UN Investigating 35 North Korean Military-Funding Cyberattacks
13 August, 2019, 23:00
A United Nations (UN) report has disclosed how the intergovernmental organization is investigating at least 35 cyberattacks led by North Korea, South China Morning Post reports.
North Korea reportedly generated an estimated two billion dollars using widespread and sophisticated cyberattacks to steal from banks and cryptocurrency exchanges.
The more detailed report was viewed by the AP, mentioned that neighboring countries of South Korea were significantly attacked, suffered from 10 North Korean attacks, India suffered from 3 cyberattacks followed by Bangladesh with 2 cyberattacks and Chile with 2 attacks.
Thirteen countries suffered one attack - Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam, it said.
North Korea may have confirmed the worst fears of cryptocurrency regulators by hacking crypto exchanges and financial institutions in at least 17 countries to fund its nuclear program. Another known method is by crypto mining activities for funding professional military branches.
The panel also said it obtained information that the Taesong Department Store in Pyongyang, which reopened in April and is selling luxury goods, is part of the Taesong Group which includes two entities under United Nations sanctions and was previously linked to procurement for North Korea's ballistic missile programs.
It also discovered North Korea's successful evasion of sanctions on coal exports, imports of refined petroleum products and luxury items.
At the time, the report claimed that North Korea was using the ill-gotten funds to develop several risky weapons, strengthening the country's arsenal. And they said they are also waiting for a response from Uganda "to multiple inquires" about reports indicating specialized training is being conducted in the country, and KOMID and North Korean workers maintain a presence. This method involves the use of malware secretly installed on a computer, using the computer to mine digital assets without the knowledge of the owner.
An instance was cited in the report where over 5,000 separate transactions were sent to different destinations before eventual conversion, making it hard to track these funds. The first two attacks (in 2017) each resulted in losses of around $7 million, while the second two attacks (in June 2018 and March 2019) leading to the loss of $31 million and $20 million, respectively.
The investigation also revealed that cryptojacking was used on several occasions to mine cryptocurrencies on the sly. It identified one instance where malware was used to mine Monero and send the mined tokens to servers at Kim Il Sung University in Pyongyang.