US issues alert on North Korea cyberattacks
New activity dubbed “Hidden Cobra” targets critical infrastructure
The US government issued a public alert Tuesday that warned against cyber actors of North Korea’s government targeting the media, aerospace, financial and “critical infrastructure sectors in the United States and globally.”
The report in Korea JoongAng Daily said the US acknowledged such attacks had been occurring since 2009, but that the FBI had recently detected new activity directed by Pyongyang.
The so-called Technical Alert was jointly issued by the Department of Homeland Security (DHS) and the FBI, who identified IP addresses associated with a malware variant known as DeltaCharlie. The virus was used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure, the report said. The US government has named the malicious cyberactivity Hidden Cobra.
Neither the victims nor the amount of damages were specified.
The FBI said it had “high confidence” that Hidden Cobra actors were using the IP addresses for further network exploitations and will continue to use cyber operations “to advance their government’s military and strategic objectives.”