A group of US agencies have issued an advisory detailing the ways North Korea has sought to use cybercrime and cyber attacks to earn money and disrupt financial systems.
These methods include:
- cyber-related theft and money laundering
- fraud and extortion
- infecting computers to mine digital currency (known as crypto jacking)
The advisory also lists a number of cyber incidents which the US government attributes to North Korea, including stealing personal data from Sony Pictures and the infamous “WannaCry” ransomware.
The US urges governments and private actors to share information related to the North Korean cyber threat and notify law enforcement immediately about issues. Critically, the advisory also urges entities to implement cyber security best practices, pointing to the Department of Energy’s Cybersecurity Capability Maturity Model and the National Institute of Standard and Technology’s Cybersecurity Framework for further guidance.
The advisory draws clear links between anti-money laundering and sanctions controls as means to mitigate risks posed by North Korea, and underscores the US regulators’ commitment to investigate and enforce against breaches.
Under the pressure of robust U.S. and UN sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs.