One former British Intelligence chief estimates that North Korean cyberheists may bring North Korea as much as $1 billion per year or one-third the value of the country’s exports. Moreover, with increased sanctions pressure from the U.S. and the U.N., more pressure will be put on the country to ramp up its illicit cyber-activities.
Chris Inglis, a former deputy director of the National Security Agency said, “You could argue that they have one of the most successful cyberprograms on the planet, not because it’s technically sophisticated, but because it has achieved all of their aims at very low cost.”
Retaliation is difficult
The challenge with retaliating against the country is they don’t have a lot of infrastructure to go after and moreover, many of their cells operate outside the country.
According to the New York Times:
North Korea began identifying promising students at an early age for special training, sending many to China’s top computer science programs. In the late 1990s, the Federal Bureau of Investigation’s counterintelligence division noticed that North Koreans assigned to work at the United Nations were also quietly enrolling in university computer programming courses in New York.
When Kim Jong-un succeeded his father, in 2011, he expanded the cybermission beyond serving as just a weapon of war, focusing also on theft, harassment and political-score settling.
How can companies protect themselves against such threats? Here are some ideas:
1. Cybersecurity training is crucial.
2. Auditing and documentation must be performed regularly to ensure systems are secure.
3. Anomaly detection should be running constantly to detect threats as they emerge.
4. Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.
5. Network forensics for when a breach eventually occurs. The bad guys always seem to get in
Regardless of how secure you think you are, it is always a good idea to call in cybersecurity services experts to ensure your systems are as protected as possible. A regular outside audit is absolutely necessary to ensure your systems are as protected as possible.
If you run a business in New York City, midtown, downtown, Wall Street, Fairfield or Westchester counties in Connecticut, consider calling the online security experts at Apex Technology Services.