US Blames North Korea Government For Cyber Attacks

Nation state hacking is again in the spotlight as tensions rise between North Korea and the US

US authorities have directly blamed the North Korean government for carrying out multiple cyber attacks on critical infrastructure and other industries dating back to 2009.

The US Department of Homeland Security and the Federal Bureau of Investigation issued a joint warning this week, accusing “cyber actors of the North Korean government” and warning that more attacks are likely.

North Korea has, of course, denied any involvement in such activities, which are believed to have targeted the media, aerospace and financial industries in the US and around the world.

north korea

Government hacking

Nation-state hacking is something of a contentious issue for intelligence agencies and security professionals at the moment, with politically-motivated attacks becoming more commonplace.

For example, earlier this year the head of GCHQ’s National Cyber Security Centre (NCSC) revealed that the UK is being bombarded by state-sponsored cyber attacks every month and GCHQ warned political parties that the 2020 election could be impacted by similar activities.

Over in the US, the government has frequently suggested that it has been targeted by Russian hackers since last year’s Presidential election, although Vladimir Putin has denied any state involvement.

In this most recent alert, the FBI refers to a group known as “Hidden Cobra” which, according to Symantec and Kaspersky Lab, is likely to have been behind the recent WannaCry ransomware outbreak.

The organisations has also been linked to the high-profile hack on Sony Pictures in 2014, as well as the Lazarus hacker group which swiped $81 million (around £620m) from Bangladesh’s central bank last year.

 This latest revelation will only further strain North Korea’s relationship with the US, as well as with the rest of the world, as the country continues to become increasingly aggressive with its cyber espionage tactics.

“The US-CERT report suggests Hidden Cobra was the botnet used by these two groups,” commented Tim Matthews, vice president at Imperva. “The alleged connection to the attacks on South Korea and Sony reveal that these attacks are politically motivated.

“Botnets are readily available and relatively cheap to rent. That said, more research on the sophistication of the attacks will be required to truly assess the power and sophistication of Hidden Cobra.

“Just like weapons, botnets have degrees of sophistication that make them more of less threatening to nation states.”

Are you a security pro? Try our quiz!