N. Korea Threatens The World With Cyberwarfare - Not Nuclear Missiles

For a country that’s as “off the grid” as you can get, North Korea is remarkably plugged in to cyberwarfare. And their efforts here should concern you as much as their nuclear and missile programmes.

North Korea has been linked to some of the biggest cyber-attacks in history, including the Sony Hack, the WannaCry Ransomware, the Central Bank of Bangladesh Heist, and countless other attacks against South Korea and Japan and even US interests. And they are getting better.

Cyber activities are a key part of North Korea’s war strategy. According to a great report from the centre for Strategic and International Studiesa bipartisan think-tank- “North Korea sees cyber operations as a relatively low-cost and low-risk means” of operation. This allows them to “upset the status quo with little risk of retaliation or immediate operational risk.”

For Pyongyang, cyber capabilities are “an effective means to severely disrupt or neutralise the benefits of having a networked military.” If you read between the lines, that means the United States and its allies.

We shouldn’t be surprised by this. Cyber capabilities are rapidly becoming a tool in the arsenal of every military and intelligence organisation about the world.

Cyber-attacks are most effective against highly networked countries and militaries in places like the United States, the European Union and several governments in Asia, but less effective against disconnected countries like North Korea.

Think about that. North Korea can execute some of the most sophisticated and destructive cyber-attacks created, but their low-tech infrastructure makes them less vulnerable to those same kind of attacks.

To give you an idea of how much the country is unplugged, just look at a night time satellite photo of the Korean Peninsula. To the south, you have a glowing nation. To the north, darkness.

North Korea is clever in their use of cyber capabilities, deploying their cyber warriors outside their borders to conduct the attacks. That helps them hide the origin of the attack and deflect attention from Pyongyang, which naturally always denies any involvement. In the case of the Sony Attack, they even kindly offered to help find out who was responsible.

North Korea isn’t just using cyber capabilities to advance their military goals. They are also acting like cyber criminals. They’re using cyber tools to steal cash, allowing them to make money despite strict economic sanctions imposed by the international community.

According to a defector, a former professor of computer science in North Korea, Pyongyang has a dedicated unit– Unit 180– that focuses on raising money from overseas hacking. Researchers say this effort has been more successful than other efforts to raise money and get around the sanctions. And it’s certainly more cost effective.

An official in South Korea says their government suspects Pyongyang had a role in attacks against banks in Poland, Vietnam, and the Philippines. In 2016 alone, North Korea is also suspected in hacks against more than 160 companies and government agencies in South Korea.

So what do we do?

As a first step we always need to maintain good cybersecurity here at home. Basic cyber hygiene on an individual level will do wonders in protecting you from any attack. As always, think twice before clicking an attachment or link because that’s how hackers get in.

At the national level, the United States needs to confront North Korea when it finds evidence it is responsible for an attack. The President’s direct calling out of Pyongyang from Sony put North Korea on notice. We will need to do more of that on the international stage.

And, of course, there are the covert efforts that may or may not be taking place. But I wouldn’t know anything about those.

IntellAsia:

You Might Also Read:

North Korea, WannaCry, Cyberattacks And Lazarus:

North Korea's Cyber War on Australia:

 

« US Tries To Keep Up with Terrorists Tech
Data Scientists Remain Top Of ‘most wanted’ Employees »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

RCMP Cybercrime Strategy

RCMP Cybercrime Strategy

The RCMP Cybercrime Strategy sets out in an Operational Framework and Action Plan to combat cybercrime.

Certes

Certes

Certes is a pioneer in delivering cutting-edge security technology solutions, with a specific focus on Data Protection Risk Mitigation (DPRM).

Sopra Steria

Sopra Steria

Sopra Steria is a leading European information technology consultancy.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

National Cyber Summit (NCS)

National Cyber Summit (NCS)

The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation's infrastructure from the ever-evolving cyber threat.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

ThreadStone Cyber Security

ThreadStone Cyber Security

ThreadStone Cyber Security offer reliable, practical and affordable cyber security solutions for both large and smaller organizations that we develop and deliver ourselves from Europe.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

Celera Networks

Celera Networks

Celera Networks is a managed services provider specializing in cybersecurity, cloud and managed IT services.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

NAK Consulting Services

NAK Consulting Services

NAK is helping organisations to create Secure, Agile IT Environments. Our goal is to be the trusted advisor and managed service partner for our clients.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.