author photo
By Bruce Sussman
Mon | Jul 1, 2019 | 7:32 AM PDT

President Trump just became the first sitting U.S. President to step onto North Korean soil.

He walked a few feet across the border during a handshake session with North Korean leader Kim Jong Un. 

Both leaders smiled at the moment and news networks broadcast it live in countries around the world. But behind the scenes there was likely something else: a barrage of targeted cyberattacks in that region.

As it turns out, malware attacks follow President Trump and Kim Jong Un around the planet.

"Malware is super dynamic, it's changing all the time, but it is a reflection of human affairs," says research scientist Kenneth Geers, who has tracked sudden spikes of malware around the globe. 

One example is when Trump launched a war of words against North Korea, and another is when Kim launched missiles over Japan.

"In the case of North Korea, I dropped it (the malware spike) on a timeline and then there was one huge spike in the middle of the year, and literally, it was the day after Donald Trump was at the UN threatening to destroy North Korea," he says.

"And one of the things I found is that the single highest day for malware detection in North Korea was the very day that Donald Trump was in South Korea. Those are not coincidences."

He shared other examples during our brief interview: 

Reasons malware outbreaks follow world leaders

There could be a few reasons malware rates spike around prominent world leaders, including Trump and Kim. Perhaps it's because their visits, controversial statements, or actions shine a light on a specific place. 

Another theory Geers has is that reconnaissance plays a part in each of these malware spikes.

"My basic hypothesis in this kind of geopolitical analysis is that we’re looking at cyber espionage. When there’s a really big event like a North Korean missile launch over Japan, there’s at least a dozen intelligence services that are very interested in gathering information very quickly on what’s happening."

Geopolitical events and cybersecurity for organizations

So what are you supposed to do with this information that malware attacks skyrocket with major geopolitical events? 

"Know, for your enterprise, if there is something happening in your city or state, or an election or military tension between your country and another, there will be malware that is on the rise, I can promise you that, within your space."

This means you can give your security team a heads up to watch for malware spikes when a big event hits your corner of the world or involves your organization or industry.

"I love understanding how it works from a who and why. Malware is always written by a threat actor for a particular purpose."

And we love learning unique insights like these at SecureWorld cybersecurity conferences. See our upcoming conference  calendar.

[RELATED: Top 20 Cybersecurity Quotes You Need to Hear]

[Image credit: Kirkchai Benjarusameeros /]