Various U.S. federal departments have begun to establish guidelines against crypto crimes suspected to be initiated by North Korea.
The U.S. Departments of Treasury, Homeland Security, State, and the Federal Bureau of Investigations (FBI) recently finalized guidelines on cybercrimes allegedly perpetrated by North Korea.
The aim of the guidelines is to encourage a concerted front against North Korean threats that affect the cryptocurrency sphere as well.
The advisory noted:
“The DPRK’s (North Korea, formally known as the Democratic People’s Republic of Korea) malicious cyber activities threaten the United States and the broader international community and, in particular, pose a significant threat to the integrity and stability of the international financial system.”
According to the Cybersecurity and Infrastructure Security Agency (CISA), the risk advisor on cybersecurity in the U.S., North Korea has “increasingly relied on illicit activities—including cybercrime—to generate revenue for its weapons of mass destruction and ballistic missile programs.”
Crypto crimes have been one of its biggest operations because these cannot be easily traced.
Financial institutions urged to adopt measures in lowering risk of cyber-attacks
The advisory also urged financial institutions, including cryptocurrency platforms, to implement stronger security measures to lower the risk of an attack.
These are the suggested next steps:
- Increase information campaigns that tackle the cybersecurity threats posed by North Korea;
- Share crucial and pertinent information with other financial organizations and government agencies;
- Adopt best practices for security, including the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and the Department of Energy’s (DoE) Cybersecurity Capability Maturity Model;
- Let law enforcement agencies know of suspected hacking attempts; and
- Properly implement anti-money laundering protocols and other regulations required by law.
North Korea’s covert hacking and cybercrime program
The advisory includes an offer of US$5 million [AU$7.8 million] as a reward to anyone who could provide any information about North Korea’s hacking initiatives.
Security experts seem to agree with the advisory of the agencies as well. According to John Hultquist, senior director of intelligence analysis at FireEye:
“We are the middle of another crisis right now, and you can never really afford to take your eye off North Korea—and lot [sic] of the incidents we have seen in the past seemed to have come out of nowhere.”
The U.S. refers to North Korea’s weapons program as the “Hidden Cobra.”
The CISA added that North Korea currently amasses sufficient cyber capabilities to conduct “disruptive or destructive” operations that can impact U.S. critical infrastructure if they wanted to.
The body claims that North Korean hackers have become more widespread and “increasingly sophisticated” in stealing and laundering money.
The discovery was followed with a move from the U.S. Treasury to impose sanctions against three alleged North Korean hacking groups.
The groups have been suspected to be behind the WannaCry ransomware, online bank heists, and malware attacks.