DOCSLIB.ORG

AI As a Force Multiplier

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
AI As a Force Multiplier AI as a Force Multiplier Mohamed Helmy Regional Sales Director Middle East , Turkey and Africa ”I ROB BANKS BECAUSE THAT’S WHERE THE MONEY IS” WILLIE SUTTON (1901 – 1980) €40.000 Cost for unmitigated attack, per hour. Source: Ponemon Institute, 2017 Cost of Data Breach Study: Global Analysis, 2017 THE EVOLUTION OF ATTACKS Create Weaponize Monetize Commoditize THE SYNDICATES Yamaguchi-gumi / Yakuza (1915 - Present) TeslaTeam (2010 – Present) RedHack (1997- Present) The Business Club (2011 – Present) Bureau 121 (1998 - Present) Syrian Electronic Army (2011-Present) Fancy Bear/APT28 (Mid-2000s - Present Dyre (2014 – Present) Slavik (2005 – unknown) Equation Group (2015 – Present) Lazarus Group (2007 – Present) 414s (1982 – 1983) Reconnaissance General Bureau (2009 – Present) NCPH Group (1994-2009) ESTIMATED ANNUAL REVENUES CRIME ANNUAL REVENUES* Illicit, illegal online markets 860 billion Trade secret, IP theft 500 billion Data trading** 160 billion Crimeware, CaaS 1.6 billion (Cybercrime-as-a-Service) Ransomware 1 billion *totals are approximate **Revenues derived from trading in stolen data, such as: credit and debit card information banking log-in details, loyalty schemes and so on ***Revenues derived from extortions based on encrypting data and demanding payments Source: The Web of Profit, 2018, Dr Michael McGuire 1.500.000.000.000 Estimated annual income from cybercrime Source: The Web of Profit, 2018, Dr Michael McGuire CYLANCE AI AUGMENTS HUMAN WISDOM Learns from Billions Data Volume of Data Samples Crisis Security Real-time Continuous Management Complexity Prevention Self-Learning Budget Talent Force Multiplier Ever Present Limitations Shortage HUMAN MACHINE LEARNING CHALLENGES AUGMENTATION BUILDING A MACHINE LEARNING MODEL SPLIT DATA FOR IDENTIFY THE COLLECT DATA LABEL DATA TRAINING AND PROBLEM TESTING FEATURE MODEL MODEL PROBLEM EXTRACTION TRAINING TESTING SOLUTION ‘Eye roundness’? ‘pupil roundness’? ‘Ears hanging?’ ‘Tongue visible’? ‘Tongue width’? ‘Tongue length’? ‘Nostrils open’? ‘Nostrils size’? ‘Ears hanging’ = 0.0 ‘Ears hanging’ = 0.1 ‘Eye roundness’ = 0.5 ‘pupil roundness’ = 0.1 ‘Eye roundness’ = 0.9 ‘pupil roundness’ = 0.9 ‘Nostrils open’ = 0.2 ‘Nostrils size’ = 0.1 ‘Nostrils open’ = 1.0 ‘Nostrils size’ = 0.9 ‘Tongue visible’ = 0.8 ‘Tongue visible’ = 0.0 ‘Tongue width’ = 0.7 ‘Tongue width’ = 0.0 ‘Tongue length’ = 0.4 ‘Tongue length’ = 0.0 (0.1, 0.9, 0.9, 1.0, 0.9, 0.8, 0.7, 0.4) (0.0, 0.5, 0.1, 0.2, 0.1, 0.0, 0.0, 0.0) this dog’s feature vector this cat’s feature vector Ears hanging Eye roundness Pupil roundness Nostrils open Nostrils size Tongue visible Tongue width Dachshunds Tongue length Cats Persian Cats Dogs Visualization: Mark Borg Code sequences Strings Wavelet analysis Control structures Disassembly graphs Header structures Compilers Timezones MS Office Toolkits ... >2.7M features Malware Wannacry Good software Visualization: Mark Borg Predictive Prevention is Possible CylancePROTECT® has been able to detect and block new threats before they were first seen “in the wild” – without any updates or special configuration. Examples include: Time in Months Artificial Intelligence is learning from the past to predict and shape the future. Without Artificial Intelligence, Cyber ‘Is a Losing Strategy’ NSA Director Adm. Michael Rogers "Just as electricity transformed almost everything 100 years ago, today I actually have a hard time thinking of an industry that I don’t think AI will transform in the next several years." Prof. Andrew Ng, Stanford University Former Chief Scientist, Baidu Co-Founder of Coursera AI IN YOUR HANDS “We are a Data Science Company that does Security” *Source: Paysa Forbes AI Tech Investment Report WHY CYLANCE ? Effectiveness Simplicity Performance . 99.7% effectiveness * Replaces traditional AV . Lightweight agent . .0003% false positive rate * Increases ROI up to 250%* . 1-2% impact to CPU . Stops Malware executables Remove unnecessary layers . User systems run faster . Stops Fileless & Memory Malware Reduce help desk calls and . Extends hardware lifespan system re-imaging reducing costs . Stops Advanced Persistent Threats . Network bandwidth reduction by 98%* (APT) . Stop emergency patching . Stops Zero Day Attacks * Effectiveness Source: NSS Labs End Point Protection Report * ROI Source: Forrester Consulting Total Economic Impact Report THE €1.500.000.000 QUESTION… Can We Afford To Just Be Reactive? THANK YOU ©2019 Cylance Inc. All Rights Reserved..
