• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 

Experts uncover critical flaws in Kigen eSIM technology affecting billions

 | 

Spain awarded €12.3 million in contracts to Huawei

 | 

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Wing FTP Server flaw actively exploited shortly after technical details were made public

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

 | 

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

McDonald’s job app exposes data of 64 Million applicants

 | 

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber warfare
  • Security
  • North Korea doubles units of its cyber army

North Korea doubles units of its cyber army

Pierluigi Paganini July 07, 2014

North Korea has doubled the number of its elite cyber warriors over the past two years and established overseas bases to run hacking attacks.

The majority of people ignores that all over the world, many silent conflicts happen, the cyberspace is considered for this reason the fifth element of warfare. Unfortunately the effects of these cyber attacks could be serious and could also menace the population of a country, Stuxnet case demonstrated the fragility of a critical infrastructure and the efficiency of a cyber weapon.

One of the most intensive cyber dispute is the one that is fought by North Korea and South Korea, two countries with very good cyber capabilities, that in many cases have tried to hit their enemies from the cyberspace.

The tension between North Korea and South Korea is very high, both governments are spending a great effort to improve their cyber capabilities and to assert their supremacy over their rivals.

Early this year the Yonhap news agency reported that the Government of Seoul was working for the development of a cyber weapon to hit North Korean nuclear facilities. The decision to hit North Korean nuclear facilities is motivated by the intensification of  the testing of nuclear weapons conducted in underground with controlled explosions by the Government of Pyongyang.

“Once the second phase plan is established, the cyber command will carry out comprehensive cyber warfare missions,” said a senior ministry official referring the possibility to target North Korean nuclear plants.

North Korea has the highest percentage of military personnel in relation to population, it has approximately 40 enlisted soldiers per 1000 people with a considerable impact on the budget of the country. Last year a defector has declared that North Korea has increased its cyber warfare unit to staff 3,000 people and it is massive training its young prodigies to become professional hackers.

North Korea cyber army

But new revelations on the cyber capabilities of North Korea are worrying Seoul, the government of Pyongyang has doubled the number of the units of its cyber army. According to a report issued by the news agency, the number of cyber warriors of the The North Korea now is 5,900 and the cyber army has also established overseas bases for hacking attacks.

“The communist country operates a hacking unit under its General Bureau of Reconnaissance, which is home to some 1,200 professional hackers,” a military source was quoted as saying.

The South’s Yonhap news agency revealed that North Korean cyber units were involved in a series of cyber attacks launched through overseas bases in countries such as China. The North Korean cyber army hit many times the infrastructure of the South Korea, banks, military entities, media and TV broadcasters were hit with malware and other sophisticated techniques.

In July Mc Afee Lab experts revealed that hackers behind the recent attacks against South Korean infrastructure are professionals that designed also malicious code to steal military secrets to the South Korea and US military. Security experts at McAfee Labs revealed that the malware used during the attacks was expressly designed to find and steal secret information on US forces involved in joint exercises in South Korea.

Researchers dubbed the campaign Operation Troy due the numerous references into the source code of the city, the malicious code used appears the same implanted into a social media website used by military personnel in South Korea in 2009.

Ryan Sherstobitoff, a senior threat researcher at McAfee, provided to the The Associated Press a report that will be publicly issued later this week on the analysis of malware instances detected. Despite it is not clear the exact amount of information stolen, neither the exact networks penetrated by attackers, South Korean Government blamed North Korean state sponsored-hackers.

Researchers highlighted that there are various clues in the malicious code which lead to the North Korea, for example the password used to unlock encrypted files contains the number 38 probably linked to “38th parallel” that separates the North from South Korea.

Sherstobitoff started the investigation after the malware based attacks occurred on March 20th, known as the Dark Seoul Incident, in which tens of thousands of hard drives belonging to television networks and banks in South Korea were wiped.

“This goes deeper than anyone had understood to date, and it’s not just attacks: It’s military espionage,” Sherstobitoff said

As usual, the North has denied any involvement and accuses South Korea of fabricating the incidents to increase the tension between the states.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –  cyber warfare, Korea)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

critical infrastructure cyber army cyber warfare cyber weapon General Bureau of Reconnaissance malware No. 91 Office North Korea Operation Troy South Korea stuxnet

you might also like

Pierluigi Paganini July 14, 2025
Global Louis Vuitton data breach impacts UK, South Korea, and Turkey
Read more
Pierluigi Paganini July 14, 2025
Experts uncover critical flaws in Kigen eSIM technology affecting billions
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

    Hacking / July 15, 2025

    Interlock ransomware group deploys new PHP-based RAT via FileFix

    Cyber Crime / July 14, 2025

    Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

    Data Breach / July 14, 2025

    Experts uncover critical flaws in Kigen eSIM technology affecting billions

    Security / July 14, 2025

    Spain awarded €12.3 million in contracts to Huawei

    Intelligence / July 14, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT