For a country with notoriously limited internet access, North Korea has been surprisingly aggressive with their cyberattacks over the last couple of years. Although a geopolitical storm is brewing between the United States and the Hermit Kingdom, a digital battle has already been fought for some time. Western governments and companies should brace for this cyberwar to heat up even more as the verbal threats fly.
It was reported this week that individuals involved with U.S. defense contractors were baited by Lazarus, the infamous hacker group believed to work for the North Korean authorities. This is the same group responsible for the 2014 Sony hack, a retaliation for the production of The Interview, a comedy depicting the assassination of Kim Jong-Un.
The group is also thought to be behind the WannaCry ransomware attack earlier this year. WannaCry affected over 300,000 people in 150 countries, notably by crippling the computer system of Britain’s National Health Service (NHS), causing surgery delays and emergency room shutdowns. It was the largest ransomware scheme in history, affecting banks, telecommunications companies, and a host of players in other vital sectors.
The latest hack was announced by Palo Alto Networks on Monday. They reported that weaponized Microsoft Office Documents were posted online using the exact copy of publicly available job descriptions for U.S. defense contractors and hosted on compromised systems. While it is unclear how the documents were distributed to contractors and if any were fooled by the postings, the malware was clearly targeted to those who may hold in their networks very sensitive information about U.S. military secrets and other government information.
As we have repeated many times, anyone acting as a supplier to the government or major companies is at great risk of being targeted by cybercriminals.
With the situation in North Korea escalating, companies and contractors everywhere need to take a serious look at their digital weaknesses and assess how to strengthen their cybersecurity capabilities.
The best way to do this is to use Evizone Secure Communications (ESC) and Evizone Communications Governance (ECG). Sign up for a free trial of our software and see for yourself how our closed communication and data storage system can protect your most precious information from unwanted intrusions.
About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, firstname.lastname@example.org