North Korean state now uses cyber attacks to steal cash, says report

North KoreaNorth Korea’s intelligence establishment has shifted its attention from spying for political gain to spying for commercial advantage –primarily to secure funds for the cash-strapped country, according to a new report. Since the 1990s, the Democratic People’s Republic of Korea (DPRK) has used computer hacking in order to steal political and military secrets from its rivals. But there is increasing evidence that Pyongyang is now deploying armies of computer hackers in order to steal cash from foreign financial institutions and internet-based firms. This is the conclusion of a new report by the Financial Security Institute of South Korea, an agency that was set up by Seoul to safeguard the stability of the country’s financial sector.

The report, published last week, analyzed patterns of cyber attacks against South Korean state-owned and private financial institutions that took place between 2015 and 2017. It identified two separate computer hacking groups, which it named Lazarus and Andariel. According to the report, both groups’ activities, which are complementary, appear to be directed by the government of North Korea. An analysis of the groups’ targets suggests that Pyongyang has been directing its computer spies to find ways to secure hard currency for use by the government. Foreign currency has been increasingly hard to come by in North Korea in recent years, due to a host of international sanctions that were imposed on the country as a form of pressure against its nuclear weapons program.

Several cyber security experts and firms have claimed in recent months that North Korea has been behind recent cyber attacks against international banking institutions. The DPRK has also been blamed for a 2014 attack against the Hollywood studios of the Japanese multinational conglomerate Sony. Regular readers of intelNews will recall our story in March of this year about comments made on the subject of North Korea by Rick Ledgett, a 30-year veteran of the United States National Security Agency. Speaking at a public event hosted by the Aspen Institute in Washington, Ledgett expressed certainty that the government of North Korea was behind an attempt to steal nearly $1 billion from Bangladesh Bank —the state-owned central bank of Bangladesh—in 2016. Eventually the bank recovered most of the money, which were made through transactions using the SWIFT network. But the hackers managed to get away with approximately $81 million.

More recently, cyber security experts have claimed that the government of North Korea has been behind attempts to hack into automated teller machines, as well as behind efforts to steal cash from online gambling sites. In April of this year, the Russian-based cyber security firm Kaspersky Lab identified a third North Korean hacker group, which it named Bluenoroff. The Russian experts said Bluenoroff directed the majority of its attacks against foreign financial firms. There are rumors that Pyongyang was behind the wave of WannaCry ransomware attacks that infected hundreds of thousands of computers in over 150 countries in May. But no concrete evidence of North Korean complicity in the attacks has been presented.

Author: Joseph Fitsanakis | Date: 31 July 2017 | Permalink

Advertisements

We welcome informed comments and corrections. Send us yours using the form below.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s