United Nations Investigating N Korean Cyber Attacks

Uploaded on 2019-08-16 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, TECHNOLOGY--Hackers

The United Nations is now investigating 30 North Korean cyber-attacks against 17 different countries. North Koreans the UN says is using cyber-attacks to raise money for weapons of mass destruction programmes. Now the UN is calling for sanctions against ships providing petrol and diesel on route to N. Korea.

Recently, The Associated Press quoted a report from the cyber security specialist firm FireEye which said that North Korea stole as much as US $2.77 billion using cyber-attacks on banks and finance organisations. 

The Report suggest that S. Korea was the hit hardest by ten attacks, India had three, Bangladesh and Chile were hit by three attacks and another 13 countries were hit at least once Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam.

The Report says there are three main ways that North Korean hackers operate:

  • Attacks through the Society for Worldwide Interbank Financial Telecommunication or Swift system used to transfer money between banks, "with bank employee computers and infrastructure accessed to send fraudulent messages and destroy evidence".
  • Theft of crypto-currency "through attacks on both exchanges and users".
  • "Mining" of crypto-currency as a source of funds for a professional branch of the military".
  • The FireEye experts say that these increasingly sophisticated attacks "is low risk and high yield", often requiring just a laptop computer and access to the Internet.

The report to the UN Security Council provides details on some of the North Korean cyber-attacks as well as the country's successful efforts to evade sanctions on coal exports in addition to imports of refined petroleum products and luxury items including Mercedes-Benz S-600 cars.

One Mercedes Maybach S-Class limousine and other S-600s, as well as a Toyota Land Cruiser, were transferred from North Korea to Vietnam for last February's summit between North Korean leader Kim Jong Un and US President Donald Trump. 
The panel recommended sanctions against six North Korean vessels for evading sanctions and illegally carrying out ship-to-ship transfers of refined petroleum products. 

Under UN sanctions, North Korea is limited to importing 500,000 barrels of such products annually including petrol and diesel. The United States and 25 other countries said North Korea exceeded the limit in the first four months of this year.

The panel also recommended sanctions against the captain, owner and parent company of the North Korean-flagged Wise Honest, which was detained by Indonesia in April last year with an illegal shipment of coal.

The experts said North Korean cyber actors have been targeting crypto-currency exchanges in South Korea, some repeatedly.

Straits Times

You Might Also Read: 

Surge Of Attacks On Banking & Finance Using N Korean Tools:


 

« Webinar: How to Build a Threat Detection Strategy in AWS
Airlines Think Biometrics Will Improve Passengers' Experience »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.

Reveald

Reveald

Reveald is making Exposure Management a reality to solve the biggest challenges in cybersecurity with a trailblazing ‘offense to defense’ approach that gives the advantage back to the business.

Sola Security

Sola Security

Sola Security is a cyber security startup company currently in Stealth mode.