The FBI joined the departments of Homeland Security, State and Treasury in issuing a joint advisory on Wednesday (April 15) about increased cyber threats from North Korea.
The agencies said North Korea — formally known as the Democratic People’s Republic of Korea (DPRK) — “threaten the United States and countries around the world and, in particular, pose a significant threat to the integrity and stability of the international financial system.”
Cybercrime generated funds for North Korea’s “weapons of mass destruction and ballistic missile programs,” to bypass U.S. and United Nations sanctions, the agencies wrote in the alert.
“It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the agencies wrote.
An August 2019 U.N. report said that roughly $2 billion was generated by North Korea for its weapons of mass destruction programs using “widespread and increasingly sophisticated” hacking efforts.
The advisory also points out that North Korean cyber thieves have been paid to hack websites for third-party clients.
“Though we knew that these operators were involved in freelancing and other commercial activity such as software development we had no evidence that they were carrying out intrusions and attacks on behalf of anyone other than the North Korean regime,” John Hultquist, senior director of intelligence analysis at FireEye, told SecurityWeek.
Microsoft initiated a lawsuit in December 2019 against a mysterious North Korean hacking group called Thallium for allegedly stealing sensitive information. The suit targets two unnamed people who Microsoft claims work for Thallium were engaged in a cybertheft operation that targeted high-value computer networks.
The hacking reportedly targeted groups and networks that contained information on nuclear proliferation and human rights.