Cybersecurity News that Matters

Cybersecurity News that Matters

South Korea ranks as the most targeted country after US and Ukraine, US cyber firm reveals

by Kuksung Nam

Aug. 29, 2023
10:28 AM GMT+9

South Korea stands as one of the countries most frequently targeted by cybercriminals, trailing only behind the United States and Ukraine, an expert at a U.S. cybersecurity company revealed on Tuesday.

Luke McNamara, a principal analyst at Mandiant, a cybersecurity firm owned by Google, revealed during a press briefing at Google’s South Korean office that South Korea ranked third on the company’s “cyber threat risk score.” Drawing from both internal and public data from last year, the U.S.-based firm evaluated the cyber threat levels in twenty-five countries, excluding China and Russia.

According to McNamara, the “cyber threat risk score” considers both the frequency and potential impact of the attacks that a given country experiences. These attacks can vary in nature, encompassing everything from cybercrime and cyberespionage to information operations and hacktivism. For instance, while a country may frequently face distributed denial of service (DDoS) attacks, these may not be as devastating as malware attacks which target the operational technology used in critical infrastructure.

“It tells you what sort of neighborhood you are in. Are you in a very dangerous neighborhood or a safe neighborhood?” said McNamara. “But it does not say anything about the quality of the locks on your door or how secure your organization is.”

The expert attributes South Korea’s elevated risk status primarily to hacking groups operating under the auspices of the North Korean government. “I believe most of it was state-based espionage. A lot of it was driven by the North Korean threat,” McNamara explained to The Readable.

In addition, the principal analyst shed light on a North Korean hacking group’s engagement with cutting-edge artificial intelligence technologies. According to the expert, the group, commonly known as Kimsuky, has displayed a keen interest in large language models. However, he noted that the firm is still investigating the group’s intended purpose and application for these technologies.

“North Korean threat actors are always very creative, and they are always looking for new ways to exploit the target,” said McNamara to The Readable. “Threat actors across all different types of motivations will often focus on the simplest way to do something. This is always something to keep in mind when we think about new technologies.”

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
Author:
Stay Ahead with The Readable's Cybersecurity Insights