Symantec cybersecurity experts: The malware deployment is preceded by a reconnaissance with the AdFind tool. The victims are large organizations.
The Asan Institute for Policy Studies: North Korea is increasing its cyber warfare operations for financial gain. And espionage cyber attacks become more subtle and sophisticated
North Korea is shaping the goal of its cyber warfare operations against the Republic of Korea (ROK) and worldwide. The financial gain aimed cyber attacks are increasing, while the espionage Ops are becoming more subtle and sophisticated. It has been reported in the study “The Evolution of North Korean Cyber Threats” by the Asan Institute for Policy Studies. The document analyzed the trends from 2009 to 2018. In the asian country, “only a few people are allowed access to Kwangmyong, the national intranet service, as global internet access is restricted to a group of selected people, and the country has one of the weakest internet infrastructures in the world – the document stated -. Nonetheless, North Korea is a formidable cyber power, standing alongside major players like the United States, China, Russia, the United Kingdom, Israel and Iran.” Furthermore, Pyongyang “has been increasing resources to enhance and expand its cyber capabilities.”
Pyongyang’ cyber army consist of approximately 7,000 hackers, performing a wide range of activities including theft, denial of service (DDoS), espionage and sabotage. Cyber attacks are part of Kim Jong Un political and strategic agenda and they will continue
According to the Asan Institute, “North Korea’s cyber army consists of approximately 7,000 hackers, performing a wide range of activities including theft, denial of service (DDoS), espionage and sabotage”. These kind of cyber attacks have proved to be very useful as part of Pyongyang’s “asymmetric strategy towards the ROK-U.S. Combined Forces Command. Cyber operations are low-cost and low-risk, allowing North Korea to counter countries which have highly computer-dependent infrastructure, with little fear of retaliation. Due to their low-intensity, these attacks often lie beneath the threshold of an armed attack, reducing the risk of escalating the conflict to an unaffordable level. Pyongyang has consistently been using cyber-attacks with its political and strategic agenda. These attacks have been instrumental in supporting its espionage strategy, retaliating against competitors and sustaining its economy through financial thefts. There is no reason to doubt that cyber operations will continue to be an integral part of the regime’s national strategy.”
North Korea’s hackers shifted their cyber warfare goals. The main strategic was to cause disruption with Distributed Denial of Service (DDoS), then it turned to espionage and finally to financial gain
The cyber security experts’ report identified two main shifts in Pyongyang’s cyber operations. “An increase in cyber-attacks aimed at financial gain, a decrease in the visibility of cyber operations at espionage and information gathering.” The reason for this change could be related to the fact that the Kim Jong-Un regime’s. North Korea could have also improved its deception capabilities, making it more challenging for South Korea to detect its espionage activities. This means that both types of activities are being carried out. It appears that North Korea’s interests in demonstrating its cyber capabilities through blatant cyber-attacks have diminished, and over the years, its attacks have become increasingly subtle and sophisticated”. The shift, moreover, regards also the goals: the main strategic “was to cause disruption with Distributed Denial of Service (DDoS), then it turned to espionage and finally to financial gain”.