The U.S. authorities today jointly warned the world about the significant cyber threat that North Korean hackers pose to global banking and financial institutions.
In addition to a summary of recent cyber attacks attributed to North Korean hackers, the guide, published by the U.S. Department of State, Finance and Homeland Security and the FBI, provides comprehensive guidelines to help the international community, industry and other governments protect North Korea from illegal activities.
The United States is particularly concerned about North Korea’s malicious cyber-terrorist activities, which the US government calls HIDDEN COBRA. The DPRK is capable of carrying out destructive or disruptive activities in cyberspace that affect the U.S. critical infrastructure, according to the report.
The DPRK has also used cybernetic means to rob financial institutions and has shown a pattern of subversive and malicious cyber activity that is completely at odds with the growing international consensus on what constitutes responsible government conduct in cyberspace.
In particular, it also mentions that the U.S. government currently offers a cash reward of up to $5 million to anyone who shares information about North Korea’s illegal activities in cyberspace, including past or current hacker attacks.
In order to support international efforts to curb North Korea’s illegal activities, the Ministry of Foreign Affairs’ (RFJ) Justice Award program offers up to $5 million for information that disrupts the financial mechanisms of individuals involved in certain activities that benefit North Korea, including money laundering, sanction fraud, cybercrime and the proliferation of weapons of mass destruction, the RFJ website says.
The famous group of North Korean hackers is the Lazarus, also known as the Hidden Cobra and Keepers of the World, which has been associated with several subversive cyber attacks and high-level espionage.
The first part of the report mentions broad categories of cyber activities targeting financial institutions and generating revenue through North Korea by circumventing UN Security Council sanctions.
This list contains :
- E-business activities aimed at stealing money from financial institutions and digital currency exchange programs,
- The use of digital tools for illegal money laundering in several jurisdictions,
- Cyber-attacks to carry out blackmail campaigns against third country operators,
- The use of cryptojacking malware against victims from other countries and the misuse of their systems to extract digital currency.
According to the United States, North Korea has tried to steal up to $2 billion from this malicious cyber activity.
According to the U.S. government, North Korea wants to build a global cyber infrastructure to generate revenue for the regime’s priorities, including weapons of mass destruction programmes.
They are developing and implementing a wide range of malware tools around the world to enable this activity, and they are becoming increasingly sophisticated.
Last September, the U.S. Treasury Department also imposed sanctions on three North Korean hacker groups that had carried out several devastating cyber attacks on critical U.S. infrastructure.
The next section of the latest newsletter mentions some known cyber attacks that are publicly attributed to North Korean attackers, including cyber attacks:
The DPRK has repeatedly targeted U.S. and other governmental and military networks and networks linked to private organisations and critical infrastructure for the purpose of data stealing and destructive activities in cyberspace, according to the report.
In short, the United States believes that North Korea has developed a strong military offensive cyber capability that could be used for more devastating or destructive attacks on its critical infrastructure.