National Security

Hidden Cobra: Shadowy North Korean Hacking Group Has Been Launching Attacks For Nearly A Decade

REUTERS/KCNA

Daily Caller News Foundation logo
Ryan Pickrell China/Asia Pacific Reporter
Font Size:

The U.S. government issued a rare alert Tuesday on a string of illegal cyber operations and attacks over the past eight years on the reclusive North Korean regime.

A hacker group known as Hidden Cobra, “cyber actors of the North Korean government,” have attacked media, aerospace, and financial sectors, as well as infrastructure, in the U.S. and elsewhere, the FBI and Department of Homeland Security said in a joint warning, according to Reuters.

Private sector cyber experts have traditionally referred to Hidden Cobra as the Lazarus Group and Guardians of Peace. The group has been linked to major attacks, such as the Sony Pictures hack in 2014 and the theft of $81 million from the Bangladesh central bank’s account at the Federal Reserve Bank of New York in 2016. Hidden Cobra may have also been behind several serious cyber attacks on South Korean financial, energy, and transportation firms.

Symantec Corp and Kaspersky Labs reported last month that it is “highly likely” the group was behind the WannaCry Ransomware attacks that infected over 300,000 computers worldwide.

Analysts have long suspected that the Lazarus Group had ties to the North Korean government. An investigation into the cyber bank heist revealed a “direct connection” to North Korea for the first time.

While the FBI/DHS alert did not identify victims, it provided insights into the groups methods, which include denial of service attacks, keystroke logging, remote access, and malware dissemination. The North Korean hacker group primarily attacks electronic systems running older, unsupported versions of Microsoft operating systems.

“The U.S. government seeks to arm network defenders with the tools they need to identify, detect and disrupt North Korean government malicious cyber activity that is targeting our country’s and our allies’ networks,” a DHS official told Reuters, stressing the need to curb North Korea’s malicious online activities.

“DHS and FBI assess that HIDDEN COBRA actors will continue to use cyber operations to advance their government’s military and strategic objectives,” Tuesday’s alert explained.

Follow Ryan on Twitter

Send tips to ryan@dailycallernewsfoundation.org.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.