Yesterday, the U.S. Departments of State, Treasury, Homeland Security, and FBI released a joint report offering guidance on the emerging North Korean (previously known as DPRK) cyber threat, and highlighting the malicious activities of state-funded hacking groups that have managed to steal an estimate of $2 billion from the financial sector.
The U.S. government is now offering a $5 million reward “for information leading to the identification of any individual who, at the direction of or under control of the North Korean government, aids or abets a violation of the Computer Fraud and Abuse Act”, by engaging in malicious cyber activity including:
• unauthorized access into public and private sector systems and networks with the intent to steal information
• Spreading malware or ransomware
• Extortion or blackmailing attempts
The advisory also provides mitigation steps for governments, industries and individuals to counter cyber-attacks, and endorses the idea of continuous international cooperation in order to raise awareness, strengthen network defenses and ultimately block any malicious attempts from DRPK bad actors.
“In particular, the United States is deeply concerned about North Korea’s malicious cyber activities, which the U.S. government refers to as HIDDEN COBRA. The DPRK has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure”, according to the advisory.
The joint report underlines how DPRK state-sponsored cyber criminals who delve in espionage, cyber-theft and digital currency exchanges manage to disrupt local economy by deploying a range of sophisticated malware tools allowing them to enact their attacks.
The most common tactics used in their illegal schemes include financial theft and money laundering, extortion campaigns and cryptojacking.
An additional part of the report shifts its focus on notorious cyberattacks that attributed to North Korean malicious parties such as:
• The 2014 attack on Sony Pictures deployed in retaliation for the blockbuster movie “The Interview”. Cyber criminals managed to infiltrate the network of the Hollywood studio stealing confidential information and damaging its systems.
• The 2016 attack on Bangladesh Bank where cyber criminals allegedly stole $81 million through illegal transactions on the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network.
• The infamous 2017 WannaCry 2.0 ransomware attack that managed to infect systems of hospitals, schools, businesses, and homes in over 150 countries.
• The 2018 attack on cryptocurrency exchanges where almost $250 million worth in digital currency was stolen.