Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

Yu Kyung Kim; Jemin Justin Lee; Myong Hyun Go; Kyungho Lee

doi:10.1109/ICTC49870.2020.9289506

Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

Yu Kyung Kim, Jemin Justin Lee, Myong Hyun Go, Kyungho Lee

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Citations (Scopus)

Abstract

During the Cold War era, countries with asymmetrical relationships often demonstrated how lower-tier nation states required the alliance and support from top-tier nation states. This statement no longer stands true as country such as North Korea has exploited global financial institutions through various malware such as WANNACRY V0, V1, V2, evtsys.exe, and BRAMBUL WORM. Top tier nation states such as the U.S. are unable to use diplomatic clout or to retaliate against the deferrer. Our study examined the affidavit filed against the North Korean hacker, Park Jin Hyok, which was provided by the FBI. Our paper focuses on the operations and campaigns that were carried out by the Lazarus Group by focusing on the key factors of the infrastructure and artifacts. Due to the nature of the cyber deterrence, deterrence in the cyber realm is far complex than the nuclear deterrence. We focused on the Sony Picture Entertainment's incident for our study. In this study, we discuss how cyber deterrence can be employed when different nation states share an asymmetrical relationship. Furthermore, we focus on contestability and attribution that is a key factor that makes cyber deterrence difficult.

Original language	English
Title of host publication	ICTC 2020 - 11th International Conference on ICT Convergence
Subtitle of host publication	Data, Network, and AI in the Age of Untact
Publisher	IEEE Computer Society
Pages	695-700
Number of pages	6
ISBN (Electronic)	9781728167589
DOIs	https://doi.org/10.1109/ICTC49870.2020.9289506
Publication status	Published - 2020 Oct 21
Event	11th International Conference on Information and Communication Technology Convergence, ICTC 2020 - Jeju Island, Korea, Republic of Duration: 2020 Oct 21 → 2020 Oct 23

Publication series

Name	International Conference on ICT Convergence
Volume	2020-October
ISSN (Print)	2162-1233
ISSN (Electronic)	2162-1241

Conference

Conference	11th International Conference on Information and Communication Technology Convergence, ICTC 2020
Country/Territory	Korea, Republic of
City	Jeju Island
Period	20/10/21 → 20/10/23

Bibliographical note

Funding Information:
This work was supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED).

Publisher Copyright:
© 2020 IEEE.

Keywords

ATTCK
Attribution
Contestability
Cyber Deterrence
International Affairs

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications

Access to Document

10.1109/ICTC49870.2020.9289506

Cite this

Kim, Y. K., Lee, J. J., Go, M. H., & Lee, K. (2020). Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups. In ICTC 2020 - 11th International Conference on ICT Convergence: Data, Network, and AI in the Age of Untact (pp. 695-700). Article 9289506 (International Conference on ICT Convergence; Vol. 2020-October). IEEE Computer Society. https://doi.org/10.1109/ICTC49870.2020.9289506

Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups. / Kim, Yu Kyung; Lee, Jemin Justin; Go, Myong Hyun et al.
ICTC 2020 - 11th International Conference on ICT Convergence: Data, Network, and AI in the Age of Untact. IEEE Computer Society, 2020. p. 695-700 9289506 (International Conference on ICT Convergence; Vol. 2020-October).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, YK, Lee, JJ, Go, MH & Lee, K 2020, Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups. in ICTC 2020 - 11th International Conference on ICT Convergence: Data, Network, and AI in the Age of Untact., 9289506, International Conference on ICT Convergence, vol. 2020-October, IEEE Computer Society, pp. 695-700, 11th International Conference on Information and Communication Technology Convergence, ICTC 2020, Jeju Island, Korea, Republic of, 20/10/21. https://doi.org/10.1109/ICTC49870.2020.9289506

