Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Cyber warfare

North Korea doubles units of its cyber army

North Korea has doubled the number of its elite cyber warriors over the past two years and established overseas bases to run hacking attacks. The majority of people ignores that all over the world, many silent conflicts happen, the cyberspace is considered for this reason the fifth element of warfare. Unfortunately the effects of these […]

North Korea doubles units of its cyber army

North Korea has doubled the number of its elite cyber warriors over the past two years and established overseas bases to run hacking attacks.

The majority of people ignores that all over the world, many silent conflicts happen, the cyberspace is considered for this reason the fifth element of warfare. Unfortunately the effects of these cyber attacks could be serious and could also menace the population of a country, Stuxnet case demonstrated the fragility of a critical infrastructure and the efficiency of a cyber weapon.

One of the most intensive cyber dispute is the one that is fought by North Korea and South Korea, two countries with very good cyber capabilities, that in many cases have tried to hit their enemies from the cyberspace.

The tension between North Korea and South Korea is very high, both governments are spending a great effort to improve their cyber capabilities and to assert their supremacy over their rivals.

Early this year the Yonhap news agency reported that the Government of Seoul was working for the development of a cyber weapon to hit North Korean nuclear facilities. The decision to hit North Korean nuclear facilities is motivated by the intensification of  the testing of nuclear weapons conducted in underground with controlled explosions by the Government of Pyongyang.

“Once the second phase plan is established, the cyber command will carry out comprehensive cyber warfare missions,” said a senior ministry official referring the possibility to target North Korean nuclear plants.

North Korea has the highest percentage of military personnel in relation to population, it has approximately 40 enlisted soldiers per 1000 people with a considerable impact on the budget of the country. Last year a defector has declared that North Korea has increased its cyber warfare unit to staff 3,000 people and it is massive training its young prodigies to become professional hackers.

North Korea cyber army

But new revelations on the cyber capabilities of North Korea are worrying Seoul, the government of Pyongyang has doubled the number of the units of its cyber army. According to a report issued by the news agency, the number of cyber warriors of the The North Korea now is 5,900 and the cyber army has also established overseas bases for hacking attacks.

“The communist country operates a hacking unit under its General Bureau of Reconnaissance, which is home to some 1,200 professional hackers,” a military source was quoted as saying.

The South’s Yonhap news agency revealed that North Korean cyber units were involved in a series of cyber attacks launched through overseas bases in countries such as China. The North Korean cyber army hit many times the infrastructure of the South Korea, banks, military entities, media and TV broadcasters were hit with malware and other sophisticated techniques.

In July Mc Afee Lab experts revealed that hackers behind the recent attacks against South Korean infrastructure are professionals that designed also malicious code to steal military secrets to the South Korea and US military. Security experts at McAfee Labs revealed that the malware used during the attacks was expressly designed to find and steal secret information on US forces involved in joint exercises in South Korea.

Researchers dubbed the campaign Operation Troy due the numerous references into the source code of the city, the malicious code used appears the same implanted into a social media website used by military personnel in South Korea in 2009.

Ryan Sherstobitoff, a senior threat researcher at McAfee, provided to the The Associated Press a report that will be publicly issued later this week on the analysis of malware instances detected. Despite it is not clear the exact amount of information stolen, neither the exact networks penetrated by attackers, South Korean Government blamed North Korean state sponsored-hackers.

Researchers highlighted that there are various clues in the malicious code which lead to the North Korea, for example the password used to unlock encrypted files contains the number 38 probably linked to “38th parallel” that separates the North from South Korea.

Sherstobitoff started the investigation after the malware based attacks occurred on March 20th, known as the Dark Seoul Incident, in which tens of thousands of hard drives belonging to television networks and banks in South Korea were wiped.

“This goes deeper than anyone had understood to date, and it’s not just attacks: It’s military espionage,” Sherstobitoff said

As usual, the North has denied any involvement and accuses South Korea of fabricating the incidents to increase the tension between the states.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –  cyber warfare, Korea)

[adrotate banner=”5″]

[adrotate banner=”13″]