Following its report naming North Korea as the brain behind several crypto cyberattacks, the UN has now begun an official investigation into the illicit activity.
The United Nations has officially begun an investigation into allegations against North Korea and its cyberattacks. The investigation is looking to get to the root of the possibility that North Korea sponsored and orchestrated at least 35 different cyberattacks, hitting about 17 countries.
Just last week, several mainstream media platforms published excerpts from a United Nations report, which suggested that North Korea successfully netted a huge sum of $2 billion from several attacks it carried out. The UN is now fully investigating this allegation.
At the time, the report claimed that North Korea was using the ill-gotten funds to develop several dangerous weapons, strengthening the country’s arsenal.
“Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programs, with total proceeds to date estimated at up to two billion US dollars,” reads the report.
The report, however, also names South Korea as the heaviest recipient of the hacks. It said that of the 35 recorded attacks, at least 10 were directed to South Korea, with India receiving three. Bangladesh and Chile were also hit twice each. Other countries including Vietnam, Nigeria, Kuwait, Liberia, South Africa, Slovenia, Costa Rica, Gambia, Guatemala, Tunisia, Malaysia and Malta, all suffered one attack each. The investigation is now seeking to treat these reported attacks as direct disregard for stipulated UN sanctions.
Attack Channels Used by North Korea
Three major channels have been noted as being used by the North Korean group of hackers.
Firstly, the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system has been repeatedly targeted by the cybercriminals. Hackers continuously target and breach computer systems belonging to employees, and then use these systems to make illegal bank transactions and send fake messages, eventually destroying evidence and leaving no trace. It was reported in one case that a strong malware attack was installed on several ATMs in different countries, which resulted in thousands of fake cash transactions happening in as many as twenty countries.
Secondly, hackers have also targeted cryptocurrency exchanges and their customers. South Korea’s Bithumb, for example, has been targeted and hacked about four times. One particular hack saw Bithumb lose about $18 million, prompting the exchange to collaborate with other exchanges to freeze the hacked funds after it was moved.
The report also mentions that one of the 2018 attacks carried out on another unidentified exchange resulted in the stolen assets being “transferred through at least 5,000 separate transactions and further routed to multiple countries before eventual conversion.”
The third method named in the report is crypto-jacking. This method involves the use of malware secretly installed on a computer, using the computer to mine digital assets without the knowledge of the owner.