US warns of North Korea cyber campaign, days after historic summit
The US Department of Homeland Security said that it has identified malicious cyber activity by the North Korean government, according to a new report released on Thursday, just days after the historic summit between President Donald Trump and North Korean dictator Kim Jong Un.
DHS and FBI analysts working with US government partners highlighted the use of what are known as Trojan malware variants — software used by the North Korean government that is intended to damage or disable computers and computer systems.
“This malware variant is known as TYPEFRAME,” according to the report by the DHS Computer Emergency Readiness Team, noting that “the US Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.”
“The intent of sharing this information is to enable network defenders to identify and reduce exposure to North Korean government cyber activity,” the report added.
This is not the first time the US government has called out North Korean hackers that have targeted major international corporations and infected thousands of computers around the world in recent years.
“Since June 2017, DHS and the FBI have publicly released 11 national cyber awareness products associated with North Korean government malicious cyber activity; four joint Technical Alerts (TA) and seven joint Malware Analysis Reports (MAR),” a DHS spokesperson told CNN.
“DHS pursues a model of ‘collective defense’ in cybersecurity, meaning government and industry take collaborative, tangible actions together to mitigate threats and reduce the most serious, enduring and collective strategic cyber risks to the United States and to our international partners,” the spokesperson said.
Previous alerts can be viewed on the US-CERT website.
The US has long been aware of North Korea’s prowess in cyberspace. North Korean hackers are believed to have been behind or to have played a part in major debilitating cyberattacks including the WannaCry ransomware attack, which infected hundreds of thousands of computers in 2017, as well as the hack of Sony Pictures Entertainment in 2014.
And in February, a report indicated that a group of North Korean hackers known as Reaper was targeting major international companies.
North Korea is not the only nation state that has been called out by the US for its malicious cyber activity in recent months.
In April, the US and UK warned that Russian hackers were targeting network infrastructure devices — the types of devices that most internet traffic travels through, such as routers since 2015.