North Korean Hackers 'could kill', Warns Defector

Uploaded on 2015-06-01 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

141223_north_korea_computers_ap_629_1160x629.jpg

North Korean hackers are capable of attacks that could destroy critical infrastructure and even kill people, a high-profile defector has warned.

Prof Kim Heung-Kwang said the country had around 6,000 trained military hackers. The warning follows last year's Sony Pictures hack - an attack attributed to North Korea. Prof Kim has called for international organisations to step in to prevent North Korea launching more severe attacks.

For 20 years Prof Kim taught computer science at Hamheung Computer Technology University, before escaping the country in 2004. While Prof Kim did not teach hacking techniques, his former students have gone on to form North Korea's notorious hacking unit Bureau 121. The bureau, which is widely believed to operate out of China, has been credited for numerous hacks. Many of these attacks are, claimed to have been specifically, focused at South Korean infrastructure such as power plants and banks.

Speaking at a location just outside the South Korean capital, Prof Kim told the BBC he has regular contact with key figures within the country who have intimate knowledge of the military's cyber operation.

"The size of the cyber-attack agency has increased significantly, and now has approximately 6,000 people," he said. He estimated that between, 10% to 20% of the regime's military budget, is being spent on online operations.

"The reason North Korea has been harassing other countries is to demonstrate that North Korea has cyber war capacity," he added. "Their cyber-attacks could have similar impacts as military attacks, killing people and destroying cities."

Speaking more specifically, Prof Kim said North Korea was building its own malware based on Stuxnet - a hack attack, widely attributed to the US and Israel, which struck Iranian nuclear centrifuges before being discovered in 2010.

"A Stuxnet-style attack designed to destroy a city has been prepared by North Korea and is a feasible threat," Prof Kim said.

Earlier this year, the South Korean government blamed North Korea for a hack on the country's Hydro and Nuclear Power Plant. "Although the nuclear plant was not compromised by the attack, if the computer system controlling the nuclear reactor was compromised, the consequences could be unimaginably severe and cause extensive casualties," Prof Kim said.
BBC:  http://bbc.in/1HzIKnP

« Hackers Build New Tor Client Designed to Beat the NSA
Finland Could Reshape Cyber Law »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alliance for Cyber Security (ACS)

Alliance for Cyber Security (ACS)

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

Debevoise & Plimpton

Debevoise & Plimpton

Debevoise & Plimpton LLP is a premier law firm with market-leading practices in areas including Data Strategy & Security.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

Positka FSI Pte Ltd

Positka FSI Pte Ltd

Positka, being a Splunk Singapore partner, provides Splunk & Phantom Services, Cybersecurity & Risk Management, Analytics & Big Data, Lean Process Optimization, and Managed Security Services.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

IndoSec

IndoSec

IndoSec is an annual cybersecurity summit that powers an in-person gathering of cybersecurity leaders from Indonesia’s major corporations, leading businesses and key government entities.