- SW Community Home
- >
- Software
- >
- Security Research
- >
- HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landsca...
-
-
Communities
- Communities
- Software Home
- Software Product Forums
- Protect724
- Management, Lifecycle Agile & Planning
- Quality & Testing
- Announcements
- Software Events
- Protect724 Events
- Tips and Tricks
- Feedback
- Misc Forums
- IT4IT™ Value Chain
-
Blogs
- All About the Apps
- ArcSight Blog
- Backup and Governance
- Big Data
- Fortify Blog
- IT Operations Management (ITOM)
- IT Service Management
- LoadRunner and Performance Center
- P724 Community Blog
- Protect Your Assets
- Quality and Testing Blog
- Security Research
- Software Solutions
- Voice of the Customer – Interviews by Dana Gardner
-
Quick Links
- Help
- Getting Started
- Community Guidelines
- FAQ
- Ranking Overview
- Rules of Participation
- Company
- Careers
- Corporate Responsibility
- Partner Solutions
- Contact
- Contact
- Tell us what you think
- New phone numbers to log a SW Support Case
- Other HPE Sites
- HPE Live Network Content Marketplace
- HPE Software Support Online
- HPE Support Center
- Protect724
-
Communities
-
Communities
-
Blogs
-
Quick LinksProtect724Product List
- Agile Manager
- ALM & ALM Octane
- Application Integration
- Application Performance Mgnt (BAC / BSM)
- Application Security
- AppPulse
- ArcSight
- Big Data
- Business Process Testing
- Client Automation
- Cloud Automation and Orchestration
- Cloud Optimizer
- CMS – Universal CMDB and Universal Discovery
- Data Center Automation
- Data Protector
- Database and Middleware Automation
- Diagnostics Software
- Fortify
- Functional Testing / QTP
- HPE Anywhere
- HPE Anywhere Development Platform
- Integrated Archive Platform
- IT Asset Manager / DDMi
- IT Executive Scorecard and Financial Management
- ITSMA Suite
- LoadRunner / Performance Center / StormRunner Load
- Mobile Center
- Network Management Solutions
- Network Virtualization
- Obsolete Products
- Operations Analytics
- Operations Bridge
- Operations Orchestration
- Performance Anywhere
- Performance Center
- HPE PC & Server Mgt Software
- Project and Portfolio Management
English
HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Email to a Friend
- Printer Friendly Page
- Report Inappropriate Content
HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape
HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape
In this Security Briefing, we discuss the cyber-landscape inside the Democratic People’s Republic of Korea (DPRK), known in the West as North Korea, and into how that nation pursues its military agenda online. You can listen to this episode of the HP Security Briefing podcast on the Web or via iTunes, and you can read or download the detailed companion report here.
North Korea has a military-focused society and an unconventional technology infrastructure. Due to North Korea’s hostility toward other nations, its pursuit of nuclear weapons, and its human rights violations against its own citizens, the United Nations and many Western entities have placed sanctions and embargoes against North Korea. That said, the nation has continued its tradition of asymmetric warfare into the age of the Internet, with a remarkable commitment to developing cyber warfare capabilities even as it copes with aging infrastructure.
While those capabilities are of particular interest from a national security perspective, available intelligence on this topic is limited due to the nature of North Korea’s Internet infrastructure and the regime’s strict control over its use. This security briefing takes a look at North Korea’s known cyber-capabilities and how the country maintains secrecy in these matters.
Due to North Korea’s global interactions, its cyber warfare capabilities are of particular interest to the U.S. According to a 2009 report, North Korean hackers have successfully penetrated U.S. defense networks more frequently than any other country that has targeted those assets. While one would expect the regime’s digital infrastructure to suffer from aging or lack of resources, these factors do not take away from its technical abilities to wage cyber warfare.
While the U.S. views North Korea’s cyber warfare program as the regime’s foray into modern asymmetrical warfare, its neighbor to the south views those cyber capabilities as a terroristic threat -- preparations for a multifaceted attack, one that will happen sooner rather than later. Over the past two years alone, South Korea estimates that the North has nearly doubled the number of personnel trained and tasked with carrying out cyberattacks. It is of particular interest that much of North Korea’s cyber activity coincides with the annual U.S. – South Korea joint military exercises. Attacks not following that pattern were typically in response to political events impacting the regime or correlated with significant dates, such as the anniversary of the start of the Korean War. Our report digs into attacks that have taken place to date and how they were carried out.
Obtaining details on North Korea’s cyber warfare capability is not an easy task. Through information obtained via open source intelligence (OSINT) and from original analysis by HPSR malware researchers, we present what is known about North Korea’s cyber warfare programs and its supporting intelligence and psychological operations capabilities.
