Security Experts:

Connect with us

Hi, what are you looking for?



Cyber-Attacks From North Korea Jump Significantly: Solutionary

Researchers at Solutionary say attack activity originated from North Korea has jumped exponentially in recent months.

Researchers at Solutionary say attack activity originated from North Korea has jumped exponentially in recent months.

According to Solutionary, North Korea typically generates between 34 and 200 “touches” – known acts of reconnaissance, an overt external attack or an attempt to exfiltrate data – each month. In February however, that number increased several times over to 12,473.

“What is special about February of 2013? Only the latest escalation of events with North Korea,” blogged Jon Heimerl, director of strategic security at Solutionary. “On February 12, North Korea announced that it had conducted an underground nuclear test. While there is some debate over whether or not the detonation was nuclear, an underground explosion consistent with a nuclear warhead has been confirmed by several other nations. The test generated widespread condemnation and once again raised potential sanctions against North Korea. North Korea has responded with additional aggressive words, and another threat to test one of their missiles that they say is capable of delivering a nuclear warhead.”

The sheer size of the increase indicates that this is not a coincidence, he argued. In addition, the numbers in March represented a 1,913 percent increase compared to the average number of monthly touches recorded during the January 2012 and January 2013 timeframe, he wrote.

“Just as interesting is the profile of the targets of the network-based touches,” he noted. “According to Solutionary data, North Korean related events pretty evenly spanned target organizations across 13 industries, but showed a clear favoritism for targeting organizations in the financial community.”

From January 2012 through January 2013, 49.1 percent of all North Korean sourced cyber-activity seen by Solutionary was directed at financial companies. In February however, that number jumped to 99 percent. This trend continued into March and spanned the same timeframe that North Korea waged denial of service attacks against South Korean banks and broadcasting companies, he wrote.

“Now, there is no evidence that any of this is supported or even encouraged by the North Korean government,” blogged Heimerl. “But, there do appear to be several parallels between escalated verbal rhetoric and escalated cyberattacks. It is evident that, whether government influenced or not, that the dual-path of aggression is a new way of facing the world, at least from North Korea. Given the more hard-line government in North Korea, we expect escalations like this to continue, and to become even more evident in other conflicts around the globe.” 

Written By

Click to comment

Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.