Nuclear Missiles Are Not N.Korea’s Only Threat

Uploaded on 2017-10-25 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Hackers

North Korea has launched 22 missiles in 15 tests in 2017. According to US intelligence sources, the most recent test detonated a 140-kiloton nuclear device, which the North Koreans claim was a hydrogen bomb.

That’s 10 times as powerful as the atomic bomb the United States dropped on Hiroshima in World War II. The UN secretary-general has continuously condemned North Korea’s ballistic missile launches as serious violations of UN Security Council resolutions.

Meanwhile, President Donald Trump has promised new sanctions against North Korea that will allow the United States to target businesses, individuals and financial institutions that aid North Korea’s regime, and the Chinese central bank has begun to implement strict UN sanctions against Pyongyang.

The missile tests are posturing by Kim Jong Un and a clear attempt to show dominance to the United States and its allies. They are likely part of a strategy that follows Iran’s playbook: Get close to developing a nuclear weapon and the rest of the world will make a deal.

But they are also a major distraction from a much bigger issue. The true risk when it comes to North Korea is its cyberattack capabilities.

North Korea has invested heavily in cyberattack operations to disrupt its Western enemies. Western Intelligence services blamed the 2014 attack against Sony on North Korea’s spy agency, the Reconnaissance General Bureau.

North Korea is also believed to be responsible for the cyber heist at Bangladesh’s central bank and the global WannaCry ransomware attack from earlier this year.

Pyongyang’s cyber-spies conduct low-cost, high-impact, deniable attacks around the world to harm enemies, disrupt the West and steal money. Financial institutions are particularly at risk of theft as North Korea bleeds funds to support its nuclear program.

The goal for North Korea’s cyberattack operations, beyond flying under the radar, is to inflict death by a thousand cuts, a deliberate and organised disrupt-and-attack approach in line with the country’s national strategy. Arguably, the more money and resources North Korea can steal via cyberattacks, the stronger its kinetic military can become.

Despite severe unemployment rates and terrible living conditions for its masses, North Korea invests in, and educates, a portion of its population in science and technology to work for its cyber military agency, which is a top-level job in the country.

Security experts and North Korean defectors have placed the numbers in North Korea’s cyber army in the thousands. Students are often handpicked to join the elite corps.

While all citizens must serve for a period of time in the military, those who serve as cyber-spies continue to work in a surge capacity when the authoritarian government requires their support. In that respect, North Korea has at its disposal a dedicated and systematically developed cyber army on call.

North Korea’s most frequent target of cyberattacks is its southern neighbor.

As pressure from the West to derail North Korea’s nuclear weapons program increases, Kim will likely continue to develop cyberattack capabilities in response. In turn, the United States should develop contingency plans to respond to a direct cyberattack from North Korea.

Most critically, we should develop an escalation policy that establishes when a cyberattack will be considered an act of war. Cyberattacks can affect more than just bank accounts or identity theft; they can shut down power transmission, turn off water and prevent aircraft control towers from safely landing planes.

The United States needs to invest heavily in cybersecurity for critical infrastructure, hardening key control elements across the country and doubling down on protections to our financial systems and power grids.

In North Korea and elsewhere, the battleground for future conflicts will be found in both kinetic and cyberwar theaters.

As we all continue to pay attention to Kim’s nuclear missile posturing, it’s important we not lose sight of North Korea’s cyberattack initiatives, which have successfully disrupted the West in recent years and will continue to do so in the future if we don’t take action.

CarbonBlack:

You Might Also Read: 

N.Korea's Cyber Threats To S.Korea

How Worried Should We Be About a Nuclear War With North Korea?:

 

 

« Multicloud - The Next Step In Cloud Computing
Poor Coding Limits IS Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Tech Industry Forum (TIF)

Tech Industry Forum (TIF)

Tech Industry Forum is a not-for-profit, membership driven trade body. We bring together end users and some of the UK’s leading cloud, software, platform, infrastructure, and service providers.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

Industrial Networking Solutions (INS)

Industrial Networking Solutions (INS)

INS Services specializes in designing, deploying and providing on-going support for critical OT (Operational Technology) and IIoT (Industrial Internet of Things) networks.

eCosCentric

eCosCentric

eCosCentric provides software development solutions for the IoT, M2M & embedded systems market.

PeckShield

PeckShield

PeckShield is a blockchain security company which aims to elevate the security, privacy, and usability of entire blockchain ecosystem by offering top-notch, industry-leading services and products.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

Drata

Drata

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness.

FINX Capital

FINX Capital

FINX strives to solve the cybersecurity issues with its proprietary technolog, FINX SHIELD, by utilizing big data, blockchain combined with artificial intelligence.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

RADICL

RADICL

RADICL's mission is to give SMBs that serve America's Defense Industrial Base (DIB) access to strong, enterprise-grade cyber security protection.

Amyna Systems

Amyna Systems

Amyna has developed an IoT cybersecurity platform that prevents malignant attacks, helping users to protect themselves from cyberattacks.

Frontier Technology Inc. (FTI)

Frontier Technology Inc. (FTI)

Frontier Technology Inc provides the technology and deep data expertise to drive the best defense and intelligence solutions.

Longbow Security

Longbow Security

Longbow automates root cause for your application and cloud risks, enabling teams with intelligent remediation actions that reduce the most risk with the least effort.