Today's Wall Street Journal has an article focused on North Korea's attacks on banks, which amount to state-sponsored bank thefts like the one in Bangledesh and to ones now in South Korea. Previous attacks on South Korea were mostly to disrupt networks and not to make money. The article infers North Korea is trying to get cash to finance its nuclear program which has fallen on hard financial times.
I always watch North Korea because they are a canary in the Chinese coal mine. China does its experimentation with cyber attacks that will cause international concern (like Sony and going after the internal bank network, SWIFT) through North Korea. It is a role they relish and one where retaliation against them does little good. They don't have enough cyber infrastructure to make the attacks worthwhile. Could China stop them if they wanted to? They could but they won't.
China's way of telling the world about the new kind of cyber war they intend to foster is through real attacks by the North on targets that are visible and likely to know who is attacking them. In other words, they have good skills at attribution. It is a warning that says "mess with me and this is what you get" which North Korea probably does a little too often for its own good. They lay claim to a capability to disrupt financial markets and banks ability to transfer money safely between themselves, or suffer losses that are beyond what insurance will cover. We should be listening to this warning because they look like they are developing a growing capability that is used indiscriminately and largely without challenge.
This is where the financial community needs to get itself together and throw a couple of warnings back their way - and China's way too, just so there is no misunderstanding about where the threat actually comes from. There are enough countries involved that an agreement between them to attack back and let both of them know what will happen if they go after financial institutions as a part of their war. North Korea may not be as dependent upon computers but China certainly is. Some of the attack vectors used on the South can be equally applied to its neighbors in China. Those ransomeware attacks that don't really collect very much money are one of the ways to get their attention. When North Korea attacks, spread those attacks to the friends of the North that keep them going. They are all connected by computers.
The countries most affected by Wannacry were the United Kingdom, the United States, Spain, Russia and China. If North Korea was really behind Wannacry, somebody may be doing that now, without the focus on the North's best friends. It wouldn't take much to change that into a deterrent that neither China, nor the North, would soon forget.
No comments:
Post a Comment