Increased Cyber Threats From North Korea

The US is warning its Banks and othet Financial institutions that they could soon be attacked by a fresh wave of North Korean state-sponsored hackers.

In the past the US has blamed North Korea for the November 2014 cyber attack on Sony Pictures and has accused Pyongyang-linked actors of being behind campaigns to steal tens of millions of dollars from banks and automated teller machines. It has also accused them of developing the WannaCry ransomware that infected computers in more than 150 countries.

More recently, a UN report found North Korean hackers had generated $2 billion to offset money lost because of sanctions for its nuclear program. Now the Departments of Homeland Security (DHS), State, Treasury and FBI have recently published a Report about an increase in cyber threats from North Korea.

The agencies warned that North Korea poses a “significant threat” to the global financial system, with hackers targeting these institutions to fund Pyongyang's weapons of mass destruction and ballistic missile programs to get around sanctions from the United Nations and the United States. The agencies say that North Korea is increasingly able to generate revenue despite UN Security Council sanctions by using malicious cyber activities to steal from financial institutions through increasingly sophisticated tools and tactics”. North Korea  steals from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity in cyberspace.

North Korea has repeatedly engaged in cyber-enabled theft and money laundering, and as of late 2019 attempted to steal around $2 billion through these activities, according to the agencies.  

Hackers are also alleged to have engaged in extortion campaigns through accessing networks and threatening to shut them down if they are not paid a ransom. In order to counter North Korean cybersecurity threats, the US agencies recommended that countries raise awareness of the threat with the public, enhance the cyber security of critical infrastructure such as financial institutions, notify law enforcement of any attacks and promote international cooperation on this issue.

"In order to support international efforts to disrupt North Korea’s illicit activities, the State Department’s Rewards for Justice (RFJ) program offers rewards of up to $5 million for information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, sanctions evasion, cyber-crime, and WMD proliferation," says a dedicated page on the Rewards for Justice portal.

“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote.  

North Korea has long been considered one of the most dangerous countries in cyberspace alongside Russia, China and Iran. 
The US has taken steps against North Korea for its malicious cyber activities in the past. The Treasury Department sanctioned three cyber-criminal groups with ties to the North Korean government last year for targeting critical infrastructure. 
Multiple governments alleged one of the groups carried out the WannaCry 2.0 ransomware attack, which encrypted or locked down over 300,000 computer systems worldwide, seriously impacting about 8 percent of the United Kingdom’s general medical practices. 

According to the US Dept.of Homeand Security (DHS) North Korea's cyber actors new tactics include cyber-enabled financial theft and money laundering, extortion campaigns, and crypto-jacking.

The 2019 Worldwide Threat Assessment compiled by former US Director of National Intelligence Daniel Coats concluded that North Korea posed “a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber-attacks.”

US CERT:       The Hill:        Bleeping Computer:       Dark Reading:       VOA Cambodia

You Might Also Read:

US Sanctions Against N. Korean Hacking Groups:

 


 

 

« How Coronavirus Helps Hackers Get Rich
Google Reports 18m Coronavirus Scam Emails Every Day »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

Authorize.Net

Authorize.Net

Authorize.Net is a Payment Gateway which provides the complex infrastructure and security necessary to ensure fast, reliable and secure transactions.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

ecsec

ecsec

ecsec is a specialized vendor of security solutions including information security management, smart card technology, identity management, cloud computing and electronic signature technology.

Mend.io

Mend.io

Mend.io (formerly known as WhiteSource) is an application security company built to secure today’s digital world.

e-End

e-End

e-End provides hard drive shredding, degaussing and data destruction solutions validated by the highest electronic certifcations to keep you compliant with GLB, SOX, FACTA, FISMA, HIPAA, COPPA, ITAR.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

CYOSS

CYOSS

CYOSS, an ESG Group company, is a specialist in Cyber Security and Data Analytics. We focus on the opportunities of a networked world and make security risks manageable.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

Cyberfort Group

Cyberfort Group

Cyberfort exists to provide our clients with the peace-of-mind about the security of their data and the compliance of their business.

International College For Security Studies (ICSS)

International College For Security Studies (ICSS)

ICSS India offers technical education to students, clients and partners in IT Industry by our well qualified, certified and experienced trainers.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.