Washington and Seoul claim the DPRK is using stolen cryptocurrency to fund additional cyber operations
The United States and South Korea have issued a joint notice on North Korea’s alleged “malicious cyber activities,” saying hackers have targeted health providers, US defense contractors and even government agencies including the Pentagon.
Published on Thursday, the cyber security advisory outlined “recently observed tactics, techniques, and procedures” employed by North Korean hackers in ransomware attacks against the US and South Korea, alleging they are using the proceeds to finance other cyber operations.
“DPRK cyber actors have been using cryptocurrency generated through illicit cybercrime activities to procure infrastructure such as IP addresses and domains,” the security agencies said in a separate press release, noting the attacks have focused on healthcare systems and other “critical infrastructure.”
Ransomware attacks typically see hackers take control of a victim’s computer, personal data or passwords and then demand payment before handing them back – often in the form of cryptocurrency, which is more difficult to trace.
Read more
According to the advisory – compiled by the US National Security Agency, the Department of Health and Human Services, the FBI and several South Korean agencies – an “unspecified amount of revenue” gained through ransomware has been invested back into other cyber attacks, which allegedly support Pyongyang’s “national-level priorities and objectives.”
Such attacks were said to have targeted both the US and South Korean governments, including “Department of Defense Information Networks and Defense Industrial Base member networks” in the United States.
A senior US official later told CNN that President Joe Biden was briefed on the latest cyber notice, going on to claim that North Korean hackers are finding increasingly “creative” ways to make money.
Tensions on the Korean Peninsula have soared over the last year, with the DPRK conducting a record number of missile tests in 2022 amid a flurry of joint war games by the US and South Korea. While Thursday’s advisory made no mention of North Korean arms, US officials have previously alleged that proceeds from cyber attacks have been used to finance weapons development, though little evidence has been offered to support the claim.
READ MORE: South Korea unveils path to ‘normalize’ ties with Pyongyang
RT (Russia Today) is a state-owned news organization funded by the Russian government. The information provided by this news source is being included by the Libertarian Hub not as an endorsement of the Russian government, but rather because it is being actively censored by Big Tech, Western governments and the corporate press. During times of conflict it is imperative that we have access to both sides of the story so we can form our own opinions, even if both sides are spewing their own propaganda. The censorship of RT, despite likely being a propaganda outfit for the Russian government, reduces our ability to hear one side of the conflict. For that reason, the Libertarian Hub will temporarily republish the RSS feed from RT. Visit https://rt.com