Leading federal agencies in the U.S. have issued a joint statement, calling out the North Korean regime for its continuing cybercrimes initiatives. The country’s government, led by Kim Jong-un, has long been associated with cyber theft groups such as the Lazarus Group, and has reportedly stolen billions of dollars from different sources, including both fiat and digital currency. It has been billed as the largest cyber-attack threat in the world, and the new report is designed to show just how far the regime will go to conduct its illicit activities.
The Guidance on the North Korean Cyber Threat was released (in pdf) by the Department of State, the Department of the Treasury, the Department of Homeland Security and the Department of Justice-controlled FBI. They assert that the advisory, “highlights the cyber threat posed by North Korea – formally known as the Democratic People’s Republic of Korea (DPRK) – and provides recommended steps to mitigate the threat. In particular, Annex 1 lists U.S. government resources related to DPRK cyber threats and Annex 2 includes a link to the UN 1718 Sanctions Committee (DPRK) Panel of Experts reports.”
To facilitate its activity and line its own pockets, the DPRK regime will stop at nothing to collect ill-gotten money, according to the advisory. Extortion, cryptojacking and more are acceptable activities, as are cyberattacks on government and military networks and private and financial institutions. The regime allegedly attacked Sony Pictures, was reportedly behind an attempted billion-dollar heist of the Bangladesh Bank, and is said to have led hacks of several digital currency exchanges.
The federal departments add, “The 2019 POE (panel of experts) mid-term report notes that, in some cases, these malicious cyber activities have also extended to laundering funds through multiple jurisdictions. The 2019 POE mid-term report mentions that it was investigating dozens of suspected DPRK cyber-enabled heists and that, as of late 2019, the DPRK has attempted to steal as much as $2 billion through these illicit cyber activities. Allegations in a March 2020 Department of Justice forfeiture complaint are consistent with portions of the POE’s findings. Specifically, the forfeiture complaint alleged how North Korean cyber actors used North Korean infrastructure in furtherance of their conspiracy to hack digital currency exchanges, steal hundreds of millions of dollars in digital currency, and launder the funds.”
One of the biggest ongoing threats has been dubbed Hidden Cobra by the U.S. government. It was first identified in 2017 through a WannaCry ransomware attack that infected hundreds of thousands of computers. Those hijacked computers would only be released once payments were made using digital currency.
Attempts at stopping the regime from continuing its efforts are difficult, but combined actions of governments from around the world are helping. They’re not able to completely stop the activity, as new methods are constantly being introduced, but it is increasingly easier to determine the source of different attacks. Still, the U.S. is willing to pay rewards to those who come forward with concrete information, and has a bounty of up to $5 million in place for information that helps in its efforts.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.