United Nations Investigating N Korean Cyber Attacks

Uploaded on 2019-08-16 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, TECHNOLOGY--Hackers

The United Nations is now investigating 30 North Korean cyber-attacks against 17 different countries. North Koreans the UN says is using cyber-attacks to raise money for weapons of mass destruction programmes. Now the UN is calling for sanctions against ships providing petrol and diesel on route to N. Korea.

Recently, The Associated Press quoted a report from the cyber security specialist firm FireEye which said that North Korea stole as much as US $2.77 billion using cyber-attacks on banks and finance organisations. 

The Report suggest that S. Korea was the hit hardest by ten attacks, India had three, Bangladesh and Chile were hit by three attacks and another 13 countries were hit at least once Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam.

The Report says there are three main ways that North Korean hackers operate:

  • Attacks through the Society for Worldwide Interbank Financial Telecommunication or Swift system used to transfer money between banks, "with bank employee computers and infrastructure accessed to send fraudulent messages and destroy evidence".
  • Theft of crypto-currency "through attacks on both exchanges and users".
  • "Mining" of crypto-currency as a source of funds for a professional branch of the military".
  • The FireEye experts say that these increasingly sophisticated attacks "is low risk and high yield", often requiring just a laptop computer and access to the Internet.

The report to the UN Security Council provides details on some of the North Korean cyber-attacks as well as the country's successful efforts to evade sanctions on coal exports in addition to imports of refined petroleum products and luxury items including Mercedes-Benz S-600 cars.

One Mercedes Maybach S-Class limousine and other S-600s, as well as a Toyota Land Cruiser, were transferred from North Korea to Vietnam for last February's summit between North Korean leader Kim Jong Un and US President Donald Trump. 
The panel recommended sanctions against six North Korean vessels for evading sanctions and illegally carrying out ship-to-ship transfers of refined petroleum products. 

Under UN sanctions, North Korea is limited to importing 500,000 barrels of such products annually including petrol and diesel. The United States and 25 other countries said North Korea exceeded the limit in the first four months of this year.

The panel also recommended sanctions against the captain, owner and parent company of the North Korean-flagged Wise Honest, which was detained by Indonesia in April last year with an illegal shipment of coal.

The experts said North Korean cyber actors have been targeting crypto-currency exchanges in South Korea, some repeatedly.

Straits Times

You Might Also Read: 

Surge Of Attacks On Banking & Finance Using N Korean Tools:


 

« Webinar: How to Build a Threat Detection Strategy in AWS
Airlines Think Biometrics Will Improve Passengers' Experience »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

CyberArk Software

CyberArk Software

CyberArk is an established leader in privileged access management and offers the most complete set of Identity Security capabilities.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

EG-CERT

EG-CERT

EG-CERT is the national Computer Emergency Response Team for Egypt.

SecurityHQ

SecurityHQ

SecurityHQ (formerly known as Si Consult) is a Global Managed Security Service Provider (MSSP) that monitors networks 24/7, to ensure complete visibility and protection against your cyber threats.

e360

e360

e360 (formerly Entisys360) is an award-winning IT consultancy specializing in advanced IT infrastructure, virtualization, security, automation and cloud first solutions.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

Cloudsec Asia

Cloudsec Asia

Cloudsec Asia is Thailand's top-ranked cybersecurity consultant company. We offers security services to ensure that all your IT assets are reliable, accessible, and secure.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

Beround

Beround

Beround is an IT consultancy firm specialized in software testing.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.