Load more

Recommended publications
  • North Korean Cyber Capabilities: in Brief
    North Korean Cyber Capabilities: In Brief Emma Chanlett-Avery Specialist in Asian Affairs Liana W. Rosen Specialist in International Crime and Narcotics John W. Rollins Specialist in Terrorism and National Security Catherine A. Theohary Specialist in National Security Policy, Cyber and Information Operations August 3, 2017 Congressional Research Service 7-5700 www.crs.gov R44912 North Korean Cyber Capabilities: In Brief Overview As North Korea has accelerated its missile and nuclear programs in spite of international sanctions, Congress and the Trump Administration have elevated North Korea to a top U.S. foreign policy priority. Legislation such as the North Korea Sanctions and Policy Enhancement Act of 2016 (P.L. 114-122) and international sanctions imposed by the United Nations Security Council have focused on North Korea’s WMD and ballistic missile programs and human rights abuses. According to some experts, another threat is emerging from North Korea: an ambitious and well-resourced cyber program. North Korea’s cyberattacks have the potential not only to disrupt international commerce, but to direct resources to its clandestine weapons and delivery system programs, potentially enhancing its ability to evade international sanctions. As Congress addresses the multitude of threats emanating from North Korea, it may need to consider responses to the cyber aspect of North Korea’s repertoire. This would likely involve multiple committees, some of which operate in a classified setting. This report will provide a brief summary of what unclassified open-source reporting has revealed about the secretive program, introduce four case studies in which North Korean operators are suspected of having perpetrated malicious operations, and provide an overview of the international finance messaging service that these hackers may be exploiting.
    [Show full text]
  • An Information Security Framework for Web Services in Enterprise Networks
    AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF INFORMATICS THE MIDDLE EAST TECHNICAL UNIVERSITY BY BAHADIR GÖKHAN SARIKOZ IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN THE DEPARTMENT OF INFORMATION SYSTEM JANUARY 2015 AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS Submitted by Bahadır Gökhan Sarıkoz in partial fulfilment of the requirements for the degree of Master of Science in Information Systems, Middle East Technical University by, Prof. Dr. Nazife Baykal Director, Informatics Institute Prof. Dr. Yasemin Yardımcı Çetin Head of Department, Information Systems Assoc. Prof. Dr. Banu Günel Supervisor, Information Systems, METU Examining Committee Members: Prof. Dr. Nazife Baykal IS, METU Assoc. Prof. Dr. Banu Günel IS, METU Prof. Dr. Şeref Sağıroğlu CENG, Gazi University Assist. Prof. Dr. Pekin Erhan Eren IS, METU Dr. Buğra Karabey META, Microsoft Date: June 21, 2015 I hereby declare that all information in this document has been obtained and presented in accordance with academic rules and ethical conduct. I also declare that, as required by these rules and conduct, I have fully cited and referenced all material and results that are not original to this work. Name, Surname: Bahadır Gökhan Sarıkoz Signature: iii ABSTRACT AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS Sarıkoz, Bahadır Gökhan M.S., Department of Information Systems Keywords: Web Services, Cyber Security, Security Modeling, Security Controls, Security Measurement. Supervisor: Assoc. Prof. Dr. Banu GÜNEL January 2015, 197 pages Web Service, an open standard based on existing Internet protocols, provides a flexible solution to web application integration.
