North Korea Targets US Electricity Plants With Spear Phishing Emails

It is evident North Korea poses a massive threat to countries worldwide. The United States is particularly vulnerable to its machinations, although nothing disastrous has transpired just yet. According to FireEye researchers, however, North Korea has already been responsible for attacks on US electric power companies. Most of these attacks involved the use of spear phishing emails, which clearly confirms malicious intent.

North Korea Targets US Electric Power Facilities

The whole world is well aware that North Korea deploys a lot of skillful hackers these days. In fact, it is widely believed that a lot of state-sponsored hacker collectives exist in North Korea as of right now. Whether or not that is actually the case will always remain subject to substantial debate and speculation. What is rather evident, however, is that there have been spear phishing attacks by North Korea against US facilities, according to FireEye.

This information seems to confirm some people’s worst fears regarding North Korea. Given the recent spat between U.S. President Donald Trump and North Korean leader Kim Jong-un, it is evident tensions are running high right now. There are sure to be a lot of reports of shenanigans on the part of both countries for quite some time to come. Not all of this information will be completely accurate, mind you.

According to FireEye, emails were used to send fake invitations to a fundraiser as a means of targeting electricity plants in the US. Anyone who downloaded the invitation would subsequently infect their computer with a nasty piece of malware. Although it remains to be seen if any of these attempts were even remotely successful, the trend alone sets a rather disturbing precedent.

Edison Electric Institute’s Scott Aaronson stated:

“Phishing attacks are something that electric companies prepare for and deal with on a regular basis, often in coordination with security experts and industry stakeholders. In this case, the delivery of safe and reliable energy has not been affected, and there has been no operational impact to facilities or to the systems controlling the North American energy grid.”

Targeting electric utilities is not uncommon in the world of hacking these days. We have seen several such attacks against power grid installations in Eastern Europe over the past few years. Rest assured there will be even more attempts moving forward, although they may not necessarily all involve the use of malware in one way or another.

US officials are growing increasingly worried about North Korea and the threat it may pose in general. If the friction between both countries was to escalate, things would get very problematic, to say the very least. Indeed, targeting US electric companies may only be a sign of what is yet to come. Going after the financial sector is a far bigger concern, although no major developments have taken place in that regard just yet.