N. Korea’s Hackers Stole $2b To Fund Its Missile Program

The North Korean government will now be spending $2 billion on its weapons programme. Money it stole from cyber-attacks on foreign financial institutions.This comes from an unpublished United Nations Report, which was seen by Reuters on  5th August. 

The UN experts said North Korea “used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income.” They also used cyberspace to launder the stolen money, the Report said.

The confidential UN report was prepared by a team of independent experts, who submitted it to the UN Security Council North Korea sanctions committee recently.

The authors of the Report claimed to have monitored North Korea's compliance over six months and found that it had repeatedly launched sophisticated and widespread attacks to steal funds from overseas banks and cryptocurrency exchanges to support its weapons programmes. The country also used cyberspace to launder the stolen money.

According to the Report, the income generated via large-scale cyber-attacks against crypto-currency exchanges is harder to track and is subject to less government oversight than the traditional banking sector. 

North Korean threat actors were blamed for the attempted theft of $951m from Bangladesh Bank in 2016 which, was stopped because of the attackers poor spelling which was rejected 

The Report claims that many of the North Korea advanced persistent threat (APT) groups operate under the guidance of North Korea's Reconnaissance General Bureau, the top military intelligence agency of the country. Moreover, there are several secretive government entities that based in foreign countries, working under diplomatic cover to procure technology and equipment for North Korea's weapons programmes.

The Report indicated there are currently investigations into about 35  reported instances of cyber-attacks conducted by North Korean APT groups against financial institutions and cryptocurrency exchanges in about 17 countries.

North Korea has continued to boost its nuclear and missile programmes in recent months, the experts said, although it refrained from conducting Intercontinental Ballistic Missile launches or a nuclear test. In 2006, the UN Security Council imposed sanctions on North Korea to check funding for Pyongyang's missiles programmes. 

The government of Kim Jong-un and his predecessors have long been involved in international organised crime and they are now using a range of hacking gangs like Hidden Cobra and different malware.

Reuters:              Computing:

You Might Also Read:

Surge Of Attacks On Banking & Finance Using N Korean Tools:

 

« Microsoft Say The IoT Is Under Attack
Training Robots & Human Bias »

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 4,000+ specialist service providers.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Go Cyber

Go Cyber

Go Cyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

WEBINAR: How to prioritize security controls for situational awareness in AWS

WEBINAR: How to prioritize security controls for situational awareness in AWS

Thursday 12 March 2020: Join AWS Marketplace and Sounil Yu to discover ways to strengthen your foundational controls and enhance your security posture in AWS.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NQA Certification

NQA Certification

NQA provides certification to a range of ISO standards including ISO 27001 for information security management.

CFC Underwriting

CFC Underwriting

CFC is the largest independent specialty MGA in the UK. Services offered nclude Cyber Risk insurance.

Scantist

Scantist

Scantist is a cyber-security spin-off from Nanyang Technological Universiy (Singapore) which leverages its expertise to provide vulnerability management solutions to enterprise clients.

Naoris

Naoris

Naoris is the world’s first holistic blockchain-based cybersecurity ecosystem, bringing a game-changing solution to address 35 years of industry similar practice.

e.Kraal Innovation Hub

e.Kraal Innovation Hub

e.Kraal is a Cybersecurity Innovation Hub whose mission is to secure the future of Cybersecurity in Kenya by accelerating innovation and creativity in the cyberspace ecosystem.