jueves, 28 marzo 2024
Visitas totales a la web: 89520309

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

US Army report says many North Korean hackers operate from abroad

Catalin Cimpanu

US Army says many North Korean hackers are actually located outside the hermit kingdom, in countries like Belarus, China, India, Malaysia, and Russia.

North Korea has at least 6,000 hackers and electronic warfare specialists working in its ranks, and many of these are operating abroad in countries such as Belarus, China, India, Malaysia, and Russia, the US Army said in a report published last month.

Named «North Korean Tactics,» the report a tactical manual that the US Army uses to train troops and military leaders, and which the Army has made public for the first time last month.

The 332-page report contains a treasure trove of information about the Korean People’s Army (KPA), such as military tactics, weapons arsenal, leadership structure, troop types, logistics, and electronic warfare capabilities.

US ARMY: BUREAU 121 HAS AT LEAST 6,000 MEMBERS

While the vast majority of the report deals with classic military tactics and capabilities, the report also shines a light into North Korea’s secretive hacking units.

«Most EW [electronic warfare] and cyberspace warfare operations take place within the Cyber Warfare Guidance Unit, more commonly known as Bureau 121,» the US Army said.

This assessment is the same as previous reports from the intelligence and cyber-security communities, which have also linked all of North Korea’s hackers back to Bureau 121, a division of the Reconnaissance General Bureau, a North Korean intelligence agency that is part of the National Defence Commission.

The US Army says Bureau 121 has grown exponentially in recent years, as North Korea has expanded its cyberspace activities.

Per the report, Bureau 121 grew from «at least 1,000 elite hackers in 2010» to more than 6,000 members today.

The number is consistent with similar figures published by the South Korean Defense Ministry, which said that North Korea was operating a cyberwarfare staff of 3,000 in 2013, a number that later doubled to 6,000 by 2015.

However, the US Army currently believes its 6,000 figure is not entirely accurate.

«This number is likely much higher now: as of 2009, North Korea’s Mirim College was graduating approximately 100 cyberspace hackers per year for the KPA,» the US Army said.

NORTH KOREAN APT ESTIMATES

Nevertheless, Army officials say they have estimates for the internal divisions inside Bureau 121, numbers that appear to have not been released before, until last month.

US Army officials say that Bureau 121 consists of four main sub-divisions, with three dedicated to cyber-warfare, and one to electronic warfare.

The first sub-division is what the cyber-security community calls the Andariel Group, an advanced persistent threat (APT), a codename used to describe nation-state sponsored hacking units.

US Army officials claim the Andariel Group has roughly 1,600 members «whose mission is to gather information by conducting reconnaissance on enemy computer systems and creating an initial assessment of the network’s vulnerabilities.»

«This group maps the enemy network for potential attack,» US Army officials said.

The second Bureau 121 sub-division is what the cyber-security community tracks as the Bluenoroff Group. US Army officials say this APT has roughly 1,700 hackers «whose mission is to conduct financial cybercrime by concentrating on long-term assessment and exploiting enemy network vulnerabilities.»

The third sub-division is what the cyber-security calls the Lazarus Group, an umbrella term that the security industry now uses generously to describe any kind of generic North Korean hacking.

US Army officials said they don’t have an exact number for the members part of the Lazarus Group sub-division, but this group is the one usually the one to which North Korean officials turn «to create social chaos by weaponizing enemy network vulnerabilities and delivering a payload if directed to do so by the regime.»

The fourth and last Bureau 121 sub-division is the Electronic Warfare Jamming Regiment, composed of three military battalions (between 2,000 and 3,000 troops) responsible with jamming electronic equipment. This last Bureau 121 is a classic military unit, which US Army officials believe operate out of military bases in Kaesong, Haeja, and Kumgang.

MANY NORTH KOREAN HACKERS OPERATE FROM ABROAD

However, on the other side of the spectrum, Army officials say the three cyberwarfare sub-divisions are more loosely organized, with many of their members being allowed to travel and operate from abroad, in countries such as Belarus, China, India, Malaysia, and Russia.

While the US Army report does not go into details why the Pyongyang regime lets military hackers travel abroad, there are previous reports and court documents that have gone into these details, with the Pyongyang regime using its hackers to set up shell companies that serve both as cover when setting up foreign-based server infrastructure, but also as intermediary entities in money laundering operations.

In September 2019, the US Treasury Department unmasked and sanctioned some of these companies, claiming they were associated with Bureau 121’s hacking groups Andariel, Bluenoroff, and Lazarus.

At the time, US officials said the Pyongyang regime was using its three state-sponsored hacker groups to hack banks, cryptocurrency exchanges, and others, to steal funds that they’d later launder back into North Korea, where government officials would use the same funds for their weapons and missiles programs.

United Nations report estimated that North Korean hackers stole around $571 million from at least five cryptocurrency exchanges in Asia between January 2017 and September 2018, and that total profits from their hacking activities could go well beyond $2 billion.

However, while the US Army report acknowledges that North Korean hackers have been involved in financial cybercrime, Army officials go even further and describe the entire North Korean government as a criminal network, with the Kim regime being involved in a wide range of activities that also included drug trading, counterfeiting, and human trafficking, and not just various forms of cybercrime [123].

Fuentezdnet.com
Fecha de publicaciónagosto 18, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

La artillería ‘made in USA’ comprada por Marruecos que deja fuera de juego a España

El país magrebí sigue reforzando sus fuerzas armadas a golpe de talonario, y no lo hace de...

Últimas noticias

La empresa privada que investiga el incendio de Valencia avisa sobre los peligros de las fachadas ventiladas

Se trata de Synthesis, la misma que indagó sobre el colapso de la Torre Windsor de Madrid,...

Lecciones del incendio de Valencia

El reciente incendio del edificio de Valencia ha hecho que se ponga el foco de atención en este tipo de riesgos, y en las medidas preventivas y reactivas para la protección frente a ellos.

El país más bello y triste jamás inventado

David Jiménez retrata el mundo de los reporteros en la novela 'El Corresponsal', inspirada en hechos reales y ambientada en el totalitarismo...

¿Sabes cuáles son las diferencias entre la Guardia Civil de la Policía Nacional?

Ambos cuerpos se dedican -en esencia- a velar por la protección de los ciudadanos. Sin embargo, cada uno de ellos tiene unas...

No volverás a hinchar las ruedas en la gasolinera: el milagro de Amazon para tener tu coche a punto

Salir de viaje en coche, implica que nos aseguremos que nuestro vehículo está en perfectas condiciones, incluso si...