We’re kicking off Eye on Security in 2021 with a nation-state-themed miniseries that focuses on the big four, which we recognize as North Korea, Iran, China and Russia. In this episode, I invited Fred Plan, Senior Analyst for Mandiant Threat Intelligence, onto the podcast to talk about North Korea.
Fred started our discussion by providing some background on the country, how it operates geopolitically, and why they’ve shifted their focus to a cyber capability. We also review their early cyber operations that primarily targeted South Korea and their expansion to the U.S. private sector with the Sony hack. Since then, North Korea continues to be active in both financially-motivated and espionage-related operations.
There are a lot of behaviors that make North Korean cyber operations unique, due in part to the country being very closed off. Their cyber operations have demonstrated rapid shifts in targeting, which likely comes at the request of the regime. We most recently saw this with their targeting of COVID-19 research and vaccine distribution. North Korea hasn’t publicly reported on any COVID-19 cases, so their cyber behavior offers us a glimpse into what might actually be going on within the country.
As always, we like to predict what we’ll see next in a region or from an actor. In this case, Fred says it’s quite difficult to know what North Korea is up to next. Find out why when you listen to the episode.