Nearly 80 percent of the attacks for which geographic information is available took place in Asia, according to the report. However, Haszard and his colleagues found that the vast majority of North Korea’s cyberactivity goes after targets much closer to home. That was followed by a hack of Bangladesh’s central bank that compromised the global financial transfer system known as Swift, and a crippling of the United Kingdom’s National Health Service. Beyond crypto, North Korea has been linked to larger and more disruptive global attacks, starting with the crippling of Sony Pictures just under a decade ago that put its cybercapabilities on the map. The heists tend to make headlines, with North Korean hackers linked to thefts worth billions of dollars from cryptocurrency exchanges around the world in recent years, with two high-profile attacks on exchanges in Estonia and California so far this year. “There aren’t really any other states or countries that are trying to steal cryptocurrency, so North Korea is unique in that perspective, but they still do a lot of things that other states do,” Haszard said. Anne Neuberger, the White House’s cyber czar, said at an event in Washington last month that half of the regime’s missile program is funded by cryptocurrency and cyberheists. However, North Korea’s obsession with cryptocurrency is unique, and the country’s cyber-operations are one of its biggest avenues to prop up its nuclear arsenal. “North Korea’s leadership appears to be much more interested in learning about what others think of them, gathering information that can help them develop nuclear and ballistic missile technology, and stealing money to fund their regime,” the report added. Government entities are the most frequent targets, followed by cryptocurrency, media, finance, defense, and nongovernmental organizations. Pyongyang predominantly seeks to use cyber-operations to either “gain insight into how its adversaries think” or “access to information on technologies” that will help it in a conflict with those adversaries, the report said. “But what this report shows is that they’re still heavily focused on information collection, or cyber-espionage, and they conduct more of those operations than they do financially motivated or financial theft operations.” “The narrative seems to be that North Korea is a bunch of cybercriminals that are backed by a state, but they’re just pulling off all of this financially motivated cybercrime, and that is one aspect of their strategy,” said Mitch Haszard, a senior threat intelligence analyst at Recorded Future and lead author of the report. Recorded Future analyzed 273 cyberattacks over a 14-year period linked to North Korean state-sponsored groups and found that information collection was the primary motivation for more than 70 percent of them. The report, prepared by cyber-intelligence firm Recorded Future and shared exclusively with Foreign Policy, labels espionage as the predominant motive of North Korea’s cyberprogram. But a new report on the authoritarian state’s capabilities and tendencies paints a different picture. A mention of North Korean hackers typically conjures images of either crippling cyberattacks or, more often, massive cryptocurrency heists.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |