Security

FBI & Intelligence agencies warn about North Korean hackers

A recent release from the Federal Bureau of Investigation, Department of Homeland Security, the Treasury Department, and the Department of State details the scope of the North Korean hacking threat for public consumption.

The advisory, released as a comprehensive resource on all things DPRK cyber, highlights the threats posed by malicious cyber activities and offers a few recommendations on how to mitigate this threat. Available online or in PDF, the advisory seeks to educate on and inform the public of the significant threat posed by North Korean hackers to the “broader international community[… and] the integrity and stability of the international financial system.”

While condemning North Korean cyber activities, the advisory identifies how North Korea has increasingly relied on illegal means to generate revenue for its weapons of mass destruction and ballistic missiles development programs. In light of aggressive sanctions on North Korea, the need for alternative cash streams forced a capabilities evolution that has become the cornerstone of North Korean revenue generation. Never mind the malnourished and brainwashed North Korean common man — weapons programs and adherence to the absolute power of the absolutely infallible dear leader Kim Jong Un are paramount.

You've reached your daily free article limit.

Subscribe and support our veteran writing staff to continue reading.

Get Full Ad-Free Access For Just $0.50/Week

Enjoy unlimited digital access to our Military Culture, Defense, and Foreign Policy coverage content and support a veteran owned business. Already a subscriber?

A recent release from the Federal Bureau of Investigation, Department of Homeland Security, the Treasury Department, and the Department of State details the scope of the North Korean hacking threat for public consumption.

The advisory, released as a comprehensive resource on all things DPRK cyber, highlights the threats posed by malicious cyber activities and offers a few recommendations on how to mitigate this threat. Available online or in PDF, the advisory seeks to educate on and inform the public of the significant threat posed by North Korean hackers to the “broader international community[… and] the integrity and stability of the international financial system.”

While condemning North Korean cyber activities, the advisory identifies how North Korea has increasingly relied on illegal means to generate revenue for its weapons of mass destruction and ballistic missiles development programs. In light of aggressive sanctions on North Korea, the need for alternative cash streams forced a capabilities evolution that has become the cornerstone of North Korean revenue generation. Never mind the malnourished and brainwashed North Korean common man — weapons programs and adherence to the absolute power of the absolutely infallible dear leader Kim Jong Un are paramount.

A review of the extensive and malicious cyber activities, presented in the advisory, intimates upon the reader the full extent to which North Korea seeks to conduct disruptive and destructive cyber activities. Such activities are capable of affecting U.S. critical infrastructure, financial institutions, and other organizations that fall victim to North Korea’s “harmful and irresponsible cyber activity.”

The shortlist of North Korea’s malicious cyber activities includes cyber-enabled financial theft and money laundering, extortion campaigns, cryptojacking, and others. In one allegation, for example, North Korean cybercriminals were able to hack into a digital currency exchange and steal almost $250 million in digital currency. The haul was then allegedly laundered by two Chinese nationals in an attempt to prevent asset tracing and the identification of the funds’ origins. Such acts exemplify the major financial gain to be had from malicious, illegal, and destabilizing cyber activities, and also provide some insight into North Korea’s ability to skirt sanctions and generate revenue through cybercrime.

Noting that North Korea’s malicious cyber activities directly fund the regime’s priorities, the advisory strongly urged “governments, industry, civil society, and individuals to take all relevant actions […] to protect themselves from and counter the DPRK cyber threat.” Among such actions it was recommended to:

  • Raise awareness of the DPRK cyber threat;
  • Exchange technical information;
  • Implement cybersecurity best practices;
  • Notify Law Enforcement of any activity;
  • Strengthen Anti-Money Laundering (AML) / Countering the Financing of Terrorism (CFT) / Counter-Proliferation Financing (CPF) compliance.

While a majority of these recommendations are hard to implement at the individual level, readers are still able to educate themselves on malicious North Korean (and others’) activity and deepen their understanding of the tactics and techniques used by such cybercriminals to exploit their targets.

While much of this activity may seem distant individuals that prioritize their own cybersecurity and possess a baseline understanding of common hacking techniques can at least present a harder target for criminal actors at all levels. Common digital hygiene practices, such as employing a Virtual Private Network, remaining wary of phishing attacks, and maintaining current software patches and system updates are a few examples of individual-level actions that can have exponentially beneficial effects on one’s digital security.

Thanks for listening.

About 14Charlie View All Posts

14Charlie offers 8+ years of experience in defence intelligence and special operations, where he had the privilege of leading and managing small, highly-specialised teams in complex and dynamic environments in support of national-level objectives. He enjoys long walks through the mountains to cast cursed rings into magical volcanoes, and occasionally mounting efforts to blow up moon-sized space stations in his spare time. Opinions are certainly his own. Follow him on Twitter @cstrikesback.

COMMENTS

You must become a subscriber or login to view or post comments on this article.

More from SOFREP

REAL EXPERTS.
REAL NEWS.

Join SOFREP for insider access and analysis.

TRY 14 DAYS FREE

Already a subscriber? Log In