North Korea Is Using The Internet Like The Mafia

North Korea has long been known as a hermit kingdom, but it is learning to embrace the Internet. The Asian country has “dramatically” changed its Internet use patterns, according to a new report, which could make imposing sanctions and defending American networks more difficult.

North Korea is using cyber operations to conduct low-level financial crimes and the country’s leaders are increasingly using the Internet as a part of their daily life, according to a new report from threat intelligence firm. Recorded Future

North Korean leader Kim Jong Un is quick to embrace technology and then cast it aside, directing hacking operations along the way as he runs the country “like a criminal syndicate,”according to the Recorded Future report.

One example of North Korea’s technological experimentation is its use of social media. In recent months, it appears North Korean leaders are embracing LinkedIn, although it is not clear what their goals are.

Hackers from the country have also developed “an asset-backed cryptocurrency scam,” according to the report, which helps “to raise funds for the Kim regime.”

North Korea has begun to “professionalise their use of the Internet,” and the web has become a more regular tool for top officials, according to Recorded Future. The development “will exacerbate existing challenges in sanctions enforcement and computer network defense.”

Although North Korean hackers have been accused of dramatic cyber operations that include stealing $81 million from the Bank of Bangladesh and hacking into Sony Pictures, “from a numbers prospective, those operations are a small percentage of what North Korean operators do every day,” according to Priscilla Moriuchi, the director of strategic threat development at Recorded Future.

“The majority of their average day-to-day work is this kind of low-level financial crime because they have a salary that they have to earn every year.”

There was no change in North Korean cyber activity following Kim’s June meeting with President Donald Trump, Moriuchi said.

Recorded Future’s report comes as senior US officials have identified North Korea as one of its main threats in cyberspace, and the Department of Justice has brought legal action against accused hackers.

Along with Russia, China and Iran, North Korea is “operating beyond the bounds of what we would consider reasonable,” Rob Joyce, senior adviser to the National Security Agency, said during an Oct. 23 event hosted by Palo Alto Networks. Joyce described North Korea as “a nation state stealing hard currency … they are bank robbers.”

The Department of Justice indicted Park Jin Hyok, a North Korean hacker, Sept. 6 for his role in crimes that include the WannaCry 2.0 global ransomware attack. North Korea’s government is responsible for “hundreds of millions, if not billions, of dollars’ worth of damage,” assistant attorney general John Demers said when the charges were filed.

US officials have found it is difficult to deter North Korea’s profitable hacking activity. Because North Korea is not widely connected to the Internet, there are not many digital targets for US Cyber Command, according to a former US intelligence official.

For years, US officials were cautious about hacking North Korea because a large portion of its Internet travels through China, current and former White House officials have told Fifth Domain. 

There was an apparent fear that if the Americans were caught in the act of hacking by the Chinese, officials from Beijing might think they were being targeted, instead of North Korea.

But Moriuchi said there were other ways of digitally deterring North Korea. Stopping North Korean cyber activity will require “taking them out at the knees,” she said, and treating the country’s digital operations as if it were a criminal syndicate. 

It means arresting North Korean hackers if they travel outside the country, indicting officials and working with partner law enforcement agencies.

Fifth Domain:

You Might Also Read:

N Korea Is A Bigger Cyber Threat Than Russia

« British Refuse To Co-operate With Belgian Hacking Inquiry
Machine Learning & Big Data - Where You Least Expect It »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Secmentis

Secmentis

Secmentis is a cyber security consultancy specializing in penetration testing, threat intelligence, and proactive defense for your IT infrastructure.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Oceania Cyber Security Centre (OCSC)

Oceania Cyber Security Centre (OCSC)

OCSC engages with government and industry to conduct research, develop training opportunities and build capacity for responding to current and emerging cyber security issues.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Fasken

Fasken

Fasken is one of the largest business law firms in Canada and a recognized leader in privacy and cybersecurity law.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

MAXXeGUARD Data Safety

MAXXeGUARD Data Safety

MAXXeGUARD: The High Security Shredder. MAXXeGUARD easily destroys hard disks up to the highest security levels as well as other digital data carriers like SSD’s, LTO’s, USB’s, CD’s etc.

SecurityLoophole

SecurityLoophole

SecurityLoophole is an independent cyber security news platform with global coverage. Latest updates, reports, news and events related to cyber security.

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.

Aberrant

Aberrant

A radically new approach to managing information security. Aberrant is the single pane of glass through which a security program can be viewed.