WASHINGTON/TORONTO • The US government has issued a rare alert squarely blaming the North Korean government for a raft of cyber attacks stretching back to 2009, and warning that more were likely.
The joint warning on Tuesday from the Department of Homeland Security and the Federal Bureau of Investigation said "cyber actors of the North Korean government", referred to in the report as "Hidden Cobra", had targeted the media, aerospace and financial sectors, as well as critical infrastructure, in the United States and globally.
The new level of detail about the US government's analysis of suspected North Korean hacking activity coincides with increasing tensions between Washington and Pyongyang because of North Korea's missile tests. The alert warned that North Korea would continue to rely on cyber operations to advance its military and strategic objectives.
North Korea has routinely denied involvement in cyber attacks against other countries.
Tuesday's alert also said Hidden Cobra has been previously referred to by private sector experts as Lazarus Group and Guardians of the Peace, which have been linked to attacks such as the 2014 intrusion into Sony Pictures Entertainment.
Symantec and Kaspersky Lab both said last month it was "highly likely" that Lazarus was behind the WannaCry ransom ware attack that infected more than 300,000 computers worldwide, disrupting operations at hospitals, banks and schools.
The alert did not identify specific Hidden Cobra victims. It said the group had compromised a range of victims and that some of its intrusions had resulted in thefts of data while others were disruptive.
The group's capabilities include denial of service attacks, which send reams of junk traffic to a server to knock it offline, keystroke logging, remote access tools and several variants of malware, the alert said.