N. Korea Threatens The World With Cyberwarfare - Not Nuclear Missiles

For a country that’s as “off the grid” as you can get, North Korea is remarkably plugged in to cyberwarfare. And their efforts here should concern you as much as their nuclear and missile programmes.

North Korea has been linked to some of the biggest cyber-attacks in history, including the Sony Hack, the WannaCry Ransomware, the Central Bank of Bangladesh Heist, and countless other attacks against South Korea and Japan and even US interests. And they are getting better.

Cyber activities are a key part of North Korea’s war strategy. According to a great report from the centre for Strategic and International Studiesa bipartisan think-tank- “North Korea sees cyber operations as a relatively low-cost and low-risk means” of operation. This allows them to “upset the status quo with little risk of retaliation or immediate operational risk.”

For Pyongyang, cyber capabilities are “an effective means to severely disrupt or neutralise the benefits of having a networked military.” If you read between the lines, that means the United States and its allies.

We shouldn’t be surprised by this. Cyber capabilities are rapidly becoming a tool in the arsenal of every military and intelligence organisation about the world.

Cyber-attacks are most effective against highly networked countries and militaries in places like the United States, the European Union and several governments in Asia, but less effective against disconnected countries like North Korea.

Think about that. North Korea can execute some of the most sophisticated and destructive cyber-attacks created, but their low-tech infrastructure makes them less vulnerable to those same kind of attacks.

To give you an idea of how much the country is unplugged, just look at a night time satellite photo of the Korean Peninsula. To the south, you have a glowing nation. To the north, darkness.

North Korea is clever in their use of cyber capabilities, deploying their cyber warriors outside their borders to conduct the attacks. That helps them hide the origin of the attack and deflect attention from Pyongyang, which naturally always denies any involvement. In the case of the Sony Attack, they even kindly offered to help find out who was responsible.

North Korea isn’t just using cyber capabilities to advance their military goals. They are also acting like cyber criminals. They’re using cyber tools to steal cash, allowing them to make money despite strict economic sanctions imposed by the international community.

According to a defector, a former professor of computer science in North Korea, Pyongyang has a dedicated unit– Unit 180– that focuses on raising money from overseas hacking. Researchers say this effort has been more successful than other efforts to raise money and get around the sanctions. And it’s certainly more cost effective.

An official in South Korea says their government suspects Pyongyang had a role in attacks against banks in Poland, Vietnam, and the Philippines. In 2016 alone, North Korea is also suspected in hacks against more than 160 companies and government agencies in South Korea.

So what do we do?

As a first step we always need to maintain good cybersecurity here at home. Basic cyber hygiene on an individual level will do wonders in protecting you from any attack. As always, think twice before clicking an attachment or link because that’s how hackers get in.

At the national level, the United States needs to confront North Korea when it finds evidence it is responsible for an attack. The President’s direct calling out of Pyongyang from Sony put North Korea on notice. We will need to do more of that on the international stage.

And, of course, there are the covert efforts that may or may not be taking place. But I wouldn’t know anything about those.

IntellAsia:

You Might Also Read:

North Korea, WannaCry, Cyberattacks And Lazarus:

North Korea's Cyber War on Australia:

 

« US Tries To Keep Up with Terrorists Tech
Data Scientists Remain Top Of ‘most wanted’ Employees »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

360 Total Security

360 Total Security

360 company is the largest provider of Internet and mobile security products in China.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

XPO IT Services

XPO IT Services

XPO IT Services are dedicated to providing secure, high quality IT recycling and asset disposal services.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

CyberScotland

CyberScotland

The CyberScotland Partnership is a collaboration of key strategic stakeholders, brought together to focus efforts on improving cyber resilience across Scotland in a coordinated and coherent way.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

PlexTrac

PlexTrac

PlexTrac is a cybersecurity reporting and workflow management platform that supercharges security programs, making them more effective, efficient, and proactive.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

Archer Technologies

Archer Technologies

Archer helps organizations manage risk in the digital era—uniting stakeholders, integrating technologies and transforming risk into reward.

Cognna

Cognna

Cognna's innovative platform is designed to empower you and your team, providing the tools you need to detect, prevent, and resolve threats with ease.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.

SureStack

SureStack

SureStack is an AI-native cybersecurity platform that provides organizations with continuous validation, optimization, and real-time security of their cybersecurity stacks.