Posted by: Robert Richardson
Solutionary posted a blog piece late last week that takes at look at incidents originating from North Korean IP addresses. A couple of key findings:
- North Korea has historically generated 34-200 touches per month against Solutionary clients… until February of 2013 when Solutionary recorded 12,473 touches – an 8445% increase over the average during the previous 12 months
- It is important to note that just over 11,000 of these touches were directed against a single financial services entity as part of a prolonged attack, but that the remaining spike of around 1,000 was spread across its client base and was still a relevant number
- North Korea has never been considered a “big player,” BUT things are beginning to change with the new regime in North Korea
- Coincidence? The last spike in “touches” occurred in November 2012 when North Korea replaced their defense minister with “a more aggressive, hard-line military commander”
- While the touches span across 13 industries, the financial sector was the top target, and has been for quite some time
The percentage increase statistic strikes me as pretty well-nigh meaningless, given that the base was tiny, a couple hundred incidents a month, but this does seem to indicate that North Korea has found a new toy.