North Korea APT Slapped With Cyber Sanctions After Satellite Launch

The US Department of the Treasury Office of Foreign Assets Control has announced it has sanctioned cyberespionage group Kimsuky for collecting intelligence on behalf of the Democratic People's Republic of Korea. The OFAC said the sanctions are technically in retaliation for a North Korean military reconnaissance satellite launch on Nov. 21 more broadly, they are designed to block the DPRK from revenue, materials, and intelligence necessary to perpetuate its weapons of mass destruction development program the Treasury's sanctions announcement added. Kimsuky is a well-known advanced persistent threat group active since 2013 that works on behalf of the Kim Jong Un regime. The move to file the sanctions is an important step forward in stymying the DPRK's malicious cyber activities, according to a statement from Michael Barnhart, Mandiant principal analyst, Google Cloud. "Recent actions, including the OFAC sanctions of today and increased global awareness of these cyber threats, are forcing North Korea to adapt its strategies," Barnhart explained via email. "While these measures have undoubtedly disrupted the regime's cyber activities, it is crucial to recognize that North Korea remains a formidable threat." In October, Kimsuky waged a campaign abusing Remote Desk Protocols and other tools to to take over targeted systems. The previous March, the group had already emerged as what researchers characterized "Unusually aggressive" APT, becoming adept at achieving the dueling goals of using social engineering to gather intelligence, as well as operating a massive cryptomining operation to raise funds for the North Korean regime. The wider strategy to shut down cyberattacks from the DPRK must include a combination of greater public awareness of their activities, robust cybersecurity measures, as well as additional targeted sanctions and other measures that help disrupt the regime's cyber threat, according to Barnhart. "Despite the exposure of their operations, APT43 has demonstrated remarkable resilience, continuing to employ sophisticated social engineering tactics to target unsuspecting individuals and organizations," he added. "This highlights the need for heightened vigilance and a comprehensive approach to combating North Korea's cyber threats." The US is joined in sanctioning the cyber-threat group with allied nations Australia, Japan, and the Republic of Korea, according to the OFAC announcement. "As an intelligence gathering apparatus for the Reconnaissance General Bureau, APT43 operates with the full backing of the North Korean regime, tasked with gathering sensitive information on a wide range of topics, including nuclear technology, sanctions evasion, and unification efforts," Barnhart said. "APT43 and DPRK-aligned cyber threats pose a significant and evolving challenge to the global community."

This Cyber News was published on www.darkreading.com. Publication date: Fri, 01 Dec 2023 21:10:18 +0000


Cyber News related to North Korea APT Slapped With Cyber Sanctions After Satellite Launch

North Korea APT Slapped With Cyber Sanctions After Satellite Launch - The US Department of the Treasury Office of Foreign Assets Control has announced it has sanctioned cyberespionage group Kimsuky for collecting intelligence on behalf of the Democratic People's Republic of Korea. The OFAC said the sanctions are ...
10 months ago Darkreading.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
10 months ago Bleepingcomputer.com
Experts from the United Nations Report North Korean Hackers Have Taken a Large Amount of Digital Assets - Last year, North Korean hackers working for the government stole a record-breaking amount of virtual assets estimated to be worth between $630 million and more than $1 billion, according to a new report from U.N. experts. The panel of experts said ...
1 year ago Securityweek.com
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence - North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a ...
1 week ago Securityaffairs.com
US, Japan and South Korea Unite to Counter North Korean Cyber Activiti - The US, Japan and South Korea have established a high-level consultative body designed to counter North Korea's cyber activities. A key purpose of the new group is to prevent cyber-attacks and crypto heists used to fund North Korea's weapons ...
10 months ago Infosecurity-magazine.com
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
10 months ago Bleepingcomputer.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
1 year ago Csoonline.com
US sanctions Russian for cleaning Ryuk's and oligarchs' cash The Register - A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals. Among these was her alleged ...
10 months ago Theregister.com
A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
9 months ago Packetstormsecurity.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
U.S. Treasury Sanctions Eight Foreign-Based Agents and North Korean Kimsuky Attackers - Sanctions imposed by the United States are technically in response for a North Korean military reconnaissance satellite launch on Nov. 21, but they are also intended to deprive the DPRK of revenue, materials, and intelligence needed to sustain its ...
10 months ago Cysecurity.news
North Korean Hackers Behind Major Cyberattacks, Confirmed by FBI - The FBI released a statement confirming that North Korea was behind a series of major cyberattacks in the past year. It is the first time that the FBI has attributed such activity to North Korea. The attacks included intrusions into networks, ...
1 year ago Thehackernews.com
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms - The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the ...
4 months ago Securityweek.com
Seoul Police Reveals: North Korean Hackers Stole South Korean Anti-Aircraft Data - South Korea: Seoul police have charged Andariel, a North Korea-based hacker group for stealing critical defense secrets from South Korea's defense companies. Allegedly, the laundering ransomware is redirected to North Korea. One of the 1.2 terabytes ...
10 months ago Cysecurity.news
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
1 year ago Thehackernews.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
8 months ago Securityzap.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
7 months ago Cyberdefensemagazine.com
'Fugitive' Spanish aristocrat behind North Korea cryptocurrency conference arrested - Alejandro Cao de Benós, the Spanish man from an aristocratic family who became one the Western world's most vocal supporters of North Korea, has been arrested in Spain. The arrest relates to allegations of fraud in the United States, where the ...
10 months ago Therecord.media
What is an advanced persistent threat? - An advanced persistent threat is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. APT attacks are initiated to steal highly sensitive data rather than cause damage to ...
10 months ago Techtarget.com
FBI Charges North Korean Hackers Over $100 Million Stolen in Crypto Hack - The FBI has recently charged a North Korean hacker in connection with the Harmony crypto hack from which the hacker allegedly stole over $100 million. The hacker, Jon Chang Hyok, is a member of the North Korean military intelligence agency, the ...
1 year ago Bleepingcomputer.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
8 months ago Scmagazine.com
How 'Big 4' Nations' Cyber Capabilities Threaten the West - COMMENTARY. There are four nations deemed by the US and UK governments to pose the greatest threat to the West. Russia's cyber-threat activities are primarily focused on offensive cyber operations, China's are focused on cyber espionage, Iran's on ...
8 months ago Darkreading.com
US Treasury sanctions Sinbad cryptocurrency mixer used by North Korean hackers - The U.S. Treasury Department on Wednesday sanctioned a popular cryptocurrency mixer used to launder funds stolen by hackers connected to the North Korean government. The Treasury Department's Office of Foreign Assets Control announced new sanctions ...
10 months ago Therecord.media
Britain and US Take Action Against Ransomware Criminals by Imposing Sanctions on Seven People - On Thursday, the United Kingdom and United States imposed sanctions on seven people linked to a single criminal network responsible for Conti and Ryuk ransomware gangs and the Trickbot banking trojan. This is the first major move of a new joint ...
1 year ago Therecord.media
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)