A late-2017 state-sponsored cyber attacks by North Korea against South Korea not only targeted cryptocurrency users and exchanges, but also college students interested in foreign affairs, new research from Recorded Future has found.
Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s podcast, after a string of reports about North Korea’s growing forays onto sensitive corporate networks, we speak with Adam Meyers of CrowdStrike about the widening net of North Korean offensive hacking and how the Hermit Kingdom is playing the part both of cyber criminal and nation-state actor. Also: we unpack the cost of the Equifax breach with Accenture and talk to Flashpoint about the turmoil on the deep, dark web following the shutdown of the AlphaBay marketplace.
A Department of Homeland Security (DHS) Alert released on Tuesday warns the public about a campaign of hacking by the government of North Korea it has code-named “Hidden Cobra.”
The New York Times claims that the U.S. National Security Agency used intelligence gleaned from a clandestine operation to compromise North Korea’s cyber warfare unit to pin the blame for the Sony Pictures Entertainment hack on the reclusive Communist country. According to the story by David Sanger and Martin Fackler, the Obama Administration’s decision to quickly blame the hack on the DPRK grew out of a four year-old National Security Agency (NSA) program that compromise Chinese networks that connect North Korea to the outside world. The classified NSA program eventually placed malware that could track the internal workings of the computers and networks used by the North’s hackers and under the control of the Reconnaissance General Bureau, the North Korean intelligence unit, and Bureau 121, the North’s hacking unit, which mostly operates out of China. It has long been recognized that North Korea, which lacks a mature information technology infrastructure, does much of […]
The Director of the FBI James Comey offered his most direct retort to date to those who doubt the Bureau’s case against the Democratic Peoples Republic of Korea (DPRK), saying that the hackers who pillaged Sony Pictures Entertainment were “sloppy” and revealed the source of the attack – IP addresses linked to the reclusive government, Ars Technica reports. Comey was speaking at ICCS, the International Conference on Cyber Security in New York City on Wednesday. He said that, while the Sony attackers largely concealed their identity by using proxy servers, on several occasions they “got sloppy” and connected directly to Sony’s network, revealing their own IP address in the process. Those slip-ups provided evidence linking North Korea to the attack on Sony’s network, he claimed. The IP address isn’t the only evidence, however. (Thankfully.) Comey also said that “analysts at the FBI found the patterns of writing and other identifying data […]