    [Show full text]
  • Bakalářská Práce 2013
    Masarykova univerzita Filozofická fakulta Ústav české literatury a knihovnictví Kabinet informa čních studií a knihovnictví Bakalá řská diplomová práce 2013 Alena Brožová Masarykova univerzita Filozofická fakulta Kabinet informa čních studií a knihovnictví Informa ční studia a knihovnictví Alena Brožová AntiSec: hacktivistická kampa ň za svobodu na internetu Bakalá řská diplomová práce Vedoucí práce: PhDr. Pavla Ková řová 2013 Prohlašuji, že jsem diplomovou práci vypracovala samostatn ě s využitím uvedených pramen ů a literatury. …………………………………………….. Podpis autora práce Zde bych cht ěla pod ěkovat vedoucí práce PhDr. Pavle Ková řové za pomoc a cenné rady v pr ůběhu tvorby bakalá řské diplomové práce. Bibliografický záznam BROŽOVÁ, Alena. AntiSec: hacktivistická kampa ň za svobodu na internetu . Brno: Masarykova univerzita, Filozofická fakulta, Ústav české literatury a knihovnictví, Kabinet informa čních studií a knihovnictví, 2013, 59 s. Vedoucí bakalá řské práce PhDr. Pavla Ková řová. Anotace Bakalá řská diplomová práce „AntiSec: hacktivistická kampa ň za svobodu na internetu“ se zabývá hackerskými útoky v rámci operace AntiSec, které byly uskute čněny pod záštitou propagace svobodného internetu, svobody informací a svobody projevu. Práce se zabývá etickou oprávn ěností provedení útok ů v souvislosti s pravidly definovaných etických teorií a kodex ů. Pro toto hodnocení jsou využity principy dimenzionální analýzy. Výsledkem práce je souhrn informací o prob ěhnuté operaci s důrazem na eti čnost provedených útok ů. Annotation Bachelor thesis „AntiSec: hacktivism campaign for freedom on the internet“ deals with hacker attacks in Operation AntiSec which were made under the auspices of promoting free internet, freedom of information and freedom of expression. The work deals with the ethical legitimacy of carrying out attacks in relation to the rules of defined ethical theories and codes.
    [Show full text]
  • Commander Cialis
    E­Paper | Today's Paper | SmartInvestor.in | B2B Connect | Apps | BS Products Sign in | Register Thursday, January 15, 2015 | 06:40 PM IST News Stock Quote Authors Advanced Search Home Markets Companies Opinion Politics Technology Specials Personal Finance Portfolio My Page Overview News Features Gadgets & Gizmos People Personal Technology Technology » Columns » Columns Emerging global cyberlaw trends in 2014 2014 was the year when dark web started emerging, primarily due to the iCloud hacking of celebrities' pictures Pavan Duggal January 5, 2015 Last Updated at 13:37 IST Add to My Page Related News Careless and online Keeping it safe Should you worry about the Gmail hack? Now, Ankit Fadia plans to pen a fiction novel Is India prepared to tackle a Sony like cyber attack? Globally, the year 2014 was a year that was dedicated to cybercrimes and hacking. In fact, cybercrime as a phenomenon loomed large and predominant on the firmament of cyberspace landscape. Looking at the predominant events that happened in 2014 across the world, one gets an intrinsic feeling that the year 2014 was a year to remind the world that cyber criminal activities and breaches of cybercrime are going to be an integral part of our day­to­day lives. Seen from another perspective, the predominant existing landscape also demonstrates an ongoing struggle between the digital haves and the digital have­nots. The worlds saw one of the biggest hacking attacks in the form of Sony hacking. In the said case, hackers reportedly infiltrated the computer network of Sony Pictures Entertainment, a major Hollywood movie studio.
    [Show full text]
  • الجريمة اإللكرتونية يف املجتمع الخليجي وكيفية مواجهتها Cybercrimes in the Gulf Society and How to Tackle Them
    مسابقة جائزة اﻷمير نايف بن عبدالعزيز للبحوث اﻷمنية لعام )2015م( الجريمة اﻹلكرتونية يف املجتمع الخليجي وكيفية مواجهتها Cybercrimes in the Gulf Society and How to Tackle Them إعـــــداد رامـــــــــــــي وحـــــــــــــيـد مـنـصــــــــــور باحـــــــث إســـتراتيجي في الشــــــئون اﻷمـــنـــية واﻻقتصـــــــــاد الســــــــياسـي -1- أ ت جملس التعاون لدول اخلليج العربية. اﻷمانة العامة 10 ج إ الجريمة اﻹلكترونية في المجتمع الخليجي وكيفية مواجهتها= cybercrimes in the Gulf:Society and how to tackle them إعداد رامي وحيد منصور ، البحرين . ـ الرياض : جملس التعاون لدول اخلليج العربية ، اﻷمانة العامة؛ 2016م. 286 ص ؛ 24 سم الرقم املوحد ملطبوعات اجمللس : 0531 / 091 / ح / ك/ 2016م. اجلرائم اﻹلكرتونية / / جرائم املعلومات / / شبكات احلواسيب / / القوانني واللوائح / / اجملتمع / مكافحة اجلرائم / / اجلرائم احلاسوبية / / دول جملس التعاون لدول اخلليج العربية. -2- قائمة املحتويات قائمة احملتويات .......................................................................................................... 3 قائمــة اﻷشــكال ........................................................................................................10 مقدمــة الباحــث ........................................................................................................15 مقدمة الدراســة .........................................................................................................21 الفصل التمهيدي )اﻹطار النظري للدراسة( موضوع الدراســة ...................................................................................................... 29 إشــكاليات الدراســة ................................................................................................
