• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • AMERICAN DEMOCRACY
  • WORLD DEMOCRACY
  • POLITICAL ART
  • more
    • election technology
    • money politics
    • political dissidents
    • THIRD PARTY
      • third party central
      • green party
      • justice party
      • libertarian party
    • voting methods
  • DC INFO
    • author central
    • about
    • advertise with DC
    • contact
    • privacy policy

Democracy Chronicles

North Korea Said to Have Stolen a Fortune in Online Bank Heists

by DC Editors - October 4, 2018

FacebookTweetLinkedInPin

North Korea Said to Have Stolen a Fortune

VOA – ENGLISH

North Korea’s nuclear and missile tests have stopped, but its hacking operations to gather intelligence and raise funds for the sanction-strapped government in Pyongyang may be gathering steam.

U.S. security firm FireEye raised the alarm Wednesday over a North Korean group that it says has stolen hundreds of millions of dollars by infiltrating the computer systems of banks around the world since 2014 through highly sophisticated and destructive attacks that have spanned at least 11 countries. It says the group is still operating and poses “an active global threat.”

It is part of a wider pattern of malicious state-backed cyber activity that has led the Trump administration to identify North Korea — along with Russia, Iran and China — as one of the main online threats facing the United States. Last month, the Justice Department charged a North Korean hacker said to have conspired in devastating cyberattacks, including an $81 million heist of Bangladesh’s central bank and the WannaCry virus that crippled parts of Britain’s National Health Service.

DHS offers warning

On Tuesday, the U.S. Department of Homeland Security warned of the use of malware by Hidden Cobra, the U.S. government’s byword for North Korea hackers, in fraudulent ATM cash withdrawals from banks in Asia and Africa. It said that Hidden Cobra was behind the theft of tens of millions of dollars from teller machines in the past two years. In one incident this year, cash had been simultaneously withdrawn from ATMs in 23 different countries, it said.

North Korea, which prohibits access to the world wide web for virtually all of its people, has previously denied involvement in cyberattacks, and attribution for such attacks is rarely made with absolute certainty. It is typically based on technical indicators such as the Internet Protocol, or IP, addresses that identify computers and characteristics of the coding used in malware, which is the software a hacker may use to damage or disable computers.

But other cybersecurity experts tell The Associated Press that they also see continued signs that North Korea’s authoritarian government, which has a long track record of criminality to raise cash, is conducting malign activity online. That activity includes targeting of financial institutions and crypto-currency-related organizations, as well as spying on its adversaries, despite the easing of tensions between Pyongyang and Washington.

“The reality is they are starved for cash and are continuing to try and generate revenue, at least until sanctions are diminished,” said Adam Meyers, vice president of intelligence at CrowdStrike. “At the same time, they won’t abate in intelligence collection operations, as they continue to negotiate and test the international community’s resolve and test what the boundaries are.”

North Korea attacks continue

CrowdStrike says it has detected continuing North Korean cyber intrusions in the past two months, including the use of a known malware against a potentially broad set of targets in South Korea, and a new variant of malware against users of mobile devices that use a Linux-based operating system.

This activity has been taking place against the backdrop of a dramatic diplomatic shift as Kim Jong Un has opened up to the world. He has held summits with South Korean President Moon Jae-in and with President Donald Trump, who hopes to persuade Kim to relinquish the nuclear weapons that pose a potential threat to the U.S. homeland. Tensions on the divided Korean Peninsula have dropped and fears of war with the U.S. have ebbed. Trump this weekend will dispatch his top diplomat, Mike Pompeo, to Pyongyang for the fourth time this year to make progress on denuclearization.

But North Korea has yet to take concrete steps to give up its nuclear arsenal, so there’s been no let-up in sanctions that have been imposed to deprive it of fuel and revenue for its weapons programs, and to block it from bulk cash transfers and accessing to the international banking system.

FireEye says APT38, the name it gives to the hacking group dedicated to bank theft, has emerged and stepped up its operations since February 2014 as the economic vise on North Korea has tightened in response to its nuclear and missile tests. Initial operations targeted financial institutions in Southeast Asia, where North Korea had experience in money laundering, but then expanded into other regions such as Latin America and Africa, and then extended to Europe and North America.

In all, FireEye says APT38 has attempted to steal $1.1 billion, and based on the data it can confirm, has gotten away with hundreds of millions in dollars. It has used malware to insert fraudulent transactions in the Society for Worldwide Interbank Financial Telecommunication or SWIFT system that is used to transfer money between banks. Its biggest heist to date was $81 million stolen from the central bank of Bangladesh in February 2016. The funds were wired to bank accounts established with fake identities in the Philippines. After the funds were withdrawn they were suspected to have been laundered in casinos.

Cyber attacks an alternative

The Foundation for Defense of Democracies, a Washington think tank, said in a report Wednesday that North Korea’s cyber capabilities provide an alternative means for challenging its adversaries. While Kim’s hereditary regime appears to prioritize currency generation, attacks using the SWIFT system raise concerns that North Korean hackers “may become more proficient at manipulating the data and systems that undergird the global financial system,” it says.

Sandra Joyce, FireEye’s head of global intelligence, said that while APT38 is a criminal operation, it leverages the skills and technology of a state-backed espionage campaign, allowing it to infiltrate multiple banks at once and figure how to extract funds. On average, it dwells in a bank’s computer network for 155 days to learn about its systems before it tries to steal anything. And when it finally pounces, it uses aggressive malware to wreak havoc and cover its tracks.

“We see this as a consistent effort, before, during and after any diplomatic efforts by the United States and the international community,” said Joyce, describing North Korea as being “undeterred” and urging the U.S. government to provide more specific threat information to financial institutions about APT38’s modus operandi. APT stands for Advanced Persistent Threat.

