Category: Cybersecurity

North Korea is one of the main perpetrators of the growing threat to cyber security. At least since the attack on Sony Pictures in 2014, the country has been perceived as a major cyber player on the international stage. Since then, Pyongyang has used its hacking skills to circumvent international sanctions and steal funds.

Pyongyang was able to use the captured funds to finance the development of its nuclear and missile program. North Korea also uses cyber operations for (digital) espionage. The targets are wide-ranging: they are directed against universities, human rights organizations and media companies, create discontent or distrust through election fraud and attack critical national infrastructures. The increasing importance of North Korea in the area of cybercrime and cybersecurity is also the reason why we maintain a separate blog post on the topic here.

As an example, a study by Recorded Future’s Insikt Group paints an alarming picture of North Korean cybercrime. These activities, which have increased since 2017, target the cryptocurrency industry and have enabled North Korea to steal an estimated 3 billion dollars in cryptocurrencies.

In recent years, Iran has significantly expanded its cyber capabilities and is using them aggressively against Western states. These measures include a variety of attacks ranging from data theft to destructive cyberattacks. Iran’s cyber strategy reflects the country’s overall asymmetric warfare and demonstrates how Tehran uses its limited resources to achieve significant impact.

As digitalization progresses, the landscape of international security has changed considerably. The activities of state-supported hacker groups in particular are increasingly becoming the focus of global attention. One of these groups, which has become particularly prominent in recent years, operates from China.

These hackers, often directly or indirectly linked to the Chinese government, are known for their efforts to gain technological and economic advantages through cyber attacks. In this blog post, I will address the topic in a casual style.

Russian hacker groups are known worldwide for their sophisticated and far-reaching cyberattacks. These groups are often associated with state support and pursue a variety of objectives, including political manipulation, espionage, economic sabotage and disinformation. Their activities have a significant impact on global cyber security and pose a serious threat to state and private organizations.

The Russian hacker ecosystem is a complex and diverse network of actors, platforms and methods that is used for both financially motivated and state-sponsored cyber attacks. The close links between criminal actors and government agencies make this ecosystem particularly dangerous and difficult to combat. An effective defense against these threats requires a deep understanding of the structures and motivations within this ecosystem as well as international cooperation and robust cybersecurity measures.

In an increasingly networked world, cyber espionage is becoming a growing threat. A recently published paper by the German Federal Office for the Protection of the Constitution (BfV) sheds light on the structures and procedures of the APT units of the Chinese company i-Soon. This document, part 1 of the 4-part series “CYBER INSIGHT”, offers first valuable insights into the methods and strategies behind the industrialization of cyber espionage. There are now four parts with in-depth insights.