The more cyber security experts look into the weekend “ransomware” attack that targeted tens of thousands of computers in Europe and Asia using software stolen from the NSA, the more they believe that North Korea was behind the attacks.
As reported by The New York Times, cadres of North Korean cyber “sleeper cells” take legitimate computer and software programming jobs in neighboring countries, but when activated on orders from Pyongyang, they spring into action. Intelligence analysts believe that when cells are activated, the cadres split into groups of three or six and move around to avoid detection.
It is believed that North Korea has been training digital warriors since the 1980s. Their mission is simple: When ordered to do so, engage in cyber warfare, which could include spreading viruses (as happened over the weekend), hacking into systems (remember the Sony hack?) and other cyber activities.
The Times noted further:
In more recent years, cybersecurity experts say, the North Koreans have spread these agents across the border into China and other Asian countries to help cloak their identities. The strategy also amounts to war-contingency planning in case the homeland is attacked.
This could help explain why, in the Digital Age, countries have been reluctant to attack North Korea over its nuclear weapons and ballistic missile development programs, out of fear that any such attacks would trigger a massive cyber response that cannot be defended against.
In launching a cyber attack against South Korea, Japan, the U.S. or even China – the ransomware attack hit China particularly hard, which is odd given that Beijing and Pyongyang were once closely allied – North Korea could severely damage critical infrastructure including power grids, transportation systems, banking and finance, air traffic control, nuclear power plants – anything that requires power and a computer to run.
And while each of these countries, especially the U.S., is very much capable of launching cyber-counterattacks, the North Koreans rely far less on electric power than do these other first-world economies. So the losses would certainly not be anything approaching equal.
Experts say that while there is no definite evidence tying North Korea to the ransomware attacks – there seldom is definitive proof of a cyber attack – there are similarities between the weekend assault and North Korean malware that has been deployed in the past.
Also, there is a pattern of cyber attacks by the North – often they are linked to banned weapons tests, and Pyongyang conducted another ballistic missile launch over the weekend, this one successful. The missile, in fact, could have a range of over 4,000 miles.
The launch of an advanced missile and coordinated cyber attack is likely meant to showcase Pyongyang’s technological prowess, analysts say. (RELATED: Massive Global Ransomware Attack Underscores Vulnerability Of Critical Infrastructure Needed To Sustain Life)
There is also the possibility that the North had no role in the weekend ransomware attacks, but that does nothing to change the fact that the country’s cyber warriors have infiltrated other countries and now lie in wait for commands to cause major disruptions. The truth is, intelligence services in the U.S. and abroad have no way of knowing how to identify most of these operatives, meaning any military strike against Pyongyang’s nuclear and missile development sites would risk a cyber counterattack.
As for defenses against cyber assaults, there are some tools available to both government and private industry, but the name of the game in the digital world is to always remain a step ahead of your nemesis. Early last week President Donald J. Trump signed an executive order requiring U.S. agencies to bolster their cyber defenses, but complying will be easier said than done.
Meantime, the U.S. and its allies continue to be at risk from potential cyber attacks from the world’s most shadowy regime.
J. D. Heyes is a senior writer for NaturalNews.com and Newstarget.com, and founding editor of The National Sentinel.