Large Chile bank hacked

The Silicon Valley-based company says it is aware of continuing, suspected APT38 operations against other banks. The most recent attack it is publicly attributing to APT38 was against of Chile’s biggest commercial banks, Banco de Chile, in May this year. The bank has said a hacking operation robbed it of $10 million.

FireEye, which is staffed with a roster of former military and law-enforcement cyberexperts, conducted malware analysis for a criminal indictment by the Justice Department last month against Park Jin Hyok, the first time a hacker said to be from North Korea has faced U.S. criminal charges. He’s accused of conspiring in a number of devastating cyberattacks: the Bangladesh heist and other attempts to steal more than $1 billion from financial institutions around the world; the 2014 breach of Sony Pictures Entertainment; and the WannaCry ransomware virus that in 2017 infected computers in 150 countries.

FacebookTweetLinkedInPin

Filed Under: International Democracy Tagged With: Asia, Bangladesh, Chile, Dictatorships, Kim Jong Un, North Korea

About DC Editors

We are your source for news on the all important effort to establish and strengthen democracy across the globe. Our international team with dozens of independent authors are your gateway into the raging struggle for free and fair elections on every continent with a focus on election reform in the United States. See our Facebook Page and also follow us on Twitter @demchron.

Some highlighted Democracy Chronicles topics

Africa American Corruption American Local Elections American State Elections Asia Capitalism and Big Business Celebrity Politics China Democracy Charity Democracy Protests Democrats Dictatorships Education Election History Election Methods Election Security Election Transparency Europe Internet and Democracy Journalism and Free Speech Middle East Minority Voting Rights Money Politics New York City and State Elections Political Artwork Political Dissidents Political Lobbying Redistricting Republicans Russia Socialism and Labor Social Media and Democracy South America Spying and Privacy Supreme Court Third Party Voter Access Voter ID Voter Registration Voter Suppression Voter Turnout Voting Technology Women Voting Rights Worldwide Worldwide Corruption

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Home | ALL NEWS | WORLD | North Korea Said to Have Stolen a Fortune in Online Bank Heists

Primary Sidebar

Advertise button

A Dangerous Reprise Of American Exceptionalism In Ukraine

By Jamie Lampidis May 15, 2022

The stakes are too high to cave into Putin’s phantasmatic imperial play, and too high to believe that this war can be won by arming Ukrainians.

On The Coming End Of Roe v. Wade

By Peter J. Dellolio May 11, 2022

Anyone who says that the evolution of law has nothing to do with politics is either very corrupt or very stupid. Laws evolved through the centuries.

democracy chronicles newsletter

DC AUTHORS

Goodbye Roe v. Wade, Goodbye Rule Of Law

By Andrew Straw May 5, 2022

Congress should impeach judges who act like that because it is not good behavior, and they were asked not to act that way when they were confirmed.

PODCAST: Debating The Future Of Debates

By Jenna Spinelle May 4, 2022

We love a good debate — and have certainly had plenty of them on this show. But how effective are they in today’s media and political landscape?

What “Pro-Palestine” Student Groups Get Wrong

By David Anderson, J.D. May 3, 2022

Back then – as now – this fit into a “colonialist” narrative of European Jews oppressing Arabs – an easy, eye pleasing but intellectually lazy fit.

Examining Government As A “Necessary Evil”

By Gary Berton April 29, 2022

Thomas Paine defines government as separate from society, and indeed if society functioned perfectly there would be no need for government.

Ukrainian And Polish History: Fighting The Empires

By Maxim Sidorenko April 26, 2022

On February 24th, Russia started an unprovoked war against Ukraine. It has become one more attempt of the empire to demolish the Ukrainian state.

PODCAST: What Student Debt Says About Democratic Institutions

By Jenna Spinelle April 26, 2022

In a new book, Josh Mitchell draws alarming parallels to the housing crisis, showing the catastrophic consequences student debt has had on families.

Aging White Men Who Commit Voter Fraud Have Nothing To Fear

By Steve Schneider April 22, 2022

The sentences stand in contrast with the actions of the Governor who recently got the state legislature to create an election integrity police force.

MORE FROM OUR AUTHORS

VISIT OUR POLITICAL ART SECTION:

dc political art

DEMOCRACY CULTURE

Kenyan 'Cartooning For Peace' To Draw Africa Towards Democracy

Kenyan ‘Cartooning For Peace’ To Draw Africa Towards Democracy

May 17, 2022

Cartooning is an art that has been playing a major role in illustrating stories in different ways, from health to politics, and even sports.

Anxious Leaders Influence Their Followers' Anxiety, Even Online

Anxious Leaders Influence Their Followers’ Anxiety, Even Online

May 17, 2022

Organizational leader’s tweets can influence employee anxieties and this effect is more prominent since the rise of COVID-19, study.

North Korea Cracks Down On 'Capitalist' Pop Culture

North Korea Cracks Down On ‘Capitalist’ Pop Culture

May 6, 2022

North Korea has increased its campaign against “capitalist” style clothing, others, in broader crackdown on foreign pop culture.

DiCaprio, Ruffalo Urge Brazilians To Vote, Irking Bolsonaro

DiCaprio, Ruffalo Urge Brazilians To Vote, Irking Bolsonaro

May 6, 2022

Hollywood stars Leonardo DiCaprio and Mark Ruffalo joined other celebrities making a final push for voters in Brazil to register to vote.

Mock M&M Election Teaches Alaskans About Ranked Voting

Mock M&M Election Teaches Alaskans About Ranked Voting

April 26, 2022

There are paper cups with eight different kinds of M&M near the entrance to Amalga Distillery in Juneau for a mock ranked choice vote.

MORE CULTURE

VISIT OUR US DEMOCRACY SECTION:

American Democracy