North Korea and Iran – cyber power BFFs?

UPDATE (28 MAY 2015): New report (and here), from a distinctly biased Iranian opposition group with a mixed record of reporting on events inside Iran, says a North Korean Defense Ministry team visited Iran the last week of April to share information on nuclear warhead and ballistic missile development. The technology sharing, if true, would be a repeat of previous violations of UN sanctions prohibiting the countries from exchanging ballistic missile technology.

UPDATE (22 FEB 2015): New story from longtime Korea-watcher Donald Kirk on how Iran’s ties to North Korea may hamper any DC-Tehran nuclear deal.

NK-IRAN-US

UPDATE (18 DEC): The U.S. has reportedly concluded that North Korea was responsible for the cyber attack on Sony. The report goes on to mention an Iranian – North Korean connection, based on similar techniques used in the Sony attack and previous attacks in South Korea and Saudi Arabia. No word yet on a decision regarding response measures, if any.

Since the signing of a 2012 pact on IT research cooperation between Iran and North Korea, there have been a series of reports on cyber activities and attacks conducted by the two nations. This year alone we have a cyber attack on the Sands Casino in Las Vegas (widely attributed to Iran), an attack on Sony that’s still making headlines (widely attributed to North Korea), and a report last week from a leading cyber security firm highlighting Iranian advances in cyber capabilities likely developed in conjunction with North Korea.

Prior to Sony (if indeed that attack was carried out by the North), Pyongyang had been blamed for a series of attacks on South Korean banking, media, and other websites. In one attack, targeting Nonghyup, the agricultural bank, 30 million customers spent days locked out of their accounts.

In 2012, Iran was blamed for a series of attacks targeting U.S. banks and financial institutions. While damage was limited, the banks involved did eventually turn to the NSA for help. Much of the reporting on Iran has highlighted Iranian attention to the cyber domain in the wake of the successful/disastrous (depending on your point of view) Stuxnet attack on Iran’s nuclear program. This attack awakened the regime to both the dangers and opportunities of the cyber domain, and Iran has been rapidly working to expand its capabilities ever since – including the 2012 agreement with North Korea mentioned above.

Continue reading North Korea and Iran – cyber power BFFs?