Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    North Korea Escalating Cyber-Attacks With Little Fear of Retaliation

    By
    Robert Lemos
    -
    October 12, 2017
    Share
    Facebook
    Twitter
    Linkedin
      cyber-attack

      While attacks attributed to Russia and China most frequently make the news, North Korea continues to have significant success online, driven by a single-minded mission and a lack of consequences for the small nation.

      In the latest incident to be uncovered, an online attack linked to North Korea stole classified military documents, including war plans drawn up by South Korea and the U.S., according a South Korean lawmaker quoted by multiple news organizations. The data, part of a massive haul of 235 gigabytes taken during an intrusion spanning the months of August and September 2016, was only recently identified as the South Korean government pieced together what was taken.

      Lee Cheol-hee, a South Korean lawmaker and member of the parliamentary defense committee, said that attackers had infiltrated the Defense Integrated Data Center, according to The Washington Post. The stolen data includes war plans and a scheme to assassinate North Korean dictator Kim Jong-un in the event of war, according to the South Korean lawmaker. The attack happened last year, but only 20 percent of the documents have so far been identified.

      The theft is only the latest in a long list of aggressive cyber-operations blamed on North Korea. The nation’s cyber squads—in particular, one known to researchers as the “Lazarus group”—are thought to be responsible for stealing and destroying data from South Korean companies in 2013, leaking and destroying data from Sony Pictures in 2014, and the theft of $81 million from the central bank of Bangladesh.

      “It’s surprising how much activity there is out there from North Korea,” said Chris Doman, a security researcher at security firm AlienVault, who has focused on the nation’s capabilities. “There are quite a few groups out there and thousands of individuals being trained, but we’ve seen signs that they are sharing malware.”

      North Korea has seemingly embraced the asymmetrical nature of cyber-operations. One reason: With only limited internet infrastructure, the nation has very little to lose from launching cyber-attacks and much to gain.

      The attacks, for example, also allow the country to circumvent sanctions by stealing funds and information of value. Attacks attributed to groups in North Korea have targeted South Korean companies and government agencies to drain bank accounts and bitcoin wallets, as well as steal sensitive government and technology secrets. The spread of the WannaCry ransomware in May 2017 has also been attributed to the North Korean Lazarus group.

      “About 90 percent of this activity is targeted at South Korea,” AlienVault’s Doman said. “But then there is the scary random chaos, such as WannaCry.”

      While attribution of online actors is difficult, a variety of security experts have linked North Korea to the attacks with a high level of certainty.

      “Lazarus is not just another APT (advanced persistent threat) actor,” security firm Kaspersky Lab stated in an April 2017 analysis. “The scale of the Lazarus operations is shocking. It has been on a spike since 2011 and activities didn’t disappear after” they were outed in a 2016 research paper on Operation Blockbuster.

      However, Kaspersky Lab’s products have been connected with nation-state activity as well. On Oct. 11, U.S. officials said Russian intelligence had used Kaspersky Lab’s security software to steal information from companies.

      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×