This is a huge amount of stolen money for a country as poor as North Korea to acquire:
U.N. experts say they are investigating 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion, with the money reportedly being used to help fund its development of weapons of mass destruction. And the high volume of cyberattacks by North Korean hacking groups who report to the Reconnaissance General Bureau, North Korea’s primary foreign intelligence organization, is reportedly continuing, the panel of experts said in the executive summary of a new report to the U.N. Security Council obtained Friday by The Associated Press.
The report covering the period from July 2023 to January 2024 and reflecting contributions from unidentified U.N. member nations and other sources, was sent to the 15-member council as North Korean leader Kim Jong Un has raised tensions in the region. He is threatening to annihilate South Korea if provoked and escalating weapons demonstrations. In response, the United States, South Korea and Japan have strengthened their combined military exercises.
North Korea’s Hidden Cobra operatives have been robbing banks through cyber attacks for years. One of their biggest heists was stealing $81 million from a bank in Bangladesh and even tried to steal $1 billion from the US Federal Reserve. According to the below report the Kim regime has stepped up their cyber attacks against global financial institutions due to sanctions:
US officials said last week that Washington believes the North Korean government has stepped up cyberattacks targeting financial institutions in a desperate bid to acquire cash, as international sanctions levied against Pyongyang have squeezed its economy. Kim and Trump’s meeting in Hanoi ended abruptly without a deal, as the two sides could not agree to a detailed plan exchanging sanctions relief for North Korea to give up its nuclear weapons. Trump said in a news conference after the meeting that North Korea insisted that Washington lift all sanctions. North Korean Foreign Minister Ri Yong Ho disputed that assessment in a early morning impromptu press conference just hours after Trump spoke. He said that Pyongyang only asked the Trump administration to remove the sanctions “that hamper the economy and the livelihood of our people.” Demers, the Justice Department official, said much of the hacking is motivated by North Korea’s desire for cash. “They just need money,” Demers said. “They need hard currency. That’s a good way to get it.”
You can read more at the link, but regardless of any future lifting of sanctions, I believe the cyber crime by North Korea will continue because of the plausible deniability the Internet provides their operatives.
Watch your money folks because Kim Jong-un wants to pick your pocket.
According to President Moon the Kim regime is supposed to be trusted so why the cyber attacks?:
South Korea is considering drawing up rules of engagement in cyberspace to effectively deal with growing threats from North Korea and other unidentified players, military authorities said Sunday.
“Since 2004, discussions have been under way at the U.N. meetings to enact international laws related to cyber war,” a source told Yonhap News Agency on condition of anonymity. “We will closely watch the relevant situations and cautiously review and push for drawing up the rules of engagement.”
The envisioned rules of engagement are expected to provide a detailed guideline on how to respond to cyberattacks as soon as threats are detected. The military is also said to be developing its own cyber countermeasures, though details about what kinds of tools that can be employed have not been known.
The move comes as the number of cyberattacks against the country’s military has been on a steady rise in recent years.
According to the data, there were 3,587 hacking attempts against the defense ministry and the military from January to August this year. This compares with 1,434 cases detected during all of 2013. [Yonhap]
You can read more at the link, but it is just the North Koreans and other bad actors up to their normal tricks with little fear of repercussions.
Here is the latest on North Korea’s criminal cyber operations that is netting the Kim regime tens of millions of dollars:
North Korea’s nuclear and missile tests have stopped, but its hacking operations to gather intelligence and raise funds for the sanction-strapped government in Pyongyang may be gathering steam.
U.S. security firm FireEye raised the alarm Wednesday over a North Korean group that it says has stolen hundreds of millions of dollars by infiltrating the computer systems of banks around the world since 2014 through highly sophisticated and destructive attacks that have spanned at least 11 countries. It says the group is still operating and poses “an active global threat.”
It is part of a wider pattern of malicious state-backed cyber activity that has led the Trump administration to identify North Korea — along with Russia, Iran and China — as one of the main online threats facing the United States. Last month, the Justice Department charged a North Korean hacker said to have conspired in devastating cyberattacks, including an $81 million heist of Bangladesh’s central bank and the WannaCry virus that crippled parts of Britain’s National Health Service.
On Tuesday, the U.S. Department of Homeland Security warned of the use of malware by Hidden Cobra, the U.S. government’s byword for North Korea hackers, in fraudulent ATM cash withdrawals from banks in Asia and Africa. It said that Hidden Cobra was behind the theft of tens of millions of dollars from teller machines in the past two years. In one incident this year, cash had been simultaneously withdrawn from ATMs in 23 different countries, it said. [Stars & Stripes]
It is still business as usual for North Korea’s hackers:
North Korean hackers are suspected of carrying out cyber attacks aimed at raising profits and collecting data despite warm relations between the two Koreas, security experts here said Thursday.
According to security sources, North Korea has not desisted from attacking South Korean organizations even though Seoul and Pyongyang agreed to stop hostile acts against each other after the landmark summit held in late April.
A North Korea-based hacking group, dubbed “Hidden Cobra,” recently infected local hospitals and manufacturing firms with malicious codes, cyber security sources said. The group is also presumed to have attacked financial and media companies around the globe to collect data.
ESTsecurity Corp., a local security firm, said Wednesday a hacking group is sending out e-mails disguised as a South Korean governmental agency carrying out research on separated families of the two Koreas. The email can infect the computer with advanced persistent threat (APT) attacks. [Yonhap]
The United States concludes that North Korea was behind the WannaCry computer worm that affected more than 230,000 computers in over 150 countries earlier this year. https://t.co/CaeeFgvohg
