Last year, North Korean hackers working for the government stole a record-breaking amount of virtual assets estimated to be worth between $630 million and more than $1 billion, according to a new report from U.N. experts. The panel of experts said the hackers used increasingly sophisticated techniques to gain access to digital networks involved in cyberfinance, and to steal information that could be useful in North Korea's nuclear and ballistic missile programs from governments, individuals and companies. With tensions on the Korean Peninsula continuing to rise, the report said North Korea was still violating U.N. sanctions, producing weapons-grade nuclear material, and improving its ballistic missile program, which had accelerated dramatically. In 2022, the Democratic People's Republic of Korea (the North's official name) launched at least 73 ballistic missiles and missiles combining ballistic and guidance technologies, including eight intercontinental ballistic missiles. In the last four months of the year, 42 launches, including the test of a reportedly new type of ICBM and a new solid-fueled ICBM engine, were conducted. North Korea's leader Kim Jong Un ordered an exponential increase of the country's nuclear arsenal in January, and the panel said a new law discussed an increased focus on tactical nuclear capability, a new first-use doctrine, and the 'irreversible nature of the DPRK's nuclear status.' According to the experts monitoring sanctions against North Korea, an unnamed cybersecurity firm assessed that in 2022, DPRK cybercrime yielded cyber currencies worth over $1 billion at the time of the threat, which is more than double the total proceeds in 2021. The panel said three groups that are part of the Reconnaissance General Bureau, North Korea's primary foreign intelligence organization, continued to target victims to generate revenue and solicit information of value to the DPRK including its weapons programs - Kimsuky, Lazarus Group and Andariel. In December 2022, the panel said, South Korea's national police agency announced that Kimsuky had targeted 892 foreign policy related experts in an effort to steal personal data and email lists. The police reported that the hackers didn't manage to steal sensitive information, but they laundered IP addresses of the victims and employed 326 detour servers and 26 member states to make tracing difficult. On military-related issues, the experts said they investigated the apparent export of military communications equipment from a North Korean company under U.N. sanctions to Ethiopia's defense ministry in June 2022. The panel said it has not yet received a reply from Ethiopia's government about a photo published by the Ethiopian media in November allegedly showing a piece of equipment from the Global Communications Co., known as Glocom, being used by a top military official. North Korea may also have illegally traded arms and related material with a number of countries, including sending artillery shells, infantry rockets and missiles to Russia - claims Pyongyang and Moscow have consistently denied, the panel said.
This Cyber News was published on www.securityweek.com. Publication date: Wed, 08 Feb 2023 13:34:03 +0000