Cyberthreat Groups from North Korea becoming top-level adversaries

Subjected to economic sanctions and isolated from the rest of the world, with the exception of China, North Korea is increasingly relying on cybercrime to sustain its economy. North Korean cyberwarfare groups increase their capabilities.

How to solve such a problem as a cyber threat by North Korea?

In recent years, North Korea has turned from a minor nuisance to a scourge of banks and cryptocurrency exchanges.

Threat analysis experts interviewed by The Daily Swig said the attackers’ tactics and tricks have evolved to elevate the country to a top-level cyber adversary.

This threat goes beyond the notorious Lazarus Group, a group of cybercriminals accused of a devastating attack on Sony Pictures in 2014, and the audacious cyber-robbery of $81 million worth of Bangladesh Central Bank reserves in 2016, as well as other attacks.

How sophisticated are North Korean cyber threat groups?

Along with state-sponsored Russian, Chinese, and Iranian threat actors (the paranoia has not been reversed), North Korea’s Advanced Persistent Threat (APT) groups are considered among the most sophisticated in the world.

Russian (in particular, APT28, APT29, and Turla) and North Korean (Lazarus) attackers are considered the most advanced groups of all, due to their ability to use customizable toolsets, apply the latest attack techniques, and speed of execution.

Paul Prudhomme, head of threat intelligence at IntSights, told The Daily Swig that North Korean attackers are making more of an effort to stay out of sight.

What organizations are the North Korean attackers targeting?

North Korea’s cyber operations are most focused on South Korea and the United States, and usually target government agencies, diplomatic organizations, the military, financial institutions, industrial conglomerates, and more recently, pharmaceutical and healthcare research.

Meanwhile, according to Mandiant, financially motivated cybercrime in North Korea is more global, and includes direct targeting of banks, cryptocurrency-focused campaigns, and even web skimming operations.

Yana Blachman, a former Israeli intelligence official turned threat intelligence specialist at Vanafi, told The Daily Swig that North Korean APT groups collectively target a wide range of sectors.

“Each APT group is designed to target one specific sector”, Blachman explained. “For example, Lazarus primarily targets governments and financial institutions in South Korea and the United States, while Bureau 325 is known to target large biotech companies, research institutes, and government agencies.

“Along with these groups, others, such as APT38, focus primarily on banks, financial institutions, and cryptocurrency exchanges”, Blachman added.

The Lazarus Group recently ran a highly sophisticated targeted phishing campaign in which attackers spent almost a year preparing, creating security blogs and Twitter accounts and typically interacting with security researchers in an attempt to gain their trust.

North Korean groups also tend to change their targets dramatically, and it is simply not realistic to predict their steps.

Source: https://news.bit.team/cyberthreat-groups-from-north-korea-becoming-top-level-adversaries/

Official website: bit.team

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Guess Game! Hack Free Resources Generator

The Joke’s On You

[UPDATED] Blast Valley Hack Cheat Tool 2018 Generate 999999 Resources [ANDROID/IOS]

Cloud Security and ISO 27017

How to verify MORPH contributions with Know Your Customer (KYC)

Accidental Bounty Part 2

Get your FREE SSL Certificate with Let’s Encrypt

EcoHealth Alliance ‘Ground Truth’ intel grant

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bit Team

Bit Team

Official website: bit.team

More from Medium

Silco: Arcane’s Beautiful Monster

Detecting Lateral Movement via DCOM

InvArch Weekly Updates  InvArch community updates is sent out every week and the weekly Updates…

How To Make Blueberry Stuffed Croissant French Toast with Bacon | Recipe