The United States government is willing to pay up to $ 5 million to obtain information on North Korea’s hackers and their ongoing operations.
The award was announced today in a PDF report released by the State, Treasury, Homeland Security and the Federal Bureau of Investigation.
The report contains a summary of recent North Korean cyber operations and is based on a report by the United Nations Security Council. The latter, published last year, details the country’s tactics of using hackers to raise funds for the Pyongyang regime as a new way to circumvent international sanctions.
The tactics observed include:
- attacks and thefts from banks and other financial entities;
- attacks and thefts on cryptocurrency exchange exchanges;
- cryptojacking: North Korean hackers are compromising servers around the world to extract cryptocurrency;
- different types of extortion campaigns, such as:
- compromising an entity’s network, and threatening to render it inoperative if the victim does not pay a ransom;
- get paid to hack websites on behalf of third-party clients and then extort targets;
- make victims pay with “long-term paid consultations” to prevent future attacks.
Finance in sight
US officials say many of these attacks have targeted the financial sector, from which North Korean hackers stole more than $ 2 billion, which has been laundered by the country. They add that these hackings now constitute “a significant threat to the integrity and stability of the international financial system”.
Report warns financial entities and businesses in other industrial sectors to strengthen protections against North Korean hacker groups and refers to US government resources related to DPRK’s cyber threats, so companies can investigate and take steps to secure their IT infrastructure against North Korea’s known malware and hacking tactics.
The U.S. government has also issued a harsh warning to companies that may work with North Korean entities and which, directly or indirectly, may assist North Korean hackers to launder stolen funds. Consequences include sanctions and seizure of funds and assets, officials say.
North Korean groups already in the sights of the United States
Today’s report on North Korean cyber operations is the United States’ latest initiative against the very active hacker groups of the Pyongyang regime.
In September 2019, the U.S. Treasury imposed sanctions on three North Korean hacking groups: Lazarus, Andariel and Bluenoroff.
In November 2019, the United States Department of Justice accused a member of the Ethereum project of having given a conference in North Korea on cryptocurrencies and how they could be used to avoid sanctions.
In March 2020, the United States Department of Justice charged two Chinese nationals with money laundering from two hacks carried out by the Lazarus group.
North Korea uses hackers to raise funds
The US government said last year that North Korea was using hackers to raise funds to finance its nuclear weapons and missile programs.
In addition, the report of the American government is published the day after the fire by North Korea of a “barrage of cruise missiles” which struck close to the South Korean coasts.
Government officials now hope the report will help businesses improve security and awareness, and reduce profits from Pyongyang’s hacking and, indirectly, the country’s arms program: “It is vital to the international community , network advocates and the public to remain vigilant and work together to mitigate the cyber threat posed by North Korea. ”