U.S. Issues Advisory on Threat from North Korea Cyber Attacks

Published by Matt Fishman on

The United States has issued an advisory on the growing threat from North Korean cyber attacks. The advisory highlights North Korea’s use of cyber activities “to steal from financial institutions” “to generate revenue for its weapons of mass destruction and ballistic missile programs”.

The U.S. alleges that “as of late 2019, the [Democratic People’s Republic of Korea] DPRK has attempted to steal as much as $2 billion through these illicit cyber activities”. In 2016, North Korea state-sponsored cyber actors “allegedly stole $81 million from the Bangladesh Bank”. Then in 2018, DPRK cyber attackers “hacked into a digital currency exchange and stole nearly $250 million worth of digital currency.”

Similarly, North Korea has developed a “ransomware” which “infected hundreds of thousands of computers in hospitals, schools, businesses, and homes in over 150 countries.” The ransomware hacks into an infected computer’s data after which the “cyber actors… demand ransom payments in the Bitcoin digital currency”.

They have also “employed a fraudulent ATM cash withdrawal scheme… to steal tens of millions of dollars from ATMs”.

To combat this cyber threat, the United States is imposing sanctions on anyone engaged in activities undermining cybersecurity on behalf of North Korea. In addition to sanctions, the U.S. will punish those guilty with up to 20 years of imprisonment, fines of up to $1 million, and forfeiture of all funds involved in such transactions.