Security & Fraud

US Warns Of North Korean Cyber Threats To Banks


The FBI joined the departments of Homeland Security, State and Treasury in issuing a joint advisory on Wednesday (April 15) about increased cyber threats from North Korea.

The agencies said North Korea — formally known as the Democratic People’s Republic of Korea (DPRK) — “threaten the United States and countries around the world and, in particular, pose a significant threat to the integrity and stability of the international financial system.”

Cybercrime generated funds for North Korea’s “weapons of mass destruction and ballistic missile programs,” to bypass U.S. and United Nations sanctions, the agencies wrote in the alert

“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote. 

An August 2019 U.N. report said that roughly $2 billion was generated by North Korea for its weapons of mass destruction programs using “widespread and increasingly sophisticated” hacking efforts.

The U.S. has also blamed North Korea for the 2014 Sony Pictures breach, the 2016 Bangladesh Bank cyberheist, the 2017 WannaCry attack and the 2016 FASTCash campaign aimed at ATMs.

The advisory also points out that North Korean cyber thieves have been paid to hack websites for third-party clients.

“Though we knew that these operators were involved in freelancing and other commercial activity such as software development we had no evidence that they were carrying out intrusions and attacks on behalf of anyone other than the North Korean regime,” John Hultquist, senior director of intelligence analysis at FireEye, told SecurityWeek. 

Microsoft initiated a lawsuit in December 2019 against a mysterious North Korean hacking group called Thallium for allegedly stealing sensitive information. The suit targets two unnamed people who Microsoft claims work for Thallium were engaged in a cybertheft operation that targeted high-value computer networks.

The hacking reportedly targeted groups and networks that contained information on nuclear proliferation and human rights.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.