    [Show full text]
  • Geneva Information Security Day
    Geneva Information Security Day 17 September 2013 ©2011 High-Tech Bridge SA – www.htbridge.ch # whoami Frédéric BOURLA Chief Security Specialist Head of Ethical Hacking & Computer Forensics Departments High-Tech Bridge SA ~13 years experience in Information Technologies GXPN, LPT, CISSP, CCSE, CCSA, ECSA, CEH, eCPPT GREM, CHFI RHCE, RHCT, MCP [[email protected]] ©2011 High-Tech Bridge SA – www.htbridge.ch # readelf prez Slides in English. Talk in French. 3 rounds of 20’ [not including Q&A] focused on the offensive angle. No need to take notes, the whole slides and demos will be published on High-Tech Bridge website. Given the very short time and the heterogeneous attendees, slides will not dive to far in the technique. Nevertheless, I will also publish an additional low level and step by step guide for all of you who may be interested by the technical part of those hacking principles. ©2011 High-Tech Bridge SA – www.htbridge.ch # readelf prez The first two parts are server-side oriented, whereas the third one focuses on client-side attacks. If you missed previous conferences, you can learn more on server-side attacks here: https://www.htbridge.com/publications/frontal_attacks_fro m_basic_compromise_to_advanced_persistent_threat.ht ml And here are the slides which introduced client-side attacks: https://www.htbridge.com/publications/client_side_threat s_anatomy_of_reverse_trojan_attacks.html ©2011 High-Tech Bridge SA – www.htbridge.ch Table of contents 0x00 - About me 0x01 - About this conference 0x02 - Round 1: Web Servers vs. SQL Injections 0x03 - Round 2: Web Servers vs. Blind SQL Injections 0x04 - Round 3: Web Users vs. Cross-Site Scripting 0x05 - Conclusion ©2011 High-Tech Bridge SA – www.htbridge.ch SQL Injection On 5th February 2011, the security firm HBGary was compromised by LulzSec using a SQL Injection in their CMS-driven website.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Turkey Under Cyber Fire
    TURKEY UNDER CYBER FIRE The theater of cyberwar is changing and evolving by the minute. New threats, new attacks, and new actors are emerging daily, with Turkey likely being both the target and the attacker in many cyber attacks. Its young population, the nation’s increasing use of technology, and growing nationalist ideas could place Turkish hackers as one of the main actors in the global cyberwar. However, a number of factors could doom Turkey to only have several different cyber militias rather than a well organized cyber army. Attacks targeting Turkey and the region could speed up the organization of such cyber attack capabilities. Alper Başaran* Spring 2017 * Alper Başaran is the Founder of Garnizon Bilgi Guvenligi, a company specialized in penetration testing and cybersecurity consulting services working with government agencies and enterprises in Turkey. 95 VOLUME 16 NUMBER 1 ALPER BAŞARAN yber attacks have become part of our daily lives. The last great offen- sive occurred on 12 May 2017 in a global attack that compromised over a quarter million computers worldwide. A ransomware (a mali- C cious software that encrypts files on the computer it infects and asks for money to decrypt them) caused delays on German railways, almost halted the UK’s National Health Services, and stopped production in some major French fac- tories. This scenario unfolded on a global scale within a few hours.1 This ransomware was built using an exploit developed by the National Security Agency (NSA) and was leaked by Wikileaks, both of which are key actors in the current arena of cyber warfare.
