How North Korean Military Hackers Commit Cyberattacks

Since 2009, the Lazarus Group — commonly attributed to the North Korean government — has conducted malicious cyber activity worldwide, impacting governments and the private sector in equal measure. In earlier attacks, the malicious actors compromised South Korean broadcasters and banks' computer networks, rendering the organizations unresponsive in a series commonly referred to as Dark Seoul.

The Lazarus Group later wreaked havoc on Sony Pictures Entertainment, destroying data and publicly releasing employee emails. Their attacks eventually roiled the Bangladesh central bank's account at the Federal Reserve Bank of New York. In 2017, the group was attributed to the infamous WannaCry attacks that used malicious software to encrypt data in compromised networks, forcing victims to pay ransoms to receive the decryption key. Governments worldwide, including the U.S., U.K., Canada, Australia, and Japan, issued statements accusing North Korea of being responsible for the attacks, eventually leading to the U.S. Department of Justice filing criminal charges against North Korean entities.

In this program from the U.S. Chamber of Commerce, panelists who were on the front lines of incident response, forensics, and the eventual investigation and indictments discussed the Lazarus Group and their worldwide cyber-enabled campaign to destabilize and interfere with international economic systems. They also discussed how businesses should internalize the lessons learned from Lazarus' malicious cyber activity into strategic and tactical risk mitigation measures.