North Korean government-backed hackers have performed ransomware assaults on well being care suppliers and different key sectors within the US and South Korea and used the proceeds to fund additional cyberattacks on authorities businesses in Washington and Seoul, US and South Korean officers warned Thursday.
A few of these follow-on hacks have particularly focused Pentagon networks and US protection contractors, in accordance with the advisory from US and South Korean intelligence and safety businesses.
It’s the newest in a drumbeat of warnings from US officers that North Korea is adopting cybercriminal techniques to fund dictator Kim Jong Un’s ambitions, together with the regime’s pursuit of nuclear weapons.
The assertion from the US Federal Bureau of Investigation, US Nationwide Safety Company, South Korean Nationwide Intelligence Service and others doesn’t point out Kim’s weapons packages, however US officers have beforehand warned {that a} portion of the cash Pyongyang steals by hacking can go to weapons improvement.
North Korea’s use of stolen cryptocurrency to fund its weapons packages is a part of the common set of intelligence merchandise introduced to President Joe Biden, a senior administration official advised CNN this week.
“They want cash, so that they’re going to maintain being inventive,” the official stated. “I don’t assume the North Koreans are ever going to cease on the lookout for illicit methods to glean funds as a result of it’s an authoritarian regime … beneath heavy sanctions.”
The information comes as North Korea displayed almost a dozen superior intercontinental ballistic missiles at a nighttime army parade on Wednesday.
The brand new US-South Korea advisory didn’t establish hospitals that the North Korean hackers had allegedly victimized. The Justice Division has beforehand accused Pyongyang-backed hackers of hitting a medical middle in Kansas in 2021, encrypting laptop programs the ability relied on to function key gear, and one other medical supplier in Colorado.
The advisory follows an analogous warning from US businesses in July that North Korean hackers had used ransomware to disrupt providers at well being organizations for “extended intervals.”
Within the assertion launched Thursday, US and South Korean officers accused North Korean hackers of taking pains to attempt to cover their identities – even posing as a infamous Russian ransomware gang. The North Koreans are additionally emulating non-state criminals in dumping on-line the non-public knowledge of victims who don’t pay, officers stated.
The hackers have used a preferred software program utilized in small and medium-sized hospitals in South Korea to unfold their malicious code with the purpose of locking up computer systems, in accordance with the advisory.
Along with hacking, suspected North Koreans have posed as different nationalities to use for work at IT companies and ship a reimbursement to Pyongyang, US businesses have publicly warned. A CNN investigation discovered at the very least one cryptocurrency entrepreneur who unwittingly paid a North Korean tech employee tens of hundreds of {dollars}.
Supply: CNN