Increased Cyber Threats From North Korea

The US is warning its Banks and othet Financial institutions that they could soon be attacked by a fresh wave of North Korean state-sponsored hackers.

In the past the US has blamed North Korea for the November 2014 cyber attack on Sony Pictures and has accused Pyongyang-linked actors of being behind campaigns to steal tens of millions of dollars from banks and automated teller machines. It has also accused them of developing the WannaCry ransomware that infected computers in more than 150 countries.

More recently, a UN report found North Korean hackers had generated $2 billion to offset money lost because of sanctions for its nuclear program. Now the Departments of Homeland Security (DHS), State, Treasury and FBI have recently published a Report about an increase in cyber threats from North Korea.

The agencies warned that North Korea poses a “significant threat” to the global financial system, with hackers targeting these institutions to fund Pyongyang's weapons of mass destruction and ballistic missile programs to get around sanctions from the United Nations and the United States. The agencies say that North Korea is increasingly able to generate revenue despite UN Security Council sanctions by using malicious cyber activities to steal from financial institutions through increasingly sophisticated tools and tactics”. North Korea  steals from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity in cyberspace.

North Korea has repeatedly engaged in cyber-enabled theft and money laundering, and as of late 2019 attempted to steal around $2 billion through these activities, according to the agencies.  

Hackers are also alleged to have engaged in extortion campaigns through accessing networks and threatening to shut them down if they are not paid a ransom. In order to counter North Korean cybersecurity threats, the US agencies recommended that countries raise awareness of the threat with the public, enhance the cyber security of critical infrastructure such as financial institutions, notify law enforcement of any attacks and promote international cooperation on this issue.

"In order to support international efforts to disrupt North Korea’s illicit activities, the State Department’s Rewards for Justice (RFJ) program offers rewards of up to $5 million for information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, sanctions evasion, cyber-crime, and WMD proliferation," says a dedicated page on the Rewards for Justice portal.

“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote.  

North Korea has long been considered one of the most dangerous countries in cyberspace alongside Russia, China and Iran. 
The US has taken steps against North Korea for its malicious cyber activities in the past. The Treasury Department sanctioned three cyber-criminal groups with ties to the North Korean government last year for targeting critical infrastructure. 
Multiple governments alleged one of the groups carried out the WannaCry 2.0 ransomware attack, which encrypted or locked down over 300,000 computer systems worldwide, seriously impacting about 8 percent of the United Kingdom’s general medical practices. 

According to the US Dept.of Homeand Security (DHS) North Korea's cyber actors new tactics include cyber-enabled financial theft and money laundering, extortion campaigns, and crypto-jacking.

The 2019 Worldwide Threat Assessment compiled by former US Director of National Intelligence Daniel Coats concluded that North Korea posed “a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber-attacks.”

US CERT:       The Hill:        Bleeping Computer:       Dark Reading:       VOA Cambodia

You Might Also Read:

US Sanctions Against N. Korean Hacking Groups:

 


 

 

« How Coronavirus Helps Hackers Get Rich
Google Reports 18m Coronavirus Scam Emails Every Day »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

Argo Group

Argo Group

Argo is an international underwriter of specialty insurance. Argo Cyber offers a full spectrum of coverage solutions related to professional and technology services.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

Fenix24

Fenix24

Fenix24 is an industry leader in the incident-response space. We ensure the fastest response, leading to the full restoration of critical infrastructure, data, and systems.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.

IT.ie

IT.ie

IT.ie are a comprehensive provider of Managed IT Services, Cloud Solutions, Cyber Security, and proactive IT support services.

Netcom Training

Netcom Training

Netcom Training are a dynamic and forward-thinking training provider, passionate about creating change within the IT, tech and digital industries.

Uninets

Uninets

UniNets mission is to provide IT professionals with high-quality, accessible, and relevant e-learning courses that enable them to stay ahead of the curve in their industry.

Intech Security

Intech Security

Intech Security provides expert cybersecurity services, including Cyber Essentials, to protect UK businesses from digital threats and ensure compliance.