The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued an alert against malicious cyber activity by the North Korean government called “Hidden Cobra.” State-sponsored North Korean hacker groups are actively targeting businesses globally in media, aerospace, financial, and critical infrastructure sectors with malware and Botnet-related attacks.
HIDDEN COBRA: What You Need to Know
The North Korean group behind Hidden Cobra is known as the Lazarus Group and were previously tied to the Sony hack by the FBI. They have been linked to a series of global bank hacks and other cyber espionage activities, including most recently the global WannaCry ransomware attack.
HIDDEN COBRA uses malware called DeltaCharlie to control a DDoS botnet and conduct widespread distributed-denial-of-service attacks (DDoS attacks). A botnet, also sometimes referred to as a “zombie army,” is a group of hijacked Internet-connected devices that are injected with malware used to control them remotely. DDoS attacks occur when many infected devices attack a target, such as a server or a website, and cause a denial of service for users of the targeted resource. DDoS attacks are used to cripple a target and hide other malicious activity by bombarding websites with garbage traffic so that legitimate users can’t access them. According to the DHS and FBI, a successful DDoS attack could result in “temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation.”
Your Best Defense
Hidden Cobra typically targets vulnerable applications and computers running older, unsupported versions of the Microsoft operating system along with vulnerable versions of Adobe Flash player. These attacks are successful in part because there are so many users who don’t regularly update their computers. To protect your organization from this threat, we recommend that all businesses and individuals upgrade these applications to the latest version and continue to do so on a regular basis. Ensuring that your applications and operating systems are patched with the latest updates will greatly reduce your risk of falling victim to the attack. Get instructions how to automatically keep your PC up to date here.
Since 2005, JPMerc has helped small to mid-sized businesses use technology more effectively — so it fuels their productivity and success, instead of getting in the way. Contact us to discuss your company’s IT needs.