Full Text

The United States government labels them HIDDEN COBRA. In 2013, the South Korean financial system fell victim to a mysterious "WhoIs Team." The attackers behind the Sony Pictures hack called themselves the "Guardians of Peace."' They prey on user data, cryptocurrency, and vaccine intellectual property. Today, they are most commonly identified as the Lazarus Group.

Not much is known about the Lazarus Group, apart from the fact that they are a collective of North Korean cybercriminals. The US intelligence community alleges that they serve the North Korean state, mostly undertaking acts of espionage and hacking financial institutions for the much-needed money to fund the heavily sanctioned nation and its nuclear program. As of late 2019, the Lazarus Group has crippled hundreds of thousands, if not millions, of computers and stolen up to US$2 billion. Despite the mystery surrounding the Lazarus Group, one thing is clear: they are one of the greatest cyber threats to the security of the international community.

The Lazarus Group

Although the origins of the Lazarus Group are not certain, their strategies have advanced rapidly over time and each successive attack has proven more devastating. The earliest attacks attributable to the Lazarus Group occurred in 2009, when they targeted US and South Korean government websites. They struck again in 2010, 2011, and 2013, hitting Korean banks, government servers, and media agencies. The North Korean cyber offensive began as simple distributed denial-of-service (DDoS) attacks, disrupting normal network functionality, but they quickly increased in sophistication. By 2013, their malware had evolved into a unique and novel blend of homegrown techniques, capable of wiping tens of thousands of computers in hightech South Korea.

It was only in 2014, when the gaze of the North Korean hackers shifted to Hollywood, that the international community truly began to acknowledge the magnitude of the threat. In 2014, Sony Pictures Entertainment intended to release The Interview, a satire assassination of the North Korean leader Kim Jong-Un. A month prior to the premiere, the Guardians of Peace (now the Lazarus Group) stole huge swathes of data, leaked sensitive documents, and destroyed 75 percent of internal servers. The Hollywood giant crumbled to their demands, cancelling all theatrical releases of the film. Most alarmingly, despite what was tantamount to an attack on...