-
HPSR
-
threatbriefings
- Back to Blog
- Newer Article
- Older Article
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Email to a Friend
- Printer Friendly Page
- Report Inappropriate Content
- on: Analytics in security
- on: Subtle shift in Microsoft’s patching policy could have wide-reaching effect
- on: There and back again: a journey through bounty award and disclosure
- on: HP Security Briefing, Episode 22: The hidden dangers of inadequate patching strategies
- SasiSiddharth on: Analyzing CVE-2015-1635 from cause to cure
- on: Crypto Manifesto 2015
- on: Full details on CVE-2015-0096 and the failed MS10-046 Stuxnet fix
- on: HPSR, Microsoft, disclosure, and the $125,000 bug bounty
- on: Life after Windows Server 2003: Ready or not, here it comes
- on: POS malware - a look at Dexter and Decebal
-
0day
4 -
abap
1 -
access control
1 -
adobe
2 -
Altcoin
2 -
Android
1 -
antivirus
1 -
apache struts
2 -
Apple
1 -
Application security
1 -
appsec
1 -
April Fools
4 -
ArcSight Application View
1 -
Articles of interest
13 -
ASLR
1 -
Autonomy
1 -
Big Data
1 -
Bitcoin
4 -
Bitcoin ATM
1 -
Bitcoin Mining
1 -
bitcoinATM
1 -
Black Hat
3 -
bounty
3 -
CanSecWest
2 -
CESG
1 -
chrome
1 -
computer security
4 -
conferences
1 -
crashes
1 -
credit card
1 -
Cryptocurrency
4 -
cryptography
2 -
CVE-2015-1635
1 -
cyber risk report
1 -
cybercrime
2 -
database
1 -
debugging
1 -
Denial of Service
1 -
DEP
1 -
Disclosure policy
1 -
django
1 -
DNS
1 -
drones
1 -
DVLabs
5 -
dynamic analysis
1 -
Dynamic Application Security Testing
1 -
Dynamic Web Application Security Testing
2 -
emet
1 -
Engineering
1 -
Enterprise security
1 -
exploit
17 -
exploits
2 -
FalseConnect
1 -
Field
1 -
Firefox
1 -
firmware
1 -
flash
1 -
Fortify
3 -
Fortify Runtime
1 -
Fortify SCA
1 -
FREAK
1 -
galaxy
1 -
Google
1 -
GPS
1 -
heartbleed
1 -
HP
14 -
HP Application Defender
5 -
HP Atalla
1 -
HP Fortify
4 -
HP Fortify SCA
2 -
HP SecureBase
2 -
HP Security Research
2 -
HP Voltage
1 -
HP WebInspect
7 -
HPE Security Research
41 -
HPSR
114 -
HTTP.sys
1 -
ibatis
1 -
IE
2 -
IE0day
1 -
IIS
1 -
Infographic
1 -
Integer Overflow
1 -
Internet Explorer
1 -
Internet of Things
1 -
Intrusion prevention system IPS
1 -
iOS
2 -
IoT
1 -
Java
1 -
Languages
1 -
LDAP
1 -
lists
1 -
localhost
1 -
Maltese
1 -
Malware
7 -
MemoryProtection
1 -
Microsoft
2 -
Microsoft Windows
1 -
mitigation bypass
2 -
Mobile
11 -
monthly patch review
2 -
MS15-034
1 -
mybatis
1 -
Network security
1 -
next-generation firewall NGFW
1 -
Nexus
1 -
NGFW
1 -
north korea
1 -
NSA
1 -
o-day
1 -
open source
1 -
openssl
1 -
OpSec
2 -
Oracle
1 -
orm
1 -
OSINT
9 -
OWASP
1 -
OWASP AppSec USA
1 -
Patch Tuesday
1 -
patches
4 -
POODLE
1 -
Privacy
3 -
proxy authentication
1 -
pwn2own
29 -
pwn4fun
1 -
python
3 -
Remote code Exection
1 -
Research
15 -
Reserach
1 -
reverse engineering
1 -
RFD
1 -
RISCS
1 -
risk report
1 -
RSA
1 -
ruby
1 -
rulepack
1 -
Safari
2 -
Samsung
3 -
sandboxbypass
1 -
SAP
1 -
SCA
1 -
SecOps
2 -
Security
44 -
security analytics
1 -
security conference
1 -
security intelligence
2 -
Security Research
13 -
security tools
1 -
seven pernicious kingdoms
2 -
SIEM
2 -
SOC
2 -
software security
2 -
Software Security Research
1 -
sony
1 -
sourceanalyzer
1 -
speaking
1 -
spoofing
1 -
Spring
1 -
SQL Injection
1 -
SSC
1 -
SSR
10 -
static analysis
3 -
static analyzer
1 -
Struts1
1 -
Struts2
1 -
stuxnet
3 -
threat briefing
2 -
threat briefings
1 -
Threat intelligence
9 -
threat modeling
2 -
threatbriefings
21 -
threatmodeling
2 -
TippingPoint
4 -
tools
2 -
Training
1 -
trojan
1 -
UAF
1 -
unicorn
1 -
Vertica
1 -
Virus Bulletin
1 -
vulnerabilities
7 -
Vulnerability
10 -
vulnerability analysis
1 -
vulnerability research
1 -
Web Framework Vulnerabilities
1 -
WebInspect
2 -
Windows Server 2003
1 -
ZDI
43 -
ZDI@10
2 -
Zero Day
1 -
Zero Day Initiative
14
