Increased Cyber Threats From North Korea

The US is warning its Banks and othet Financial institutions that they could soon be attacked by a fresh wave of North Korean state-sponsored hackers.

In the past the US has blamed North Korea for the November 2014 cyber attack on Sony Pictures and has accused Pyongyang-linked actors of being behind campaigns to steal tens of millions of dollars from banks and automated teller machines. It has also accused them of developing the WannaCry ransomware that infected computers in more than 150 countries.

More recently, a UN report found North Korean hackers had generated $2 billion to offset money lost because of sanctions for its nuclear program. Now the Departments of Homeland Security (DHS), State, Treasury and FBI have recently published a Report about an increase in cyber threats from North Korea.

The agencies warned that North Korea poses a “significant threat” to the global financial system, with hackers targeting these institutions to fund Pyongyang's weapons of mass destruction and ballistic missile programs to get around sanctions from the United Nations and the United States. The agencies say that North Korea is increasingly able to generate revenue despite UN Security Council sanctions by using malicious cyber activities to steal from financial institutions through increasingly sophisticated tools and tactics”. North Korea  steals from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity in cyberspace.

North Korea has repeatedly engaged in cyber-enabled theft and money laundering, and as of late 2019 attempted to steal around $2 billion through these activities, according to the agencies.  

Hackers are also alleged to have engaged in extortion campaigns through accessing networks and threatening to shut them down if they are not paid a ransom. In order to counter North Korean cybersecurity threats, the US agencies recommended that countries raise awareness of the threat with the public, enhance the cyber security of critical infrastructure such as financial institutions, notify law enforcement of any attacks and promote international cooperation on this issue.

"In order to support international efforts to disrupt North Korea’s illicit activities, the State Department’s Rewards for Justice (RFJ) program offers rewards of up to $5 million for information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, sanctions evasion, cyber-crime, and WMD proliferation," says a dedicated page on the Rewards for Justice portal.

“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote.  

North Korea has long been considered one of the most dangerous countries in cyberspace alongside Russia, China and Iran. 
The US has taken steps against North Korea for its malicious cyber activities in the past. The Treasury Department sanctioned three cyber-criminal groups with ties to the North Korean government last year for targeting critical infrastructure. 
Multiple governments alleged one of the groups carried out the WannaCry 2.0 ransomware attack, which encrypted or locked down over 300,000 computer systems worldwide, seriously impacting about 8 percent of the United Kingdom’s general medical practices. 

According to the US Dept.of Homeand Security (DHS) North Korea's cyber actors new tactics include cyber-enabled financial theft and money laundering, extortion campaigns, and crypto-jacking.

The 2019 Worldwide Threat Assessment compiled by former US Director of National Intelligence Daniel Coats concluded that North Korea posed “a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber-attacks.”

US CERT:       The Hill:        Bleeping Computer:       Dark Reading:       VOA Cambodia

You Might Also Read:

US Sanctions Against N. Korean Hacking Groups:

 


 

 

« How Coronavirus Helps Hackers Get Rich
Google Reports 18m Coronavirus Scam Emails Every Day »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

DCIT

DCIT

DCIT is a specialist in providing comprehensive consulting and auditing services in the field of information technology, PROVYS development software and security system AuditSquare.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

ExpressVPN

ExpressVPN

ExpressVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

MONITORAPP

MONITORAPP

MONITORAPP is responsible for complete web security. Protect your business environment with Application Security Solutions from MONTORAPP.

Intrinium

Intrinium

Intrinium is an Information Technology and Security Solutions company, providing comprehensive consulting and managed services to businesses of all sizes.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

TopSOC Information Security

TopSOC Information Security

TopSOC Information Security provide a wide range of security consultation, implementation and training services.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

APCERT

APCERT

APCERT cooperates with CERTs and CSIRTs to ensure internet security in the Asia Pacific region, based around genuine information sharing, trust and cooperation.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.