Trouble Ahead After DPRK’s FM Visit To Tehran

By: Denise Simon | Founders Code

So, it appears there is more to the teaming up between Tehran and Pyongyang.

The Iranian President Rouhani told the North Korean Foreign Minister in a recent confab to NOT trust the United States.

Meanwhile, SecState, Mike Pompeo issued a proposal to North Korea calling for a timeline that would mandate North Korea hand over 60 to 70 percent of its nuclear warheads to a third party within six to eight months, according to the report.

North Korea has reportedly rejected a formal timeline for its denuclearization proposed by Secretary of State Mike Pompeo.

Vox reported Wednesday that Pyongyang has rejected the timeline several times over the past two months amid continued negotiations over North Korea’s nuclear program.

The timeline Pompeo proposed would mandate North Korea hand over 60 to 70 percent of its nuclear warheads to a third party within six to eight months, according to the report.

However, it is unclear how many warheads North Korean leader Kim Jong Un has, making it difficult to verify that Pyongyang has actually turned over an agreed-upon percentage.

Trump administration officials in recent weeks have expressed frustration with North Korea’s efforts to denuclearize despite President Trump hailing his June summit with Kim in Singapore as a success.

“The ultimate timeline for denuclearization will be set by Chairman Kim, at least in part,” Pompeo told Channel NewsAsia in an interview last week.

“The decision is his. He made a commitment, and we’re very hopeful that over the coming weeks and months we can make substantial progress towards that and put the North Korean people on a trajectory towards a brighter future very quickly.”

White House national security adviser John Bolton told Fox News on Tuesday that “North Korea that has not taken the steps we feel are necessary to denuclearize.”

Then we have yet another emerging hacking warning from CERT.

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

US-CERT encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-17 and the US-CERT page on HIDDEN COBRA – North Korean Malicious Cyber Activity for more information.

Not to leave out Iran’s cyber attack warnings.

Iranian hackers have laid the groundwork to carry out extensive cyber attacks against private U.S. and European companies, U.S. officials warn, according to NBC News. Although experts don’t believe any such attack is imminent, the preparations could enable denial-of-service attacks on infrastructure including electric grids and water plants, plus healthcare and technology companies across the U.S., Europe, and Middle East, say U.S. officials at the 2018 Aspen Security Forum.

A spokesperson for the Iranian mission to the United Nations, Alireza Miryousefi, told NBC News that the U.S. is more aggressive in terms of cyber attacks, and Iran’s moves are merely defensive.


As sanctions reimposed in response to its nuclear program begin to bite, Iran seems poised to follow the trail North Korea blazed in cyberspace: state-directed hacking that aims at direct theft to redress economic pain. Accenture researchers have been tracking ransomware strains, many of them requiring payment in Bitcoin or other cryptocurrencies, and they’ve concluded that they represent an incipient Iranian campaign against targets of opportunity that offer the prospect of quick financial gain. Tehran’s state-directed hackers have a reputation as being relatively less sophisticated than those run by Russia and China (and indeed those run by major Western powers, the Five Eyes and their closest friends) but they also have a reputation as determined fast-learners.

CCN: As the US gets ready to impose sanctions on Iran, hackers in that country are working on ransomware to secure bitcoin, according to cybersecurity experts interviewed by The Wall Street Journal.

Accenture PLC’s cybersecurity intelligence group has followed five Iranian built ransomware variations in the last two years. The hackers are hoping to secure payments in cryptocurrencies, according to Jim Guinn, who oversees the industrial cybersecurity business at Accenture.

Several clues link the ransomware to Iran. Samples include messages in Farsi that are connected to Iran based computers.

A recent Accenture report noted the ransomware could be driven by Iranian government supported parties, criminals, or both.

Scourge Continues

Ransomware has plagued both businesses and governments for years, having disabled payment systems at the San Francisco Municipal Transportation Agency, U.K hospitals, and cargo shipments. Government supported hackers in some instances have obtained cryptocurrency payments from victims.

One variant of ransomware that iDefense discovered has been linked to Iran’s government, according to CrowdStrike Inc., another cybersecurity firm. The software, called Tyrant, was developed to discourage Iranian citizens from downloading software designed to discourage government snooping, CrowdStrike noted.

Palo Alto Networks Inc. and Symantec Corp. issued reports last month that described a pair of data stealing operations connected to Iran.

Crypto Mining Linked To Iran

Crypto mining software, which robs computers of their processing power to mine cryptocurrencies, has also been linked to Iran.

Accenture cited crypto mining software installed on Middle Eastern customer networks equipped with digital clues to Iran.

Crypto mining software has created problems in gas and oil facilities in the Middle East, Guinn said. He estimated millions of dollars of compute cycles have been stolen in the last year.

Iran Denies Culpability

Iran has claimed it has not been involved in cyber attacks, and that it has been a hacking victim.

A cyber attack called Stuxnet initiated by the U.S. and Israel about a decade ago disabled uranium-enrichment centrifuges for Iran’s nuclear program. Iran has since focused on enhancing its own cyber capabilities, according to government officials and security researchers.

Keith Alexander, chief executive of IronNet Cybersecurity Inc. and former director of the U.S. Cyber Command and the National Security Agency said crypto mining and theft is a way for cash-strapped countries to make fast profits.

Guinn said hackers have also stolen intellectual property.


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *