North Korea using bank network attacks to evade financial sanctions

ICS Attack Framework “TRITON”

A new United Nations report said that North Korea has been using the Internet to attack banks and cryptocurrency exchanges, stealing funds and evading financial sanctions. According to a survey conducted by a panel of experts from the UN Security Council, illegal transfer of funds through hacking is an important method for North Korea to evade sanctions. Since 2016, hacking has become more complex and larger.

ICS Attack Framework “TRITON”

The report cited the case of North Korean hacker Park Jin Hyok. The United States accused Park Jin Hyok of implementing a series of major cyber attacks, including attacks against a bank in Bangladesh, which caused the bank to lose $81 million.

He is also accused of being a member of the North Korean government-sponsored hacker team Lazarus, which is involved in 2017, WannaCry 2.0 global ransomware attack, the 2016 Bank of Bangladesh theft and the 2014 Sony Pictures Entertainment Inc. cyberattack.  The UN report also mentioned two bank attacks in 2018, one in which the $10 million of the Banco de Chile was stolen and the other that the Cosmos bank ATM server in India lose $13.5 million.

The United Nations expert group said that not only traditional financial institutions are threatened by North Korean hackers, but also cryptocurrency exchanges have been attacked. From January 2017 to September 2018, there were at least five hacking attacks against Asian cryptocurrency exchanges. The incident caused a loss of $571 million. According to the report, attacks on cryptocurrency exchanges have allowed hackers to evade sanctions because cryptocurrencies are more difficult to track, can be washed many times, and are not regulated by the government.