On April 15, the U.S. Departments of State, Homeland Security, and Treasury, and the Federal Bureau of Investigation issued an advisory to raise the awareness of the cyber threat posed by North Korea. The advisory highlights North Korea’s malicious cyber activities around the world, identifies U.S. government resources that provide technical and threat information, and includes recommended measures to counter the cyber threat.
Under the pressure of robust U.S. and UN sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs, according to the advisory.
In particular, the U.S. is deeply concerned about North Korea’s malicious cyber activities, which the U.S. government refers to as HIDDEN COBRA, the office of the FBI spokesman reported. The DPRK also has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure.
In addition, the DPRK also uses cyber capabilities to steal from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity that is wholly inconsistent with the growing international consensus on what constitutes responsible behavior in cyberspace by legitimate states.
North Korea’s malicious cybercrimes include: cyber-enabled financial theft and money laundering, extortion campaigns and cryptojacking.
The United States works closely with like-minded countries to focus attention on aond condemn disruptive, destructive, or otherwise destabilizing behavior in cyberspace. It is vital for foreign governments, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea.
The North Korean Cyber Threat Advisory, along with mitigation strategies, can be viewed at: