Navigation
Download the AMN app for your mobile device today - FREE!

North Korea continues cyberattacks despite US-NK summit talks, report says

North Korean dictator Kim Jong Un enjoys a cigarette. (driver Photographer/Flickr)
June 01, 2018
160 Shares

Suspected North Korean-linked hackers have been targeting financial institutions in attempts to steal money for the country as it faces a number of United Nations sanctions that have crippled its economic resources, a cybersecurity firm said.

The attacks come amid ongoing talks between the U.S. and North Korea to possibly bring the much-anticipated summit between President Trump and Kim Jong Un back on the table.

“We’ve seen a suspected North Korean threat actor continue offensive operations against financial institutions,” Charles Carmakal, vice president for Mandiant Consulting, told The Hill, adding that the hackers have been targeting banking institutions in Latin America and Asia.

While North Korea continues to conduct cyberattacks, the summit between Kim and Trump Trump is left up in the air, despite renewed pushes to have the summit after Trump cancelled it last month.

Carmakal said cybersecurity firm FireEye has observed recent attacks on a number of organizations using the SWIFT system and other forms of banking technology.

ADVERTISEMENT

“They continue to engage in offensive operations,” Carmakal said. “They’re one of the wildcards for us.”

The U.S. and other nations have blamed North Korea for the last WannaCry ransomware attack that infected hundreds of thousands of computers across the world, and greatly affected Britain’s National Health Service.

North Korea was also blamed for the 2014 hack of Sony Pictures which was made in response to the movie “The Interview.”

An alert from the FBI and the Department of Homeland Security also noted North Korea’s cyber operations, dubbed “Hidden Cobra.”

“Hidden Cobra” has been targeting the media, aerospace, financial sectors and other infrastructure across the globe,” Reuters reported.

The alert mentioned two pieces of malware: a remote access tool known as Joanap and a server message block worm known as Brambul.

“FBI has high confidence that Hidden Cobra actors are using IP (internet protocol) addresses to maintain a presence on victims’ networks and enable network exploitation,” the alert said.

ADVERTISEMENT
160 Shares