N. Korea’s Hackers Stole $2b To Fund Its Missile Program

The North Korean government will now be spending $2 billion on its weapons programme. Money it stole from cyber-attacks on foreign financial institutions.This comes from an unpublished United Nations Report, which was seen by Reuters on  5th August. 

The UN experts said North Korea “used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income.” They also used cyberspace to launder the stolen money, the Report said.

The confidential UN report was prepared by a team of independent experts, who submitted it to the UN Security Council North Korea sanctions committee recently.

The authors of the Report claimed to have monitored North Korea's compliance over six months and found that it had repeatedly launched sophisticated and widespread attacks to steal funds from overseas banks and cryptocurrency exchanges to support its weapons programmes. The country also used cyberspace to launder the stolen money.

According to the Report, the income generated via large-scale cyber-attacks against crypto-currency exchanges is harder to track and is subject to less government oversight than the traditional banking sector. 

North Korean threat actors were blamed for the attempted theft of $951m from Bangladesh Bank in 2016 which, was stopped because of the attackers poor spelling which was rejected 

The Report claims that many of the North Korea advanced persistent threat (APT) groups operate under the guidance of North Korea's Reconnaissance General Bureau, the top military intelligence agency of the country. Moreover, there are several secretive government entities that based in foreign countries, working under diplomatic cover to procure technology and equipment for North Korea's weapons programmes.

The Report indicated there are currently investigations into about 35  reported instances of cyber-attacks conducted by North Korean APT groups against financial institutions and cryptocurrency exchanges in about 17 countries.

North Korea has continued to boost its nuclear and missile programmes in recent months, the experts said, although it refrained from conducting Intercontinental Ballistic Missile launches or a nuclear test. In 2006, the UN Security Council imposed sanctions on North Korea to check funding for Pyongyang's missiles programmes. 

The government of Kim Jong-un and his predecessors have long been involved in international organised crime and they are now using a range of hacking gangs like Hidden Cobra and different malware.

Reuters:              Computing:

You Might Also Read:

Surge Of Attacks On Banking & Finance Using N Korean Tools:

 

« Microsoft Say The IoT Is Under Attack
Training Robots & Human Bias »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Gulf Computer Services Co (GCSC)

Gulf Computer Services Co (GCSC)

Gulf Computer Services is a major player in the field of networking & Communication solutions for emerging industries such as Internet Services and Information Technology in Saudi Arabia.

CMMI Institute

CMMI Institute

CMMI Institute enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, data management and cybersecurity.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.