US says North Korea is behind cyberattacks dating back to 2009

The DHS and FBI are pinning several high-profile hacks on a North Korean group called Hidden Cobra, previously known as Lazarus Group.

Zoey Chong Reporter
Zoey is CNET's Asia News Reporter based in Singapore. She prefers variety to monotony and owns an Android mobile device, a Windows PC and Apple's MacBook Pro all at the same time. Outside of the office, she can be found binging on Korean variety shows, if not chilling out with a book at a café recommended by a friend.
Zoey Chong
2 min read

US says North Korea is behind a spree of cyberattacks since 2009 and more are expected to come.

James Martin/CNET

North Korea is responsible for cyberattacks dating back to 2009, and more are planned, according to the US government. 

The US Department of Homeland Security and the FBI on Tuesday issued a joint statement in which they said the perpetrators of the attacks are "cyber actors of the North Korean government" who target computers running older, unpatched versions of Microsoft Windows. They also use vulnerabilities in Adobe Flash (which Adobe said it patched last June) to gain access to specific computers, the alert said. 

The DHS and FBI referred to the activities as Hidden Cobra, saying those responsible had previously been referred to as Lazarus Group and Keepers of the Peace. Some cybersecurity experts have pinned the recent WannaCry ransomware attacks on Lazarus Group, and in 2014 the FBI said Keepers of the Peace were behind the infamous Sony hacks. 

These were big-time hacks, with the WannaCry malware, which locked users out of their computers, hitting more than 300,000 PCs in more than 150 countries in a matter of days. The hack into Sony Pictures was significant enough for then-President Barack Obama to weigh in, saying the attack "caused a lot of damage." 

The DHS and FBI didn't specify any particular hacks made by the North Korean group. They did say, though, that Hidden Cobra perpetrators are capable of introducing malware, keystroke logging, using remote access tools and employing denial-of-service attacks.

Cybersecurity is a top concern for the US government. In May, President Trump signed an executive order urging greater action to improve government cyberdefense, including getting rid of "antiquated systems" and moving to the cloud.

Update, 1:11 p.m. AEST:  Added note that Adobe has patched the vulnerabilities in Flash. 

Technically Incorrect: Bringing you a fresh and irreverent take on tech.

Special Reports: CNET's in-depth features in one place.