A new report from the Russian cybersecurity firm Kaspersky has revealed that North Korea may have been responsible for hacking banks in 18 countries. The Kaspersky researchers’ findings were made public at a cybersecurity conference on St. Maarten in the Caribbean.
Cash for North Korea's nuclear program
CNN reports that the money that is stolen is most likely being used to advance North Korea’s nuclear weapon development. McClatchy DC Bureau notes that there had previously been reports of four cyber-heists launched on banks in Bangladesh, the Philippines, Vietnam and Ecuador.
Now Kaspersky researchers are saying that what has been dubbed the “lazarus” hacking operation is also being used on banks in many other countries. The countries listed included Ethiopia, Costa Rica, India, Gabon, Iraq, Indonesia, Malaysia, Kenya, Poland, Nigeria, Thailand, Uruguay and Taiwan.
According to Kaspersky, the hackers route their signal through South Korea, France and Taiwan as they attack the server of each financial institution, but all attacks can allegedly be traced back to North Korea. This was revealed by an error made by the hackers, when a connection briefly showed to be made from that country.
While the U.S. tends to be suspicious of Kaspersky’s ties to the Russian government, the company firmly denies any Kremlin influence on their business.
They are among the world’s top cybersecurity companies and provide anti-malware protection for computers in companies and homes worldwide. Kaspersky has been well known in the past for exposing many global hacking operations.
North Korea hackers linked to attacks on banks in 18 countries worldwide, report https://t.co/KV7hUQQWG8 pic.twitter.com/VRuEHukJ7M
— Voice Of People (@VOP_Today) April 5, 2017
Reportedly North Korea’s hacking activities have been known for some time.
Back in 2013, banks and broadcasters were attacked in South Korea, which that country blamed on their northern neighbor. The U.S. government also blamed North Korea for the Sony hack in 2014 and it seems both cases point to the “Lazarus” hacking techniques.
Hackers attacking the global financial system
Researchers at FireEye, Symantec and BAE Systems noted that hackers changed their direction to the global financial system in late 2015, with the first known victim being a commercial bank in Vietnam.
The most recent attacks have targeted banks in Nigeria and Gabon. Symantec said not all of the attacks were able to steal money, but that many were successful and now hackers are turning their attention to Western banks, utilizing ever more sophisticated hacking methods.
Probably the most scary aspect of the “Lazarus” attacks is that the stolen money may be used in the development of the country’s nuclear program. The Foundation for Defense of Democracies tracks illegal behavior by North Korea and Anthony Ruggiero, a senior fellow with the organization, says they need the money to research more ballistic missiles.
Banking tit for tat?
North Korea’s aggressive hacking comes at a time when United Nations sanctions have been launched to block the country from the global financial system to punish the rogue country for its nuclear program.
Sung-Yoon Lee, an expert on Korea at Tufts University says the world tends to patronize and mock North Korea, but they have recently shown the world just how capable they are when it comes to cyber-crime activities.