World War III has already started. It snuck up on us all. It comes in the form of cyber warfare and it is really serious. The claims of Russia meddling in the American elections pale in comparison to the acts of war that have been committed by North Korea against the rest of the world.
North Korean Cyber Attacks Intensify
The general public started to become aware of this problem, during 2014, when North Korea hacked Sony Pictures in Japan because of its release of the film The Interview. The comedy film starring James Franco and Seth Rogen makes fun of the Supreme Leader of North Korea, Kim Jong Un. It makes him look tyrannical, gluttonous, silly, and stupid. At the end of the film, the North Korean leader is killed before he can launch a nuclear weapon.
This year, Reuters reported that North Korea is responsible for hacking at least 10 cryptocurrency exchanges in South Korea during 2017. The hackers stole over $7 million in cryptocurrency from these financial exchanges. This cryptocurrency is worth over $80 million now if the North Koreans kept it.
North Korea is implicated in other hacking attacks on cryptocurrency exchanges and may be responsible for the theft of over $500 million from the Mt. Gox exchange that caused the largest cryptocurrency exchange in the world to go bankrupt.
North Korean hacking is not limited to stealing things that have financial value, however. DW reported that during 2017, North Korean hackers stole the U.S. – South Korean war plans.
Wannacry Ransomware Attack
A recent report from DW said that the US and the UK now blame North Korea for spreading the Wannacry ransomware virus across the world starting in May 2017. This malware caused major disruptions in the computer systems and networks in over 150 countries.
With the release of the Wannacry malware, North Korea attacked the entire world. This ransomware took down critical infrastructure systems. It caused significant damage to hospitals, airports, banks, and many other organizations. Part of the UK national health system was shut down. International companies like FedEx suffered damages in the hundreds of millions of dollars.
What is ransomware?
Ransomware locks down computer systems so the authorized users cannot access their own files. In order for the system to be unlocked, a user must pay for an encryption key from the attacker. The money demanded by the Wannacry ransomware was to be paid in Bitcoins. This is because an owner of a Bitcoin account remains anonymous.
Even when users pay the ransom to try to unlock their computer systems, the encryption key needed may not be sent, so they pay for nothing. This is why law enforcement officials do not recommend paying the ransom. The lowest ransom demand was $300, the highest demand was $5.5 million.
Protection From Ransomware
The best practices on how to deal with ransomware risks are:
1) Businesses and individuals should always make regular backups of critical data. Once a backup copy is made, take the device used to store the data offline. This is called putting data in “cold storage,” making in inaccessible by the Internet.
2) For added security, businesses should make at least three exact backup copies and then store them offline in three different physical locations.
3) Do not permit the unregulated download of any email attachments from unknown sources. Scan all email attachments first before downloading them, even if from known sources.
4) Do not allow any unauthorized personal devices to connect to a business network or to be physically brought into the vicinity of any network equipment. This includes USB thumb drives or other storage media, mobile phones, and personal computers.
5) If infected by ransomware, immediately disconnect the infected system from any network.
6) Wipe the memory of that system completely clean to remove all data.
7) Restore the critical data from secure backups.
8) Upgrade all software with security patches. Install ransomware blocking software.
9) Conduct a security review to determine what caused the breach and how the ransomware entered the system.
10) Secure the system from the breach before putting it back online to avoid re-infection with the malware.
United States Counter-Attacks
Business Insider says there is speculation that the US is already launching cyber attacks to counter the North Korean actions. The U.S. is specifically targeting the systems that operate the nuclear weapons possessed by North Korea. This work is top-secret, so detailed information about the American counter-attacks is not released to the public.
There are things that can be done to thwart cyber warfare from North Korea. Hardening network systems in the rest of the world is a priority. Major global corporations working in IT and government agencies in many countries need to coordinate efforts to stop the actions of North Korea.
The United States, with United Nations support, should ask Russia to cut off the two fiber-optic cable connections that come from North Korea and then pass into Russian territory. These connect North Korea to the rest of the global Internet.
Satellite signal transmissions from North Korea to connect to the Internet using satellites need to be disrupted. Human agents who leave North Korea to conduct cyber attacks from other countries need to be tracked, captured, and arrested for violation of international law.
Make no mistake about it, these cyber attacks from North Korea are all out war against the entire world. World War III has already begun, with the first major battles being fought in cyberspace.