Hackers working on behalf of the North Korean government have attempted to breach American power companies using spearphishing emails.
NBC News reports:
The emails used fake invitations to a fundraiser to target victims, FireEye said. A victim who downloaded the invitation attached to the email would also be downloading malware into his or her computer network, according to the FireEye report. The company did not dispute NBC’s characterization of the report, but declined to comment.
There is no evidence that the hacking attempts were successful, but FireEye assessed that the targeting of electric utilities could be related to increasing tensions between the U.S. and North Korea, potentially foreshadowing a disruptive cyberattack.
“This is a signal that North Korea is a player in the cyber-intrusion field and it is growing in its ability to hurt us,” said C. Frank Figliuzzi, a former chief of counterintelligence at the FBI.
The attempted intrusion was discovered by FireEye, a private-sector cybersecurity firm.
Experts believe that North Korea possesses a significant cyberwarfare capability that is only growing.
“We’ve been worried for some time that one of the ways that North Korea can retaliate against further escalation of tensions is via cyber, and particularly attacks against our financial sector,” Dmitri Alperovitch, co-founder of Crowdstrike, a cybersecurity firm, told NBC News in August. “This is something they have really perfected as an art against South Korea.”
Power companies deal with these kinds of attacks all the time and have developed substantial defenses against such efforts. But all it takes is one breach to put much of the grid at risk of disruption, which would be catastrophic.
Why it’s on our radar: Information in this article helps satisfy Priority Intelligence Requirement 3: What are the latest indicators of a U.S.-North Korea war? Each week in our Strategic Intelligence Summary, we gauge the likelihood and scope of conflict with Russia, China, North Korea, and in the Middle East, and track the latest developments in each region. Subscribe here to receive our premium intelligence products prepared by Intelligence and special operations veterans.
