Story image

How North Korea’s nuclear aggression masks a deeper threat

09 Oct 2017

By Eric O' Neill, Carbon Black

While the world has been holding its collective breath over North Korea’s highly visible rocket flights and nuclear threats, the rogue nation has been carrying out a stealth campaign that threatens even worse mayhem.

The North Koreans have launched 22 missiles in 15 tests in 2017, and US intelligence sources believe their most recent test detonated a 140-kiloton nuclear device, which the North Koreans claim was a hydrogen bomb.

While US President Donald Trump and North Korean leader Kim Jong Un have been trading threats and insults, the UN secretary-general has condemned the ballistic missile launches as serious violations of UN Security Council resolutions.

Clearly the missile tests are posturing by Kim in an attempt to show dominance to the United States and its allies. They are likely part of a strategy that follows Iran’s playbook: Get close to developing a nuclear weapon and the rest of the world will make a deal.

They are also a major distraction from a much bigger issue. The true risk from North Korea lies in is its cyber attack capabilities.

North Korea has invested heavily in cyber attack operations to disrupt its Western enemies. Western Intelligence services blamed the 2014 attack against Sony on North Korea’s spy agency, the Reconnaissance General Bureau. North Korea is also believed to be responsible for the cyber heist at Bangladesh’s central bank and the global WannaCry ransomware attack from earlier this year.

Pyongyang’s cyber spies conduct low-cost, high-impact, deniable attacks around the world to harm enemies, disrupt the West and steal money. Financial institutions are a prime target of theft as North Korea bleeds funds to support its nuclear program.

The goal for North Korea’s cybe rattack operations, beyond flying under the radar, is a deliberate and organised disrupt-and-attack approach in line with the country’s national strategy. Arguably, the more money and resources North Korea can steal via cyber attacks, the stronger its kinetic military can become.

Despite severe unemployment rates and appalling living conditions for its masses, North Korea invests in, and educates, a portion of its population in science and technology to work for its cyber military agency. Security experts and North Korean defectors have placed the numbers in North Korea’s cyber army in the thousands. Students are often handpicked to join the elite corps.

While all citizens must serve time in the military, those who serve as cyber spies continue to work in a surge capacity when the authoritarian government requires their support. In that respect, North Korea has at its disposal a dedicated and systematically developed cyber army on call.

The target of North Korea’s most frequent target of cyber attacks is its neighbour, South Korea. As pressure from the West to derail North Korea’s nuclear weapons program increases, Kim is expected to continue to develop cyber attack capabilities in response.

In turn, the United States should develop contingency plans to respond to a direct cyber attack from North Korea.

Most critically, the US should develop an escalation policy that establishes when a cyber attack is considered an act of war. In addition to targeting bank accounts or identity theft, cyber attacks can shut down power transmission, turn off water and prevent aircraft control towers from safely landing planes.

The United States needs to invest heavily in cyber security for critical infrastructure, hardening key control elements across the country and doubling down on protections to financial systems and power grids.

In North Korea and elsewhere, the battleground for future conflicts will be found in both kinetic and cyber-war theatres. As we continue to focus attention on Kim’s nuclear missile posturing, it’s important not to lose sight of North Korea’s cyber attack initiatives, which have successfully disrupted the West in recent years and will continue to do so in the future if we don’t take action.

Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.