North Korea.

Think about that. North Korea can execute some of the most sophisticated and destructive cyber-attacks created, but their low-tech infrastructure makes them less vulnerable to those same kind of attacks.

To give you an idea of how much the country is unplugged, just look at a night time satellite photo of the Korean Peninsula. To the south, you have a glowing nation. To the north, darkness.

North Korea is clever in their use of cyber capabilities, deploying their cyber warriors outside their borders to conduct the attacks. That helps them hide the origin of the attack and deflect attention from Pyongyang, which naturally always denies any involvement. In the case of the Sony Attack, they even kindly offered to help find out who was responsible.

North Korea isn’t just using cyber capabilities to advance their military goals. They are also acting like cyber criminals. They’re using cyber tools to steal cash, allowing them to make money despite strict economic sanctions imposed by the international community.

According to a defector, a former professor of computer science in North Korea, Pyongyang has a dedicated unit– Unit 180– that focuses on raising money from overseas hacking. Researchers say this effort has been more successful than other efforts to raise money and get around the sanctions. And it’s certainly more cost effective.

An official in South Korea says their government suspects Pyongyang had a role in attacks against banks in Poland, Vietnam, and the Philippines. In 2016 alone, North Korea is also suspected in hacks against more than 160 companies and government agencies in South Korea.

So what do we do?

As a first step we always need to maintain good cybersecurity here at home. Basic cyber hygiene on an individual level will do wonders in protecting you from any attack. As always, think twice before clicking an attachment or link because that’s how hackers get in.

At the national level, the United States needs to confront North Korea when it finds evidence it is responsible for an attack. The President’s direct calling out of Pyongyang from Sony put North Korea on notice. We will need to do more of that on the international stage.

And, of course, there are the covert efforts that may or may not be taking place. But I wouldn’t know anything about those.

IntellAsia:

You Might Also Read:

North Korea, WannaCry, Cyberattacks And Lazarus:

North Korea's Cyber War on Australia:

 

« US Tries To Keep Up with Terrorists Tech
Data Scientists Remain Top Of ‘most wanted’ Employees »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

Watch this webinar to discover how a WAF goes beyond a standard firewall and helps you meet security industry compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Cydome Security

Cydome Security

Cydome offer solutions to protect your sensitive data even when it leaves the organization perimeter.

Cyber Prism

Cyber Prism

Cyberprism provides integrated cyber security solutions in the maritime and private wealth protection sectors.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

Absio

Absio

Absio provides the technology you need to build data security directly into your software by default, and the design and development services you need to make it happen.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

Perygee

Perygee

Perygee is a fully integrated platform for operational security. Companies depend on Perygee to identify and streamline the most important security practices for their operations.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.