14 DAY TRIAL // A research conducted by threat intelligence company Recorded Future reveals that North Korea is using technology developed by American and South Korean companies to carry out its cyber operations.
The report reveals that despite sanctions against the country, North Korea has relied on latest-generation technology developed by its often considered to be enemies to access the Internet and eventually launch attacks that disrupted the activity of certain governments.
North Korea is believed to be the actor behind the WannaCry ransomware attack that started last year and which impacted a significant number of systems worldwide, eventually rendering them useless and taking entire networks offline.
Large network of companies used to bring luxury goods to North Korea
Recorded Future says that it was able to identify products like Microsoft (all versions from 2000 to 10), several Samsung phones, Apple iPhones (4s and newer, including the X) and MacBooks as being connected to the Internet for various purposes.
“While the majority of North Korean cyber operations are likely conducted from abroad, a small minority historically have been conducted from territorial North Korea. These operations have been conducted utilizing this very same hardware and software. This means that minimally, U.S. technology has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions,” the report reads.
The report notes that US-based technology makes its way to North Korea despite sanctions, adding that the country has relied on loopholes for a long period of time in order to carry out their cyber operations.
“North Korea has pretty much professionalized working around sanctions for the past 30 years. For decades, they've conducted and run these illicit networks around South East Asia, East Asia, China,” Priscilla Moriuchi, director of strategic threat development at Recorded Future, said.
The research notes that North Korea’s operation involved fake names and addresses, as well as a shell company called Glocom that used an entire network of other firms to bring technology to the country.