The Strategist

North Korea can be accused of cyber theft

05/27/2016 - 15:07

According to Internet security experts of Symantec, hackers, who in February stole $ 81 million from the Central Bank of Bangladesh accounts, may be involved in a greater number of cyber-attacks on banks. Among them are hacks of the Vietnamese Tien Phong Bank and an unnamed Filipino bank. Some reports say that more than 10 banks were attacked in total. Since the software used to cyberattack the banks is similar to that which was used in the attack on Sony Pictures in 2014, experts believe that the assaults may have been committed by North Korean hackers.
On Thursday, Symantec, specializing in cyber security, wrote in its blog that the hackers, stole in February funds from the Central Bank of Bangladesh’s account, are more likely involved in other financial cyber-attacks. Recall that in February of this year, hackers gained access to accounts of employees of the Central Bank of Bangladesh, and sent a series of requests for funds transfer. The money had been debited from the Central Bank’s accounts in the Federal Reserve Bank of New York. Employees of the Federal Reserve approved some transactions to the Philippines and Sri Lanka, so about $ 81 million went to Philippine casinos. According to Symantec, hackers had also launched an attack on a Philippine bank, which name is not reported, and attempted to steal $ 1 billion from the Vietnamese Tien Phong Bank. The cybercriminals used alike malware and other similar tools. Symantec also reported cyber-attacks on another bank - Ecuador's Banco del Austro. The crime resulted in $ 12 million stolen, but software used in this case is still unrecognized. As reported by Bloomberg, citing sources, presumably 12 banks have been robbed in total. Bangladesh Central Bank hired FireEye firm to investigate the situation, and it discovered new cases of attempts to steal money this way.

In all cases, the hackers sent bogus messages imitating messages of the international data exchange system for financial institutions SWIFT. A few weeks ago, SWIFT reported second major cyber-attack on a bank after the Central Bank of Bangladesh’s incident. "According to experts, new findings suggest that the malware used in the past case was not an isolated incident, but part of a broad and flexible campaign against the banks", - stated SWIFT afterwards.

According to Symantec, the software used in the cyberattacks on banks, was previously used by a group of hackers Lazarus. The attacks began in 2009, most of them was targeted on objects in the United States and South Korea. The same software was used in the attack on Sony Pictures in November 2014, when several films not yet released in the rental got in the public domain. FBI connects the attack on Sony with activities of North Korean cybercriminals. At the same time, according to experts, it would be difficult to link the cyber-attacks to North Korea, since FireEye has found no such connection. "It is difficult now to find a connection with the attack on Sony and those who stood behind it," - said technical director of Symantec Eric Chien. According to Mr. Chien, if experts confirm that the banks attacks came from North Korea, it would be the first known case where a state is stealing money via internet.


< >

Thursday, November 30th 2023 - 11:05 EU offers Turkey to resume high-level dialogue

Tuesday, November 28th 2023 - 09:24 OPEC names positive aspects of clean energy