WASHINGTON – Banks and other financial institutions could soon find themselves in the crosshairs of North Korean hackers, according to a warning issued Wednesday by U.S. officials.
The advisory, issued by the State, Treasury and Homeland Security departments and the FBI, did not give a reason for the timing of the guidance, which came a day after Pyongyang carried out its latest missile test.
U.S. military officials Tuesday downplayed the risk from North Korea’s test launch of short-range ballistic missiles, suggesting it might have been tied to the country’s celebration of the birthday of its founder, Kim Il Sung.
But Wednesday’s advisory warned that North Korea’s ongoing cyber activities “pose a significant threat to the integrity and stability of the international financial system.”
It also warned that North Korean hackers have “the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure.”
Reaction to advisory
A State Department spokesperson said Wednesday’s advisory is part of the government’s ongoing efforts to share threat information.
“It is vital to stay vigilant and to work together to mitigate the cyber threat posed by North Korea,” the spokesperson said. “This advisory collates the information on existing U.S. government resources in one place and provides a policy overview and recommended steps to counter the North Korean cyber threat.”
But some private cybersecurity companies say the latest U.S. advisory suggests North Korea may be branching out by offering their cyber services to third parties.
“Though we knew that these operators were involved in freelancing and other commercial activity such as software development we had no evidence that they were carrying out intrusions and attacks on behalf of anyone other than the North Korean regime,” John Hultquist, the senior director of intelligence analysis for FireEye Mandiant Threat Intelligence, told VOA in an email.
“It is rare for us to find evidence of state actors carrying out criminal side operations with the government’s knowledge,” Hultquist added. “Ultimately, this is yet more evidence that North Korea is heavily invested in their cyber capability and taking every opportunity to leverage and monetize it.”
Concerns about the potency of Pyongyang’s cyber activities are not new.
The U.S. blames North Korea for the November 2014 cyberattack on Sony Pictures; has accused Pyongyang-linked actors of being behind campaigns to steal tens of millions of dollars from banks and automated teller machines; and has accused them of developing the WannaCry 2.0 ransomware that infected computers in more than 150 countries.
More recently, a U.N. report found North Korean hackers had generated $2 billion to offset money lost because of sanctions for its nuclear program.