N. Korea Threatens The World With Cyberwarfare - Not Nuclear Missiles

For a country that’s as “off the grid” as you can get, North Korea is remarkably plugged in to cyberwarfare. And their efforts here should concern you as much as their nuclear and missile programmes.

North Korea has been linked to some of the biggest cyber-attacks in history, including the Sony Hack, the WannaCry Ransomware, the Central Bank of Bangladesh Heist, and countless other attacks against South Korea and Japan and even US interests. And they are getting better.

Cyber activities are a key part of North Korea’s war strategy. According to a great report from the centre for Strategic and International Studiesa bipartisan think-tank- “North Korea sees cyber operations as a relatively low-cost and low-risk means” of operation. This allows them to “upset the status quo with little risk of retaliation or immediate operational risk.”

For Pyongyang, cyber capabilities are “an effective means to severely disrupt or neutralise the benefits of having a networked military.” If you read between the lines, that means the United States and its allies.

We shouldn’t be surprised by this. Cyber capabilities are rapidly becoming a tool in the arsenal of every military and intelligence organisation about the world.

Cyber-attacks are most effective against highly networked countries and militaries in places like the United States, the European Union and several governments in Asia, but less effective against disconnected countries like North Korea.

Think about that. North Korea can execute some of the most sophisticated and destructive cyber-attacks created, but their low-tech infrastructure makes them less vulnerable to those same kind of attacks.

To give you an idea of how much the country is unplugged, just look at a night time satellite photo of the Korean Peninsula. To the south, you have a glowing nation. To the north, darkness.

North Korea is clever in their use of cyber capabilities, deploying their cyber warriors outside their borders to conduct the attacks. That helps them hide the origin of the attack and deflect attention from Pyongyang, which naturally always denies any involvement. In the case of the Sony Attack, they even kindly offered to help find out who was responsible.

North Korea isn’t just using cyber capabilities to advance their military goals. They are also acting like cyber criminals. They’re using cyber tools to steal cash, allowing them to make money despite strict economic sanctions imposed by the international community.

According to a defector, a former professor of computer science in North Korea, Pyongyang has a dedicated unit– Unit 180– that focuses on raising money from overseas hacking. Researchers say this effort has been more successful than other efforts to raise money and get around the sanctions. And it’s certainly more cost effective.

An official in South Korea says their government suspects Pyongyang had a role in attacks against banks in Poland, Vietnam, and the Philippines. In 2016 alone, North Korea is also suspected in hacks against more than 160 companies and government agencies in South Korea.

So what do we do?

As a first step we always need to maintain good cybersecurity here at home. Basic cyber hygiene on an individual level will do wonders in protecting you from any attack. As always, think twice before clicking an attachment or link because that’s how hackers get in.

At the national level, the United States needs to confront North Korea when it finds evidence it is responsible for an attack. The President’s direct calling out of Pyongyang from Sony put North Korea on notice. We will need to do more of that on the international stage.

And, of course, there are the covert efforts that may or may not be taking place. But I wouldn’t know anything about those.

IntellAsia:

You Might Also Read:

North Korea, WannaCry, Cyberattacks And Lazarus:

North Korea's Cyber War on Australia:

 

« US Tries To Keep Up with Terrorists Tech
Data Scientists Remain Top Of ‘most wanted’ Employees »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYBERPOL

CYBERPOL

CYBERPOL's mission is to facilitate the widest possible mutual assistance between all cyber crime law enforcement authorities to help mitigate global cyber threats.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

Soracom

Soracom

Soracom offers secure, scalable, cloud-native connectivity developed specifically for the Internet of Things.

EmergIn Risk

EmergIn Risk

EmergIn Risk specializes in providing innovative insurance solutions for the global marketplace including solutions for complex Cyber Risks.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Securitybulls

Securitybulls

Securitybulls is an information security firm offering an encyclopedic penetration testing & IT security assessment service for your organization.

Naval Dome

Naval Dome

Naval Dome provides the first maritime multilayer cyber defense solution for mission critical onboard systems.

IoT Security Institute (IoTSI)

IoT Security Institute (IoTSI)

IoT Security Institute is an academic and industry body dedicated to providing frameworks and supporting educational services to assist in managing security within an Internet of Things eco-system.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

Sergeant Laboratories

Sergeant Laboratories

Sergeant Laboratories builds advanced technologies to prove compliance in complex IT security and regulatory compliance situations.

e360

e360

e360 (formerly Entisys360) is an award-winning IT consultancy specializing in advanced IT infrastructure, virtualization, security, automation and cloud first solutions.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

Vercara

Vercara

Vercara offers a purpose-built, global cloud security platform that provides layers of protection to safeguard businesses’ online presence, no matter where an attack comes from or where it is aimed.