@inproceedings{559a6c09f8b54589a973e47bf9c3b4b3,

title = "Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups",

abstract = "During the Cold War era, countries with asymmetrical relationships often demonstrated how lower-tier nation states required the alliance and support from top-tier nation states. This statement no longer stands true as country such as North Korea has exploited global financial institutions through various malware such as WANNACRY V0, V1, V2, evtsys.exe, and BRAMBUL WORM. Top tier nation states such as the U.S. are unable to use diplomatic clout or to retaliate against the deferrer. Our study examined the affidavit filed against the North Korean hacker, Park Jin Hyok, which was provided by the FBI. Our paper focuses on the operations and campaigns that were carried out by the Lazarus Group by focusing on the key factors of the infrastructure and artifacts. Due to the nature of the cyber deterrence, deterrence in the cyber realm is far complex than the nuclear deterrence. We focused on the Sony Picture Entertainment's incident for our study. In this study, we discuss how cyber deterrence can be employed when different nation states share an asymmetrical relationship. Furthermore, we focus on contestability and attribution that is a key factor that makes cyber deterrence difficult.",

keywords = "ATTCK, Attribution, Contestability, Cyber Deterrence, International Affairs",

author = "Kim, {Yu Kyung} and Lee, {Jemin Justin} and Go, {Myong Hyun} and Kyungho Lee",

note = "Funding Information: This work was supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED). Publisher Copyright: {\textcopyright} 2020 IEEE.; 11th International Conference on Information and Communication Technology Convergence, ICTC 2020 ; Conference date: 21-10-2020 Through 23-10-2020",

year = "2020",

month = oct,

day = "21",

doi = "10.1109/ICTC49870.2020.9289506",

language = "English",

series = "International Conference on ICT Convergence",

publisher = "IEEE Computer Society",

pages = "695--700",

booktitle = "ICTC 2020 - 11th International Conference on ICT Convergence",

}

TY - GEN

T1 - Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

AU - Kim, Yu Kyung

AU - Lee, Jemin Justin

AU - Go, Myong Hyun

AU - Lee, Kyungho

PY - 2020/10/21

Y1 - 2020/10/21

N2 - During the Cold War era, countries with asymmetrical relationships often demonstrated how lower-tier nation states required the alliance and support from top-tier nation states. This statement no longer stands true as country such as North Korea has exploited global financial institutions through various malware such as WANNACRY V0, V1, V2, evtsys.exe, and BRAMBUL WORM. Top tier nation states such as the U.S. are unable to use diplomatic clout or to retaliate against the deferrer. Our study examined the affidavit filed against the North Korean hacker, Park Jin Hyok, which was provided by the FBI. Our paper focuses on the operations and campaigns that were carried out by the Lazarus Group by focusing on the key factors of the infrastructure and artifacts. Due to the nature of the cyber deterrence, deterrence in the cyber realm is far complex than the nuclear deterrence. We focused on the Sony Picture Entertainment's incident for our study. In this study, we discuss how cyber deterrence can be employed when different nation states share an asymmetrical relationship. Furthermore, we focus on contestability and attribution that is a key factor that makes cyber deterrence difficult.

AB - During the Cold War era, countries with asymmetrical relationships often demonstrated how lower-tier nation states required the alliance and support from top-tier nation states. This statement no longer stands true as country such as North Korea has exploited global financial institutions through various malware such as WANNACRY V0, V1, V2, evtsys.exe, and BRAMBUL WORM. Top tier nation states such as the U.S. are unable to use diplomatic clout or to retaliate against the deferrer. Our study examined the affidavit filed against the North Korean hacker, Park Jin Hyok, which was provided by the FBI. Our paper focuses on the operations and campaigns that were carried out by the Lazarus Group by focusing on the key factors of the infrastructure and artifacts. Due to the nature of the cyber deterrence, deterrence in the cyber realm is far complex than the nuclear deterrence. We focused on the Sony Picture Entertainment's incident for our study. In this study, we discuss how cyber deterrence can be employed when different nation states share an asymmetrical relationship. Furthermore, we focus on contestability and attribution that is a key factor that makes cyber deterrence difficult.

KW - ATTCK

KW - Attribution

KW - Contestability

KW - Cyber Deterrence

KW - International Affairs

UR - http://www.scopus.com/inward/record.url?scp=85098942060&partnerID=8YFLogxK

U2 - 10.1109/ICTC49870.2020.9289506

DO - 10.1109/ICTC49870.2020.9289506

M3 - Conference contribution

AN - SCOPUS:85098942060

T3 - International Conference on ICT Convergence

SP - 695

EP - 700

BT - ICTC 2020 - 11th International Conference on ICT Convergence

PB - IEEE Computer Society

T2 - 11th International Conference on Information and Communication Technology Convergence, ICTC 2020

Y2 - 21 October 2020 through 23 October 2020

ER -

Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this