Canada will soon host the G-20 summit in Toronto, Ontario. The G-20, short for the Group of Twenty Finance Ministers and Central Bank Governors, meets to discuss policy and issues affecting international financial stability that are larger in scope than any one member country's area of responsibility. This next summit will be the fourth since the group began holding them in 2008. South Korea is the chair country for both 2010 summits, but it will host only the November summit.
SecureWorks has actively monitored cyber attack events during all previous summits, and we will do so again. In the past, cyber activity directly linked to the event has not materialized. While some cyber attacks against G-20 member nations and stakeholders did occur during the previous summits, none were directly linked to the summit itself, and the level of activity did not exceed typical levels.
During this year's G-20 Summits, SecureWorks will be operating at a heightened level of vigilance, in part because of recent improvements to cyber offensive capabilities of groups that might see the summit as an opportunity to make a statement against the G-20 as a whole, its constituents, its host and chair countries, and the summit's agenda.
Security experts are already preparing for the November 2010 G-20 summit in Seoul, South Korea. The preparations began early in part because of assertions by the host country's government that North Korea is planning for possible cyber attacks concomitant with the fifth G-20 summit. Tension on the Korean peninsula is high following the sinking of a South Korean warship that also resulted in the death of 46 South Korean sailors. Many of the countries attending the G-20 summits attribute the disaster to a deliberate aggressive act by the North Korean military and have condemned the action. South Korea is one of three G-20 East Asia constituents along with China and Japan, and North Korea is not a G-20 member.
South Korea maintains that North Korea operates a cyber warfare unit of elite hackers who specialize in hacking into South Korean and U.S. military networks to extract classified information, and whose mission includes participating in cyber warfare offensives. Last year, government and industrial computer networks primarily in the U.S. and in South Korea suffered from massive distributed denial of service (DDoS) attacks for several days. Intelligence sources blamed North Korea, although no convincing evidence was made public that supported that claim.
SecureWorks Counter Threat UnitSM has not yet come across any chatter or other evidence indicating a credible cyber threat related to the G-20 summits in either Toronto or Seoul. However, in light of reports of increased offensive capabilities and what seems like an increased propensity to deploy them, it is nevertheless wise to be prepared.