The North Korean hacker group was actively engaged in cyber attacks against hostile countries companies even during the US-North Korean summit meeting

by Richard Patterson

At the end of February 2019, North Korea's highest leader Kim Rong-soo and President Donald Trump in the United States held a second US-North Korean summit meeting in Hanoi, Vietnam, the second time in history. The New York Times reported that the North Korean hacker group had not relaxed the hands of cyber attacks against companies in the United States and allied countries during this summit that ended without reaching an agreement.

As Trump and Kim Met, North Korean Hackers Hit Over 100 Targets in US and Ally Nations - The New York Times
https://www.nytimes.com/2019/03/03/technology/north-korea-hackers-trump.html

It has been reported that the North Korean hacker group systematically attacks infrastructure and companies around the world. Somewhere in the year 2014 Sony Pictures Entertainment from the distributor suffered a hacking attack from the repulsion against the satire comedy movie " The Interview " which depicted Mr. Kim Jong-In's assassination.

It is reported that North Korea hacked Sony Pictures - GIGAZINE

Researchers at McAfee , an American security company, have access to one of the servers used by cyber attacks by North Korean hacker groups in cooperation with law enforcement agencies from a certain country. In the past 18 months, North Korean hackers are engaged in cyber attacks on banks, infrastructure, energy companies, etc. in the United States and Europe, and attacks on New York, which is particularly a financial hub, are the main targets The researcher says.

An active cyber attack began in 2017 and it seems that there was no loosening of cyber attack by North Korea during the US-North Korean summit held in 2019. According to one theory, the cyber attack of North Korea is activated from President Trump 's time in the United Nations speech when he made Kim Jong - Ie "a rocket man ". Victor Cha of the Strategic and International Studies Institute in Washington said, "North Korea did not conduct missile launch experiments for the last 15 months for the US-North Korean summit, but for the cyber attack, I do not have it. "

Researchers at McAfee said that North Korean hackers were monitoring real-time monitoring of attacks against more than 100 Americans and allied companies, including maintaining a friendly relationship with North Korea The country was also included. Mr. Raj Samani, chief researcher at McAfee, says, "The attacks were very active and continued non-stop." Although detailed motivation of the attack is not clear, hackers seem to have added engineers and executives who can access corporate intellectual property to the attack target.

by Nout Gons

Houston, which is a hub of oil and gas in the United States, New York which is a financial hub, got many attacks. The major cities attacked by the rest of the world are London, Madrid, Tokyo, Tel Aviv, Rome, Bangkok, Taipei, Seoul, Hong Kong, etc., while Russia and China maintaining a relatively good relationship with North Korea It was not attacked.

In the past, North Korea has been prosecuted for involvement in the creation of Ransomware " WannaCry ", and it is believed that it is using various cyber attacks to create various works and attacks. Mr. Cha points out that cyber attacks are becoming the "third leg" in North Korea's military cancellation, "This weapon never competes with the United States or South Korea, nuclear weapons, ballistic missiles, and cyber The attack is the third foot of North Korea. "

Researchers at McAfee say that since the attack on Sony Pictures Entertainment, which took place in 2014, North Korean hackers have been considerably improving their abilities, they can not be tolerated. In recent years, North Korea has sent a malicious email to a target from a LinkedIn profile of businessman SNS and opens an attachment file with embedded malicious code such as " Rising Sun " We are accessing target data. There is a case similar to this, which was used to attack the interbank network in the past as well.

A group of hackers suspected of being related to North Korea invades companies engaged in interbank networks using "job advertisement" - GIGAZINE

Mr. Christiaan Beek, senior engineer at McAfee, commented, "This attack is a very well-prepared thing, it's good to investigate the target to send emails and to what kind of text messages are easy for others to open Research was ongoing. "The English sentence of the email sent to the target by the hacker was also perfect. Mr. Cha is dangerous that North Korea did not loosen the hands of cyber attack during the US-North Korean summit, saying, "If we are going to hold a US-North Korea summit talks, not only will we stop the missile launch experiment but also hacking We should deal with some kind of attacks as well. "