The World Once Laughed at North Korean Cyberpower. No More.
Seven months later, during joint military exercises between American
and South Korean forces, North Korean hackers, operating from computers inside China, deployed a very similar cyberweapon against computer networks at three major South Korean banks and South Korea’s two largest broadcasters.
It may have been a copycat operation, but Mr. Hannigan, the former British official,
said recently: “We have to assume they are getting help from the Iranians.”
And inside the National Security Agency, just a few years after analysts had written off Pyongyang as a low grade threat, there was suddenly a new appreciation
that the country was figuring out cyber just as it had figured out nuclear weapons: test by test.
It turned out that visitors to the Polish regulator’s website — employees from Polish banks, from the central banks of Brazil, Chile, Estonia, Mexico, Venezuela,
and even from prominent Western banks like Bank of America — had been targeted with a so-called watering hole attack, in which North Korean hackers waited for their victims to visit the site, then installed malware in their machines.
But his attitude began to change in the early 1990s, after a group of North Korean computer scientists returned from travel abroad proposing to use the web to spy on
and attack enemies like the United States and South Korea, according to defectors.
A South Korean lawmaker last week revealed that the North had successfully broken into the South’s military networks to steal
war plans, including for the “decapitation” of the North Korean leadership in the opening hours of a new Korean war.
Like Iran’s Aramco attacks, the North Korean attacks on South Korean targets used
wiping malware to eradicate data and paralyze their business operations.
