North Korean Hackers 'could kill', Warns Defector

Uploaded on 2015-06-01 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-News Analysis, TECHNOLOGY--Hackers

141223_north_korea_computers_ap_629_1160x629.jpg

North Korean hackers are capable of attacks that could destroy critical infrastructure and even kill people, a high-profile defector has warned.

Prof Kim Heung-Kwang said the country had around 6,000 trained military hackers. The warning follows last year's Sony Pictures hack - an attack attributed to North Korea. Prof Kim has called for international organisations to step in to prevent North Korea launching more severe attacks.

For 20 years Prof Kim taught computer science at Hamheung Computer Technology University, before escaping the country in 2004. While Prof Kim did not teach hacking techniques, his former students have gone on to form North Korea's notorious hacking unit Bureau 121. The bureau, which is widely believed to operate out of China, has been credited for numerous hacks. Many of these attacks are, claimed to have been specifically, focused at South Korean infrastructure such as power plants and banks.

Speaking at a location just outside the South Korean capital, Prof Kim told the BBC he has regular contact with key figures within the country who have intimate knowledge of the military's cyber operation.

"The size of the cyber-attack agency has increased significantly, and now has approximately 6,000 people," he said. He estimated that between, 10% to 20% of the regime's military budget, is being spent on online operations.

"The reason North Korea has been harassing other countries is to demonstrate that North Korea has cyber war capacity," he added. "Their cyber-attacks could have similar impacts as military attacks, killing people and destroying cities."

Speaking more specifically, Prof Kim said North Korea was building its own malware based on Stuxnet - a hack attack, widely attributed to the US and Israel, which struck Iranian nuclear centrifuges before being discovered in 2010.

"A Stuxnet-style attack designed to destroy a city has been prepared by North Korea and is a feasible threat," Prof Kim said.

Earlier this year, the South Korean government blamed North Korea for a hack on the country's Hydro and Nuclear Power Plant. "Although the nuclear plant was not compromised by the attack, if the computer system controlling the nuclear reactor was compromised, the consequences could be unimaginably severe and cause extensive casualties," Prof Kim said.
BBC:  http://bbc.in/1HzIKnP

« Hackers Build New Tor Client Designed to Beat the NSA
Finland Could Reshape Cyber Law »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Landry & Associates

Landry & Associates

Landry & Associates is a multidisciplinary firm specializing in risk management, performance and technology management.

AtkinsRéalis

AtkinsRéalis

AtkinsRealis is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

ETAS

ETAS

ETAS (formerly Escrypt) is a pioneer and one of today’s leading solution providers for embedded IT security.

Slovenian Digital Coalition

Slovenian Digital Coalition

Slovenian Digital Coalition is a coalition working in the field of smart cities, e-commerce, e-skills, e-inclusion, cyber security, internet and other areas related to developing the digital society.

TruNarrative

TruNarrative

TruNarrative provides a unified solution for Identity Verification, Fraud Detection, eKYC, Risk Assessment, AML Compliance and Account Monitoring.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

SoSafe

SoSafe

Modern awareness training that works. With memorable content on all areas of IT security, with measurable learning success and full data protection compliance.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators provides services and information about financial fraud, fraud investigation and fraud prevention.

Jericho Security

Jericho Security

Jericho Security is on a mission to defend the world from the new threats of generative AI cyber attacks.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.