According to several reports, North Korea is steering a massive malicious campaign against the United States and other worldwide countries. In April, the Federal Bureau of Investigation (FBI), the Department of Defense, and the Cybersecurity & Infrastructure Security Agency (CISA) released three reports on malware attacks carrying out from the government of North Korea. The Treasury, the State Department, Homeland Security, and FBI led it with an advisory last month.
#NorthKorea conducting massive cyber threats against #US, other countries, reports say https://t.co/cScBtEHko6#InfoSec #Security #CyberSecurity #DataBreach #DataProtection #CyberAttack #CyberWar #Hacker #malware #Botnet #Ransomware #Spyware #Technews #rt
— Amitav Bhattacharjee (@bamitav) June 5, 2020
The chief information security officer of CI Security, Mike Hamilton, tells Fox News about the May Malware Analysis, which reports that it is basically a catalog of everything the North Korean government is caught doing. Hamilton, who also served formerly as the chief information security officer for Seattle city, adds that they are trying to summarize strategies, procedures, and techniques that everybody can watch for.
According to the April advisory of the government, one of the steering forces is the need of North Korea to fund its ballistic missile programs and weapons of mass destruction. The campaigns are deceitful because they usually appear as regular cybercrime. Hamilton further explains that North Korea is an innovator in the crime false flag business and runs ransomware blackmail groups. Previously, Microsoft also claimed that North Korea-sponsored hackers carrying out cyberattacks to steal sensitive information of companies.
South Korean also use Research and Targeting against the finance sector
Hamilton says that among other aims, the major aim of North Korea is crypto mining and financial targets. They show up as commodity, shotgun blast forms of untargeted attacks to scoop up the central processing units for crypto mining. South Korean also target the finance sector with the help of research and non-commodity malware that anti-virus vendors never faced.
According to the April advisory, North Korea-backed cyber actors include software developers, cryptologists, and hackers. The country engaged them in surveillance, digital currency changes, theft from monetary institutions, and politically motivated attacks against foreign media agencies. Just take an example, a probe into dozens of alleged North Korean cyber-enabled thefts unveiled that as of late 2019, the country tried to steal as more as $2 billion across the world.
Afterward, there are ransomware and extortion campaigns. The advisory said that in some cases, the Democratic People’s Republic of Korea cyber actors demanded payment from their victims under the semblance of long-term paid consulting measures to ensure that no such malicious activity takes place again in the future.
North Korea-state-sponsored malicious cyber activities
Here below, we will discuss the advisory cited some examples of North-Korean-state-backed malicious activities.
- Bangladesh Bank Heist: North Korea state-backed cyber actors supposedly tried to steal around $1 billion from financial institutions in different countries and supposedly stole eighty-one million dollars from the Bangladesh Bank in February 2016. The cyber actors of North Korea sent falsely authenticated messages leading the Federal Reserve Bank of New York to transfer funds out of the Federal Reserve account of the Bangladesh Bank to accounts controlled by the conspirators.
- Sony Pictures: The cyber actors of North Korea supposedly hacked into the network of Sony Pictures Entertainment in November 2014 to steal confidential information, threaten employees and SPE executives as well as damaged thousands of personal computers.
- WannaCry 2.0: North Korean state-backed cyber actors created this infamous ransomware and two previous versions of the ransomware. WannaCry 2.0 ransomware malware in May 2017 infected tens of hundreds of computers in businesses, schools, hospitals, and homes in more than 150 countries.
Hamilton says that as a country, the United States has some tools to deal with reprobate behavior like this. The naming and shaming approach of the country is effective at allowing them to know they see them, but it does not change behavior or create accountability. Therefore, South Korea will keep stealing money from other organizations and banks with little to fear.
Read Also: US formally accuse China to steal COVID-19 research via cyberattacks