U.S. Government Places a $5 Million Bounty on North Korean Hackers

The U.S. government is offering $5 million for leads about North Korea’s hackers and their ongoing cybercriminal operations.

The latest news comes hot in the heels of a joint advisory produced by the U.S. Departments of State, the U.S. Treasury, Homeland Security and the Federal Bureau of Investigation (FBI) which sought to provide guidance on the North Korean cyber threat.

Apart from spelling out the intended reward targeting North Korean hackers, the advisory also went further to prescribe mitigation mechanisms that the global community, cyber defenders, and the general public can use in cybersecurity. 

Specifically, the measures are aimed at helping various stakeholders to build defenses against state sponsored hacking groups supported by North Korea (referred to as the Democratic People’s Republic of Korea aka DPRK).

The Joint Report on the North Korean Threat

The U.S. government has acknowledged the fact that North Korean cybercriminals continue to pose significant threat to the financial health and stability of global economies.

The joint report bears a bundle of information regarding North Korea’s cyber operations that have existed in the recent past by plugging into data provided by the UN Security Council Report.

The document contains detailed information about the North Korean tactic of employing hacking groups in raising money for the country’s regime in an effort to bypass the effects of the longstanding international sanctions imposed on Pyongyang.

Importantly, the report has issued warnings to financial institutions and organizations across various economic spectra to reinforce their defenses against the North Korean cyber attackers. 

In addition, the report has documented relevant information concerning the U.S. government resources that have been placed on standby (targeting DPRK activities) so that organizations can study and build on their protections to stay shielded against North Korean malware and cyber tactics.

Also in the report, the U.S. government has cautioned companies against sympathizing with North Korean hacking machinery, including the organizations whose activities have directly or indirectly assisted North Korean hacking groups to launder dirty money. 

The document has outlined a number of punitive actions that would be levelled against companies found to act as accomplices to North Korean cybercriminal acts – including the imposition of sanctions and the seizure of assets.

DPRK Activity

A host of past cyber-enabled criminal activity and espionage campaigns suffered by digital asset exchanges and financial entities have been blamed on North Korean hacking groups which constitute hackers, cryptology experts and software developers.

The U.S. government has identified the range of malicious activities from North Korea, otherwise referred to under the moniker HIDDEN COBRA which, like mentioned before, have been used to raise funds illegally for the current North Korean regime. Specifically, the following tactics have been used:

  • Cyber-enabled financial heists and money laundering activities.
  • Crypto-jacking operations.
  • Extortion campaigns.

According to the DPRK Cyber Threat Advisory, North Korean cybercriminals have been executing extortion campaigns targeting third-country entities by attacking networks and threatening to shut down the entities’ networks until a ransom is paid.

In some cases, the cyber actors have demanded payment from victims while disguised under long-term remunerated consulting agreements that would mean that the malicious actors will forgo any plans to launch cyber-attacks in the future.

Further, it has gone on record that DPRK cybercriminals have also been used by third part actors to hack websites and extort organizations. The fact that North Korean hackers have been used in hackers-for-hire contracts is mindboggling, and exposes the fact that the Pyongyang regime has heavily invested in its cyber capability with an intention to heavily monetize it.

To conclude, while the international community hopes that the North Korean cyber threat will be dealt with as it comes, the latest joint guidance by the U.S. government may be the new sheriff in town after all.

RELATED DOCUMENTS

UN Security Council Report

HIDDEN COBRA

https://www.syxsense.com/north-korea-hack

https://www.us-cert.gov/ncas/alerts/TA17-164A

About chainsoff.

Intelligence Media Service, Monitors and Analyzes Extremists’ activities, including and not limited to: The Muslim Brotherhood, Kurdish Terrorism, Syrian Politics, Jabhet Al-Nusra, Hezbollah, Cyber Crime, and Taliban activities in Syria. Well known for her deep knowledge on Terrorism. Open Source Exploitation expert in the discovery, collection, and assessment of foreign-based publicly available information, also known as Open Source Intelligence (OSINT), HIMNT
This entry was posted in CRYPTO. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s