Are nation-state cyber attacks a real threat? Based on the latest reports from the United Nations, they are. News agencies such as AP and Reuters have reported that the United Nations have uncovered at least 35 cyber incidents in 17 countries that were initiated by North Korean cyber actors, many of them operating under the direction of the country’s military intelligence agency, the Reconnaissance General Bureau.
According to findings presented to the UN Security Council North Korea sanctions committee by independent experts who are monitoring the country’s activities, North Korea has been involved in massive theft of assets and illegally acquired up to $2 billion from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.
The report also cites that North Korean nation-state actors are using low-risk, high-yield attack modes, operating in three main ways:
By going after crypto exchanges, especially, they are able to “generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector”. The report pretty much cements the allegations and rumours that North Korea was behind some of the largest cryptocurrency thefts in recent times.
The stolen funds, which are then laundered in cyberspace, are reportedly being used to finance North Korea’s weapons of mass destruction (WMD) and ballistic missile programs.
According to the AP, the report reveals that neighbouring country, South Korea, was the hardest hit among the 17 affected countries, suffering 10 North Korean cyber attacks, followed by India with three attacks, and Bangladesh and Chile with two attacks each.
Thirteen countries suffered one attack — Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia, as well as Southeast Asian countries, Malaysia and Vietnam.