N. Korea’s Hackers Stole $2b To Fund Its Missile Program

Uploaded on 2019-08-14 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, FREE TO VIEW, NEWS-News Analysis, TECHNOLOGY--Hackers

The North Korean government will now be spending $2 billion on its weapons programme. Money it stole from cyber-attacks on foreign financial institutions.This comes from an unpublished United Nations Report, which was seen by Reuters on  5th August. 

The UN experts said North Korea “used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income.” They also used cyberspace to launder the stolen money, the Report said.

The confidential UN report was prepared by a team of independent experts, who submitted it to the UN Security Council North Korea sanctions committee recently.

The authors of the Report claimed to have monitored North Korea's compliance over six months and found that it had repeatedly launched sophisticated and widespread attacks to steal funds from overseas banks and cryptocurrency exchanges to support its weapons programmes. The country also used cyberspace to launder the stolen money.

According to the Report, the income generated via large-scale cyber-attacks against crypto-currency exchanges is harder to track and is subject to less government oversight than the traditional banking sector. 

North Korean threat actors were blamed for the attempted theft of $951m from Bangladesh Bank in 2016 which, was stopped because of the attackers poor spelling which was rejected 

The Report claims that many of the North Korea advanced persistent threat (APT) groups operate under the guidance of North Korea's Reconnaissance General Bureau, the top military intelligence agency of the country. Moreover, there are several secretive government entities that based in foreign countries, working under diplomatic cover to procure technology and equipment for North Korea's weapons programmes.

The Report indicated there are currently investigations into about 35  reported instances of cyber-attacks conducted by North Korean APT groups against financial institutions and cryptocurrency exchanges in about 17 countries.

North Korea has continued to boost its nuclear and missile programmes in recent months, the experts said, although it refrained from conducting Intercontinental Ballistic Missile launches or a nuclear test. In 2006, the UN Security Council imposed sanctions on North Korea to check funding for Pyongyang's missiles programmes. 

The government of Kim Jong-un and his predecessors have long been involved in international organised crime and they are now using a range of hacking gangs like Hidden Cobra and different malware.

Reuters:              Computing:

You Might Also Read:

Surge Of Attacks On Banking & Finance Using N Korean Tools:

 

« Microsoft Say The IoT Is Under Attack
Training Robots & Human Bias »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Device Authority

Device Authority

Device Authority specialises in security automation for the Internet of Things (IoT).

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

SGCyberSecurity

SGCyberSecurity

SGCyberSecurity is Singapore's No.1 Cyber Security portal. From this platform, you will be able to find useful articles, resources and connect with the security companies for your business needs.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Physec

Physec

Physec offers innovative security products and solutions for the Internet of Things ecosystem.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

IP Twins

IP Twins

IP Twins offer a wide range of services related to domain names and online brand protection.

Intracom Telecom

Intracom Telecom

Intracom Telecom is a global telecommunication systems & solutions vendor offering a complete range of professional services and solutions including Information Security.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

ReasonLabs

ReasonLabs

ReasonLabs have created a next-generation anti-virus that is enterprise grade, yet accessible to any personal device around the world.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

Intel 471

Intel 471

Intel 471 provides adversary and malware intelligence for leading intelligence, security and fraud teams.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.