To show the extent of the problem, North Korea stole over $316 million in virtual assets through illicit cyberattacks over the past two years to support its military program, according to a UN Security Council report. Much of the activity was directed towards the U.S. and this continues a pattern of cyberwarfare stemming from the country. The UN report is supported by a Google TAG report.
Looking at the issue for Digital Journal is Casey Ellis, CTO and Founder of Bugcrowd. Ellis says that this string of incidents is an unfortunate validation of the corporate, economic, and national-security value of the work of security researchers.
Ellis says that :”As the security researcher community continues its decades-old effort to secure the Internet and it’s users, this string of incidents is an unfortunate validation of the corporate, economic, and national-security value of the work of security researchers. It’s great to see the Google Threat Analysis Group (TAG) stepping up to look out for and defend the researchers themselves.”
Another aspect is avoding tainting ethical hackers with the work of the infiltrators. Here Ellis explains: “As cybersecurity leaders, we have a responsibility to support the ethical hacker community as they defend the safety of the Internet, and to thwart adversaries like this who are targeting security researchers operating in good faith.”
He adds: “The actions of security researchers have helped thousands of organizations around the world discover and address vulnerabilities before adversaries could exploit them — preventing countless attacks that would undoubtedly prove detrimental to any organizations’ digital operations. Google TAG’s role in sounding the alarm on this threat reiterates the need for security researchers to protect our digital world and those within it, including themselves.”
Going back to the specific threat, Ellis says that this needs to be taken very seriously, noting: “While many questions still linger around recent state-sponsored attacks, this latest incident emphasizes that no company, organization or individual is exempt from being vulnerable to a cyberattack — no matter how robust their cybersecurity posture may be. The North Korean cyberattacker’s new strategy of hiding behind the identity of fake cybersecurity companies is detrimental to previous security researcher efforts in building a sense of trust between themselves, and public and private sector organizations.”
And here, ethical security researchers can prove invaluable, suggests Ellis: “Organizations across industries must recognize the need to accept the assistance of security researchers who are actively defending against a growing legion of adversaries, such as this North Korean hacking group. Even enterprises with in-house security teams can benefit from the help of external security researchers — specifically their ability to provide continuous, 24/7 security testing and monitoring. Speed is the natural enemy of security and the best way to improve an organization’s security posture and beat malicious adversaries is by thinking like one.”