Government officials rarely attribute cyber attacks to other countries, but the U.S. made an exception on Valentine's Day, when multiple agencies publicly accused North Korea of conducting several malware campaigns against Western targets.
The accusations were revealed in several Malware Analysis Reports filed by the Department of Homeland Security, FBI and Department of Defense on February 14 as well as a tweet from the official U.S. Cyber Command Malware Alert account.
The agencies blamed North Korea--or, as it's been nicknamed by the U.S. government, HIDDEN COBRA--for the following malware campaigns:
CyberScoop reported that this was one of the first times U.S. agencies have publicly attributed malware campaigns to nation-state actors. It doesn't seem like it will be the last time, though, as a U.S. Cyber Command spokesperson told CyberScoop:
"FBI, through the National Cyber Investigative Joint Task Force, attributed these malware samples to DPRK after rigorous assessment. Associating the FBI's attribution of malware to a nation-state is situation-dependent, based on timing."
The U.S. Cyber Command Malware Alert account on Twitter was a bit more cavalier about the attribution of these malware campaigns to North Korea. A follow-up tweet about the campaigns included an image of candy hearts reading "DPRK Malware."
There's no denying that blaming North Korea for these campaigns is a serious matter; accusing other countries of misbehaving always is. But we think the silly codenames and Valentine's Day meme show that the U.S. is having a bit of fun, too.