    [Show full text]
  • Threatscape of the US Election
    Gage Mele Threatscape of the US Election Overview of the mainstream highlighting the importance of The cyber attacks targeting political elections is in full free, fair, transparent, and credible elections to the swing as the 115th United States midterm elections preservation of democratic societies. However, what grow closer. The exploitation of vulnerabilities and can arguably be observed as the first large-scale direct cyber attacks targeting election-related entities election meddling operation took place in 2014 are somewhat expected; however, a different form when Russian-attributed threat actors targeted the of cyber attack has the potential to have a disruptive Ukrainian Presidential election. This can be viewed as impact to the elections: disinformation campaigns. the beginning of election cyber attacks because since The use of disinformation tactics in today’s social that time, it is difficult to go through election cycles media-obsessed society is the most prominent threat around the globe, particularly presidential elections, to the democratic process. This form of attack is at without hearing or seeing the possibility of Russian a significant and troublesome level that the average and other state-sponsored or threat group activity. voter may not be fully aware of. The presence and Fast-forward to the US 2018 midterm election, and overall use of social media on a global scale allows one would be hard-pressed to avoid seeing security the sharing of information at astounding speeds, and researchers and media outlets discuss threats posed threat actors can take advantage of this data sharing to nation’s election infrastructure. A wide range to propagate false narratives and influence the of threat actors pose a risk to the elections from masses.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • North Korean Cyber Activity 03/25/2021
    North Korean Cyber Activity 03/25/2021 TLP: WHITE, ID# 202103251030 Agenda • DPRK National Interests • Timeline of Recent Activity • Overview of DPRK APT Groups • APT Threat Actor Profiles o HIDDEN COBRA o Andariel o APT37 o APT38 o TEMP.Hermit o TEMP.Firework o Kimsuky o Bureau 121 Bureau 325 o Slides Key: • Recommendations Non-Technical: Managerial, strategic and high- • Outlook level (general audience) Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT) 2 DPRK National Interests • North Korea, officially the Democratic People’s Republic of Korea (DPRK) • Supreme leader: Kim Jong-un (since 2011) • Primary strategic goal: perpetual Kim family rule via development of economy and nuclear weapons • Primary drivers of security strategy: o Deterring foreign intervention by obtaining nuclear capabilities o Eliminating perceived threats to Kim regime o Belief that North Korea is entitled to respect as a world power • “Cyberwarfare is an all-purpose sword that guarantees the North Korean People’s Armed Forces ruthless striking capability, along with nuclear weapons and missiles.” – Kim Jong-un (2013) • Reportedly has 7,000 cyber warriors • 300% increase in the volume of activity to and from North Korean networks since 2017 3 Timeline of Recent Activity Jan 2020 Feb 2021 Two distinct Aug 2020 Nov 2020 South Korean Feb 2021 clusters of USG exposed North Korean Intelligence North Korean DPRK cyber DPRK hackers claims DPRK Lazarus activity begin malware used targeted a targeted Group targeting in fake job major COVID- COVID-19
    [Show full text]
  • Digital Methods for Circumventing UN Sanctions a Case Study of the Democratic People’S Republic of Korea’S Cyber Force
    Compliance & Capacity Skills International, LLC Sanctions Practitioners 12 July 2019 Compliance Trainers Digital Methods for Circumventing UN Sanctions A Case Study of the Democratic People’s Republic of Korea’s Cyber Force By Ashley Taylor Introduction The cyber sphere is a new frontline in the implementation and circumvention of UN sanctions. Because the Internet provides a virtual space for instantaneous communication and transaction, it inherently opens cheaper and unregulated avenues for rogue actors to violate international norms. Illicit uses of digital technologies outpace the advancements of licit technologists, who generally do not prioritize international security in their business. The Democratic People’s Republic of Korea (DPRK) in particular has become increasingly adept at employing digital tools to circumvent sanctions. They have developed digital techniques to generate revenues to fund their illegal proliferation efforts, gain intelligence and technical know- how, and harm the business and reputation of their foreign adversaries, including to disrupt those that monitor the implementation of the DPRK sanctions regime adopted with UN resolution 1718 in October 2006. Kim Jong-un recently boasted that “cyber warfare, along with nuclear weapons and missiles, is an ‘all-purpose sword’ that guarantees our military’s capability to strike relentlessly."1 A North Korean military defector has reported that the cyber force is viewed as the strongest weapon in the “Secret War”2 and its members are considered part of the elite, being one of few well-paid positions. Where will they go from here? Evidence suggests that North Korean state actors and non-state proxies are increasingly making use of new anonymizing technologies like cryptocurrencies, the dark web, encryption, and advanced hard-to-detect cyberattacks.
    [Show full text]