Since 2009, the Lazarus Group has conducted malicious cyber activity worldwide, impacting governments and the private sector in equal measure. In earlier attacks, the malicious actors compromised South Korean broadcasters and banks' computer networks, rendering the organizations unresponsive in a series commonly referred to as Dark Seoul.
The Lazarus Group later wreaked havoc on Sony Pictures Entertainment, destroying data and publicly releasing employee emails. Their attacks eventually roiled the Bangladesh central bank's account at the Federal Reserve Bank of New York. In 2017, the group was attributed to the infamous WannaCry attacks that used malicious software to encrypt data in compromised networks, forcing victims to pay ransoms to receive the decryption key. Governments worldwide, including the U.S., U.K., Canada, Australia, and Japan, issued statements accusing North Korea of being responsible for the attacks, eventually leading to the U.S. Department of Justice filing criminal charges against North Korean entities.
In this program, panelists who were on the front lines of incident response, forensics, and the eventual investigation and indictments will discuss Lazarus and their worldwide cyber-enabled campaign to destabilize and interfere with international economic systems. They will also discuss how businesses should internalize the lessons learned from Lazarus worldwide malicious cyber activity into strategic and tactical risk mitigation measures.