The Justice Department has just charged three North Korean hackers with massive ambitions.
The hackers were targeting multiple industries, including the worlds of entertainment, banking, and cryptocurrency. This is just the latest of a slew of high-profile attacks, or attempts of attacks, in the past year.
Three North Korean Hackers Are Charged
In a campaign believed to have started as early as 2009, North Korean hackers tried to steal more than $1.3 billion from banks and cryptocurrency holders around the world. They also tried to attack the entertainment industry giants such as Sony Pictures.
According to the indictment, hackers Jon Chang Hyok, Kim Il, and Park Jin Hyok were North Korea’s military intelligence agency members. The indictment stated they acted on behalf of the “DPRK (Democratic People’s Republic of Korea) government and its leader, Kim Jong Un.”
Assistant Attorney General John Demers made the following statement:
North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading 21st century nation-state bank robbers.
The Justice Department said that Park had already been charged in 2018 for attacking Sony. That attack was apparently in response to the movie “The Interview,” starring Seth Rogen and James Franco. In the movie, the actors traveled to North Korea to assassinate Kim Jong Un.
AMC theatres, which was set to feature “The Interview” before the Sony hack, was also targeted. Mammoth Screen joined those two firms. The UK-based television production company produced “The Opposite Number,” a fictional series about a British nuclear scientist taken prisoner by the DPRK.
They also targeted banks around the world in places like Africa, Bangladesh, Vietnam, Taiwan, Malta, and Mexico. In 2018, they were believed to have stolen $6.1 million from BankIslami Pakistan Limited.
What Were Their Tactics?
According to the indictment, these hackers utilized spear phishing techniques. That’s when a cybercriminal targets specific people or organizations with phishing emails to get them to download malware or share passwords.
They even created their own cryptocurrency software that, once downloaded, would be updated with “malicious code.”
Once they gained access to a computer system, it was open season.
Check out this video on malware:
The hackers would “attempt to move laterally within a computer network” and try to acquire sensitive and confidential information. Sometimes they were financially motivated, and sometimes they just wanted revenge.
At times, they would deploy ransomware to seek payment. Other times they would make computers inoperable or try to destroy entire computer systems.
International Hacking Is on the Rise
This is just the latest of a string of major cyberattacks in recent years. Experts are still trying to calculate the fallout of the massive SunBurst attacks from late last year. Russian intelligence is believed to be behind those security breaches.
In combination with these attacks that appear to be backed by the North Korean government, it’s clear that a new era of cyber warfare has begun. In fact, North Korea was recently suspected of having hacked into Pfizer to steal Covid-19 vaccine data.
It’s no wonder that U.S. President Joe Biden is looking to dedicate $9 billion to increase the nation’s cybersecurity.
The three North Korean hackers were charged with one count of conspiracy to commit computer fraud and abuse, which could land them up to five years in prison. They were also charged with one count of conspiracy to commit wire fraud and bank fraud, which has them facing a maximum sentence of 30 years in prison.
Ghaleb Alaumary of Ontario, Canada, was also charged for his role in laundering the stolen money.
Featured image by BeeBright from Shutterstock.