Increased Cyber Threats From North Korea

Uploaded on 2020-04-23 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Hackers

The US is warning its Banks and othet Financial institutions that they could soon be attacked by a fresh wave of North Korean state-sponsored hackers.

In the past the US has blamed North Korea for the November 2014 cyber attack on Sony Pictures and has accused Pyongyang-linked actors of being behind campaigns to steal tens of millions of dollars from banks and automated teller machines. It has also accused them of developing the WannaCry ransomware that infected computers in more than 150 countries.

More recently, a UN report found North Korean hackers had generated $2 billion to offset money lost because of sanctions for its nuclear program. Now the Departments of Homeland Security (DHS), State, Treasury and FBI have recently published a Report about an increase in cyber threats from North Korea.

The agencies warned that North Korea poses a “significant threat” to the global financial system, with hackers targeting these institutions to fund Pyongyang's weapons of mass destruction and ballistic missile programs to get around sanctions from the United Nations and the United States. The agencies say that North Korea is increasingly able to generate revenue despite UN Security Council sanctions by using malicious cyber activities to steal from financial institutions through increasingly sophisticated tools and tactics”. North Korea  steals from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity in cyberspace.

North Korea has repeatedly engaged in cyber-enabled theft and money laundering, and as of late 2019 attempted to steal around $2 billion through these activities, according to the agencies.  

Hackers are also alleged to have engaged in extortion campaigns through accessing networks and threatening to shut them down if they are not paid a ransom. In order to counter North Korean cybersecurity threats, the US agencies recommended that countries raise awareness of the threat with the public, enhance the cyber security of critical infrastructure such as financial institutions, notify law enforcement of any attacks and promote international cooperation on this issue.

"In order to support international efforts to disrupt North Korea’s illicit activities, the State Department’s Rewards for Justice (RFJ) program offers rewards of up to $5 million for information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, sanctions evasion, cyber-crime, and WMD proliferation," says a dedicated page on the Rewards for Justice portal.

“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote.  

North Korea has long been considered one of the most dangerous countries in cyberspace alongside Russia, China and Iran. 
The US has taken steps against North Korea for its malicious cyber activities in the past. The Treasury Department sanctioned three cyber-criminal groups with ties to the North Korean government last year for targeting critical infrastructure. 
Multiple governments alleged one of the groups carried out the WannaCry 2.0 ransomware attack, which encrypted or locked down over 300,000 computer systems worldwide, seriously impacting about 8 percent of the United Kingdom’s general medical practices. 

According to the US Dept.of Homeand Security (DHS) North Korea's cyber actors new tactics include cyber-enabled financial theft and money laundering, extortion campaigns, and crypto-jacking.

The 2019 Worldwide Threat Assessment compiled by former US Director of National Intelligence Daniel Coats concluded that North Korea posed “a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber-attacks.”

US CERT:       The Hill:        Bleeping Computer:       Dark Reading:       VOA Cambodia

You Might Also Read:

US Sanctions Against N. Korean Hacking Groups:

 


 

 

« How Coronavirus Helps Hackers Get Rich
Google Reports 18m Coronavirus Scam Emails Every Day »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

Skybox Security

Skybox Security

Skybox combines firewall and network device data with vulnerability and threat intelligence, putting security decisions in your unique network context.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

Open Systems

Open Systems

Open Systems is a Secure Access Service Edge (SASE) pioneer delivering a complete solution to network and security.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Dashlane

Dashlane

Dashlane puts all your passwords, payments, and personal info in one place that only you control. So you can use them instantly. Securely. Exactly when you need them.

McCrary Institute - Auburn University

McCrary Institute - Auburn University

The McCrary Institute seeks practical solutions to real-world problems in the areas of cyber and critical infrastructure security.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.

Hexagate

Hexagate

Hexagate is at the forefront of blockchain threat prevention and automated risk management, proactively detecting and mitigating threats to smart contracts and onchain assets.