North Korean Hackers 'could kill', Warns Defector

Uploaded on 2015-06-01 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

141223_north_korea_computers_ap_629_1160x629.jpg

North Korean hackers are capable of attacks that could destroy critical infrastructure and even kill people, a high-profile defector has warned.

Prof Kim Heung-Kwang said the country had around 6,000 trained military hackers. The warning follows last year's Sony Pictures hack - an attack attributed to North Korea. Prof Kim has called for international organisations to step in to prevent North Korea launching more severe attacks.

For 20 years Prof Kim taught computer science at Hamheung Computer Technology University, before escaping the country in 2004. While Prof Kim did not teach hacking techniques, his former students have gone on to form North Korea's notorious hacking unit Bureau 121. The bureau, which is widely believed to operate out of China, has been credited for numerous hacks. Many of these attacks are, claimed to have been specifically, focused at South Korean infrastructure such as power plants and banks.

Speaking at a location just outside the South Korean capital, Prof Kim told the BBC he has regular contact with key figures within the country who have intimate knowledge of the military's cyber operation.

"The size of the cyber-attack agency has increased significantly, and now has approximately 6,000 people," he said. He estimated that between, 10% to 20% of the regime's military budget, is being spent on online operations.

"The reason North Korea has been harassing other countries is to demonstrate that North Korea has cyber war capacity," he added. "Their cyber-attacks could have similar impacts as military attacks, killing people and destroying cities."

Speaking more specifically, Prof Kim said North Korea was building its own malware based on Stuxnet - a hack attack, widely attributed to the US and Israel, which struck Iranian nuclear centrifuges before being discovered in 2010.

"A Stuxnet-style attack designed to destroy a city has been prepared by North Korea and is a feasible threat," Prof Kim said.

Earlier this year, the South Korean government blamed North Korea for a hack on the country's Hydro and Nuclear Power Plant. "Although the nuclear plant was not compromised by the attack, if the computer system controlling the nuclear reactor was compromised, the consequences could be unimaginably severe and cause extensive casualties," Prof Kim said.
BBC:  http://bbc.in/1HzIKnP

« Hackers Build New Tor Client Designed to Beat the NSA
Finland Could Reshape Cyber Law »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Inspectiv

Inspectiv

Inspectiv offers a turn-key solution to continuously identify security vulnerabilities and provide security assurance.

LMNTRIX

LMNTRIX

LMNTRIX eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent and respond to cyberattacks.

SiyanoAV

SiyanoAV

SiyanoAV's range of antivirus products delivers strong protection against various cyber threats, including malware, ransomware, phishing schemes, and beyond.