North Korea expected to increase cyber attacks due to COVID struggles

CrowdStrike also expects an increase in the number of cyber attacks targeting health care institutions

North Korean hackers are expected to launch more cyber attacks this year as the coronavirus pandemic and food shortages start to impact the recluse Asian nation.

In CrowdStrike’s 2021 Global Threat Report, the cyber security firm says it expects the closure of North Korea’s border with China to mitigate COVID-19’s spread, along with severe typhoons and floods that acutely decreased agricultural yield, to be key factors in the potential increase of cyber crime.

“Currency generation operations will therefore likely increase over the next year to compensate for the economic downturn and serve as a lifeline for the country. Moreover, DPRK adversaries may increase economic espionage operations specifically focused against the agricultural sector in an attempt to steal technology that could ameliorate some of the effects of an impending food shortage,” the report said.

“CrowdStrike Intelligence assesses that entities involved with the research, production or distribution of COVID-19 therapeutics will be at a high risk of North Korean targeted intrusions until a vaccine is widely available in North Korea.”

The report also found that 18 ransomware families infected 104 health care organizations in 2020, with the most prolific being Twisted Spider using Maze and Wizard Spider using Conti.

Related Resource

The business guide to ransomware

Everything you need to know to keep your company afloat

The business guide to ransomware - whitepaper from DattoDownload now

“In some cases, adversaries may have avoided targeting hospitals, but proceeded with attacks against pharmaceutical and biomedical companies,” the report’s authors said.

Twisted Spider infected at least 26 health care organizations with its Maze and Egregor ransomware families. Twisted Spider predominantly targeted US-based entities. 

Wizard Spider conducted 25 attacks against the health care industry with Conti and Ryuk. Throughout October 2020, Ryuk was heavily attributed to many infections against US-based health care entities, a surge that occurred despite a concerted disruption effort by cybersecurity vendors in September 2020.

The researchers said that the challenges of 2020, including the rapid pivot to work-from-anywhere, have caused a level of social and economic upheaval that’s unprecedented in modern times. 

“The widespread impact has not deterred cyber adversaries quite the opposite has occurred. In 2020, CrowdStrike observed adversaries exploiting the situation, preying on the public’s fear and escalating attacks,” warned researchers.

The firm said visibility and speed are critical in blocking attackers that have the capability and intent to steal data and disrupt operations.

“Security teams must understand that it is their responsibility to secure their cloud environments, just as they would on-premises systems. They must establish consistent visibility for all environments and proactively address potential vulnerabilities before they can be leveraged by attackers,” the firm added.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Colonial Pipeline hack spurred copycat attacks on other oil and gas companies
hacking

Colonial Pipeline hack spurred copycat attacks on other oil and gas companies

29 Jul 2021
Dark web ads offering access to corporate networks increase sevenfold
hacking

Dark web ads offering access to corporate networks increase sevenfold

28 Jul 2021
Number of hacking tools increasing as cyber criminals become more organized
hacking

Number of hacking tools increasing as cyber criminals become more organized

28 Jul 2021

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021