North Korean Cyber Attacks

Now that the dust has settled on the North Korea alleged attack on Sony (or maybe not – new information seems to be coming out every other day on this), I thought we should take a little look at how frighteningly quickly a cyber attack was able to be initiated.

Was a team of expert hackers quickly assembled? Was the vast amount of infrastructure required to undertake such an attack setup at a moment’s notice?

There’s a huge misconception out there (and it doesn’t seem to be going away) that most medium sized companies either are not interesting enough or not big enough to be hacked and this Sony attack seems to have fuelled this misconception. I can hear the conversations in SME board meetings now; “Well that only happened because it was Sony, that’s never going to happen to us”. Or “North Korea has never even heard of us, we’re never going to get attacked like that”.

These two thoughts, both lead to the same misconception; and that is that Cyber-attacks are usually targeted.

Cyber crime is an industry, and a very big industry at that. Recent reports suggest that the industry was the second largest behind the illegal drugs trade. When analysis of time patterns of attacks are undertaken, they usually coincide with the working hours of the countries from which they’re initiated confirming the thoughts that these criminal organisations employ individuals to conduct the malicious activity. Just picture 100’s of individuals “clocking in” to do a day’s work. These are your hackers and these aren’t bedroom based, targeted attacks. They’re just scanning and scouring the internet for vulnerabilities and if you’re vulnerable, you’re systems will be compromised and once they’re compromised word will spread.

So the fact is that the reverse is true; cyber attacks are rarely targeted. Sony may have been targeted in this case but this rarely happens.