North Korean Hackers Force US, Japan & South Korea Consultations

North Korean Hackers Push New Wave of Concerns
Countries join forces to counter attacks by North Korean hackers

Increased activity by North Korean state hackers forced South Korea, the United States and Japan to create a special advisory group to coordinate cybersecurity efforts. The idea of consolidating efforts, apparently, was discussed back in August, at the international summit at Camp David.

The decision was made last week following negotiations in Washington between Anne Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, and her South Korean and Japanese colleagues.

It is aimed at strengthening the three countries’ effective response capabilities against global cyber threats, including jointly countering North Korea’s cyber activities that are a key source of funding for its nuclear and WMD programs.the office of South Korean President.

As part of the initiative, regular quarterly meetings will be held in a new format.

North Korean hackers are state sponsored

North Korea is often accused of cyberattacks aimed at financing its missile and nuclear programs. As noted in a recent UN report, in 2022, hackers working for the DPRK were particularly likely to attack foreign companies to steal cryptocurrency. Thanks to high-tech methods, record amounts were stolen compared to previous years.

The UN said most of the cyberattacks its researchers looked at were carried out by groups controlled by North Korea’s top spy agency. These groups include Kimsuky, Lazarus Group and Andariel, and are monitored by the cybersecurity industry in the US, Europe and Asia.

These actors continued to illicitly target victims to generate revenue and solicit information of value to the DPRK including its weapons programs.the UN report.

For example, the media reported that the FBI has officially linked the hack of the Harmony Horizon cross-chain bridge to the Lazarus group. The robbery, which took place at summer 2022, resulted in theft of $100 million worth of cryptocurrency assets.

Consultations on countering North Korean hackers
Senior security advisers In Seong-hwan (South Korea), Anne Neuberger (US) and Keiichi Ichikawa (Japan) in Washington DC (Source: Presidential Office)

North Korea’s activity in the cyber threats has been growing over recent years

Aside from country-specific cyberattacks, North Korean hackers also launch supply chain attacks. For example, in April we reported that a group linked to the Asian dictatorship authorities attacked the supply chain of the company 3CX, which caused a number of other attacks on supply chains.

According to experts, the UNC4736 hackers were associated with the financially motivated hacker group Lazarus from North Korea.

We have determined that UNC4736 is associated with the same North Korean operators based on analysis of the Trojanized X_TRADER application. This is the first time we have found concrete evidence that an attack on a software supply chain led to another attack on another software supply chain.Mandiant researchers.

We also talked about the hunt of North Korean cybercriminals for IT specialists. Attackers have sought to infect researchers’ home systems and software with malware aiming to infiltrate the networks of companies for which their targets work.

Government groups for this spy company switched from phishing emails to using fake LinkedIn accounts allegedly belonging to HR. These accounts carefully imitate the identities of real people in order to deceive victims and increase the chances of an attack being successful.

Having contacted the victim and made her an “interesting offer” for a job, the attackers try to transfer the conversation to WhatsApp, and then use either the messenger itself or email to deliver a backdoor, which the researchers called Plankwalk, as well as other malware.

North Korea as part of a new axis of evil

The North Korean regime is dangerous not only because it sponsors cyber attacks on Western enterprises and companies, and not only because of repression against its citizens and the testing of new missiles that threaten the democratic countries of the Pacific region.

Recently, the Russian and North Korean dictatorships agreed to supply Korean weapons for use during the Russian invasion of Ukraine. CNN reported that more than a million artillery shells were transferred to Russia as part of this agreement.

Therefore, news about the consolidation of efforts in the fight against regimes that carry out certain actions that violate human rights can only be welcomed. Cyberspace has become a battlefield not only against crime – the confrontation in cyberspace is already taking place at the interstate level.

North Korean Hackers Force US, Japan & South Korea Consultations

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *