North Korea is using Microsoft, Apple and Samsung tech in its cyberattacks
North Korea might be at odds with countries like the US and South Korea, but it'll gladly use their technology.
Researchers from Recorded Future, a threat intelligence company, found that North Korean hackers have used technology from Microsoft, Apple and Samsung to carry out cyberattacks. The isolated country has been behind major attacks, including the WannaCry ransomware, which locked up thousands of computers across 150 countries and ensnared hospitals, universities and airports with its malware.
Microsoft and Samsung did not immediately respond for a request for comment.
The nation's government was also behind the Sony hack, which was considered one of the most destructive attacks on a company on US soil at the time.
Priscilla Moriuchi, Recorded Future's director of strategic threat development, said the team discovered an "overwhelming presence of American software" on North Korea's network. Despite decades of trade sanctions, North Korean hackers have used workarounds and loopholes to get hold of US and South Korean technology for its attacks, she said.
"North Korea has pretty much professionalized working around sanctions for the past 30 years," Moriuchi said. "For decades, they've conducted and run these illicit networks around South East Asia, East Asia, China."
US technology isn't supposed to be in North Korea, but several loopholes in trade sanctions have allowed electronics to pass through. North Koreans have used fake addresses and names to get through sanctions, including a shell company called Glocom.
Recorded Future researchers said Glocom used a network of fake companies in Asia to purchase US parts from resellers, and even cleared payments through US bank account at one point.
"These are gaping holes we're allowing rogue regimes like North Korea to exploit," Moriuchi said. "We don't want American technology victimizing American businesses and government."
Companies that have been caught sending US technology to North Korea have faced the consequences, like Chinese phone giant ZTE agreeing to pay $1.2 billion as part of penalties. Huawei, another Chinese phone company, is also under investigation for allegedly sending US technology to North Korea.
The American technology found on North Korea's network includes Apple's iPhone X and Microsoft's Windows 10. Through a partnership with a third-party metadata collection service, Recorded Future said it also found devices like Samsung's Galaxy S7 and S8 Plus on North Korea's network.
The researchers used five different data sources to confirm their findings, including Shodan, a search engine for finding internet-connected devices.
Because of changing policies over the last two decades, North Korea has also been able to legally purchase many US computers and phones, Moriuchi said.
Since 2002, US exporters have sent $483,543 worth of electronics, much of it outdated devices, to North Korea. In some years, such as 2006, total bans prevent any sales. In other years, policies change and North Korea is able to purchase US electronics.
Another loophole is the absence of a definitive standard for sanctions across the world. While electronics fall under "Luxury Goods" in the US's sanctions restrictions, they don't in China. In the EU, the luxury goods definition only applies to products that are worth more than 50 euros (about $58).
"The problem is that each country is allowed to interpret the term 'luxury goods' however they feel," Moriuchi said.
Post a Comment