North Korea has once again made headlines for its cyber-attacks, with a recent confidential United Nations (UN) report revealing that the country stole hundreds of millions of dollars worth of crypto assets in a major hack. The document, as reported by Reuters, also points to the US accusing North Korea of using cyber-attacks to fund its nuclear and missile programs.
According to the UN report, North Korea has been engaging in cyber activities to obtain information and materials for its prohibited programs, including weapons of mass destruction. Despite being banned by the UN Security Council from conducting nuclear tests and ballistic missile launches, the report suggests that North Korea was preparing for a nuclear test in the first half of 2022.
Kevin Bocek, VP of security strategy and threat intelligence at Venafi, warns that Western businesses should be on high alert due to the UN report’s mention of cyber-attacks as a key source of funding for North Korea. Venafi’s data from June indicates that proceeds from cyber-criminal activities by groups like Lazarus and APT38 are being used to evade international sanctions and support weapons programs in North Korea.
Bocek highlights the importance of code signing machine identities in North Korean nation-state attacks, citing incidents such as the 2014 Sony Hack and the $101 million heist of the Bangladesh Bank through the SWIFT banking system. He emphasizes the need for governments and businesses to collaborate and share intelligence on these attacks to address the issue effectively.
While the UN report sheds light on the alarming activities of North Korean threat actors, Bocek stresses the importance of raising awareness about machine identities in security. Without concerted efforts to combat cyber threats from North Korea, the country’s malicious activities are likely to persist and pose a significant risk to global security.
In conclusion, the latest revelations from the UN report underscore the urgent need for increased vigilance and cooperation among stakeholders to counter the growing cyber threats posed by North Korea. By addressing the issue of cyber-attacks and machine identities, businesses and governments can better protect against illicit activities that fund dangerous weapons programs.