UNITED NATIONS: At least 35 instances in 17 countries of North Koreans using cyberattacks to illegally raise money for weapons of mass destruction programs — and they are calling for sanctions against ships providing gasoline and diesel to the country.
North Korea illegally acquired as much as $2 billion from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.
International reveals that neighboring South Korea was hardest-hit, the victim of 10 North Korean cyberattacks, followed by India with three attacks, and Bangladesh and Chile with two each, U.N. experts say.
Thirteen countries suffered one attack — Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam, it said.
The experts said they are investigating the reported attacks as attempted violations of U.N. sanctions, which the panel monitors.
The report cites three main ways that North Korean cyber hackers operate:
—Attacks through the Society for Worldwide Interbank Financial Telecommunication or SWIFT system used to transfer money between banks, “with bank employee computers and infrastructure accessed to send fraudulent messages and destroy evidence.”
—Theft of cryptocurrency “through attacks on both exchanges and users.”
— And “mining of cryptocurrency as a source of funds for a professional branch of the military.”
The panel recommended sanctions against six North Korean vessels for evading sanctions and illegally carrying out ship-to-ship transfers of refined petroleum products.
Under U.N. sanctions, North Korea is limited to importing 500,000 barrels of such products annually including gasoline and diesel. The U.S. and 25 other countries said North Korea exceeded the limit in the first four months of 2019.
In South Korea, the experts said, North Korean cyber actors shifted focus in 2019 to targeting cryptocurrency exchanges, some repeatedly.
The panel said South Korea’s Bithumb, one of the largest cryptocurrency exchanges in the world, was reportedly attacked at least four times. It said the first two attacks in February 2017 and July 2017 each resulted in losses of approximately $7 million, while a June 2018 attack led to a $31 million loss and a March 2019 attack to a $20 million loss.