After years of silence, the United Nations (UN) has decided to take action and will launch an investigation on the alleged cyberattacks operated by the North Korean government in the last few years across at least 17 countries around the world.
Reports of the investigation by the United Nations have revealed that it is related to the highly sophisticated attacks to different financial institutions and crypto exchanges around the world which were commissioned by the NoKor government in order to gather money to fund its ambitious nuclear projects.
A report that was analyzed by the Associated Press, the North Korean government was able to collect at least $2 billion from their increasingly sophisticated cyber activities. The report revealed that many of these cyberattacks were operating under the direction of the Reconnaissance General Bureau — the General Bureau is North Korea’s military intelligence agency. The attacks, as the UN says, are “low risk and high yield” and would definitely require more than a laptop and internet access, are violations of different UN sanctions imposed by the organization against North Korea.
With more than ten recorded attacks related to North Korean cyber activities, South Korea, NoKor’s most active state enemy, is the most attacked country, the report reveals. India was the victim of three attacks, with Bangladesh and Chile the victim of two each. Meanwhile, Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia, and Vietnam suffered one attack each.
The report said that the cyberattacks are carried out with one of three different ways. The first technique utilized by NoKor hackers is through the SWIFT system used to transfer money between banks.
Secondly, the hackers were directly attacking through exchanges and users to steal cryptocurrency. Furthermore, the report said that attacks are also made by “cryptojacking” computers by infecting them with malware to use its resources to generate cryptocurrency.
In the report, an unnamed country has seen an attack where malicious actors have infiltrated ATMs and installed the malware in order to modify and control how monetary transactions inside the machine. Furthermore, South Korea’s cryptocurrency exchange, Bithumb, has been targeted at least four times.
Two attacks were carried out in 2017 against SoKor’s Bithumb crypto exchange that has resulted in a monetary loss of at least $7 million in each instance. Two further attacks were made against the company on June 2018 and March 2019, leading to the loss of $31 million and $20 million respectively.
In order to illustrate how sophisticated the attacks are, the report has revealed that one attack has exploited a central bank and has coursed through money to different countries with more than 5,000 transactions in one weekend.
The report is most likely referring to the highly-publicized attack against the Central Bank of Bangladesh. The report reveals that stolen funds were “transferred through at least 5,000 separate transactions and further routed to multiple countries before eventual conversion” to a currency that a government has declared legal money, therefore making it extremely difficult to track the funds.
The attack was extremely coordinated, and investigation on the incident revealed that planning for the attack itself took the hackers years to do – including opening fraudulent bank accounts in different developing countries across Asia, including the Philippines. The attack was made during the time that no employee is reporting in the Central Bank of Bangladesh and that the printer that supposedly records all transactions going to and fro the bank has been malfunctioning.
Out of the incidents, more than 35,000 transactions equating to around $1 billion were made by the hackers, but the New York bank in charge of processing the transactions have flagged 30,000 of them. The stolen funds were sent to different countries in Asia where the hackers were able to withdraw them and laundered the money in casinos. Investigation reveals that the suspects were able to flee the countries to Macau, the financial gateway of the highly secretive North Korea to the world.
While North Korea has been blamed for these attacks, the evidence against their involvement has been very weak, but now that the United Nations is stepping up to investigate North Korea, the organization will look into the attacks as North Korea’s attempts to bypass and violate UN sanctions.