The U.S. Justice Department today indicted three North Korean nationals for their alleged role in the hacking and ransomware attacks that targeted cryptocurrency exchanges, banks and the entertainment industry among others.
Jon Chang Hyok, Kim Il and Park Jin Hyok are accused of being members of the Reconnaissance General Bureau, a military intelligence agency of North Korea that engaged in criminal hacking. The North Korean military hackers are also known by several other names, including the Lazarus Group and Advanced Persistent Threat 38.
The Justice Department alleges that the three were involved in the hack of Sony Pictures Entertainment in 2014 as well as attempts from 2015 to 2019 to steal more than $1.2 billion from banks through sending fake Society for World Interbank Financial Telecommunications messages. Justice also cited a raft of other hacks: ATM cash-out schemes, the creation and distribution of the WannaCry 2.0 ransomware in 2017 and subsequent extortion of companies through 2020, the deployment of malicious cryptocurrency applications, the targeting and theft of cryptocurrency from a number of exchanges, so-called spear-phishing campaigns that targeted U.S. government employees as well as energy, aerospace and defense companies, and finally the development of Marine Chain Token, a token that went through an initial coin offering in breach of U.S. sanctions.
In addition to the indictment, Justice also unsealed a charge against Ghalen Alaumary, a Canadian resident accused of operating as a money launderer for the North Korean conspiracy.
“The ongoing targeting, compromise and cyber-enabled theft by North Korea from global victims was met with the outstanding, persistent investigative efforts of the FBI in close collaboration with U.S. and foreign partners,” Federal Bureau of Investigation Deputy Director Paul Abbate said in a statement. “By arresting facilitators, seizing funds and charging those responsible for the hacking conspiracy, the FBI continues to impose consequences and hold North Korea accountable for its/their criminal cyber activity.”
Kevin Dunne, president at application governance platform provider Greenlight Technologies Inc. told SiliconANGLE that the indictment is a reminder that bad actors always find creative ways to gain access to the systems where they reside.
“Typically, the greater the number of digital assets you have at risk, the greater the reward for bad actors, explaining why many large multi-national corporations were a prime target of these attacks,” Dunne said. “Any company with valuable digital assets at risk needs to operate with the mindset that bad actors will gain access to their systems at some point. Companies should invest in a comprehensive approach to implement zero-trust security, therefore limiting the damage hackers can cause once they gain access.”
Tim Wade, technical director for the Chief Technology Officer Team at Vectra AI Inc., noted that private-sector organizations in many industries will continue to be targeted by nation-state actors whose resources to attack may exceed their resources to defend against them.
“As such, attempting to play a symmetrical game of preventative controls against an asymmetrical adversary is a losing proposition,” ” Wade added. ” The key for modern network defenders is evolution past prevention objectives into strategic resilience objectives – where the balance tips back in the favor of the defender by focusing on cost-effectively diminishing impact through broadening detection, response and recovery capabilities.”
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.