Experts claim that a group of accused cybercriminals has been targeting American businesses and government organizations on behalf of the North Korean government using a variety of methods.
An "advanced persistent threat" (APT), or a network of bad actors linked to possibly illegal internet activities, has been uncovered by Google's cyber intelligence specialists.
The group, referred to as "APT43," is thought to be supporting, and possibly affiliated with, North Korea's main foreign intelligence service through espionage directed at foreign government agencies, private companies, and educational institutions worldwide.
This is according to a recent report from Google Cloud's cyber intelligence arm Mandiant.
"Although the overall targeting reach is broad, the ultimate aim of campaigns is most likely centered around enabling North Korea's weapons program, including: collecting information about international negotiations, sanctions policy, and other country's foreign relations and domestic politics as these may affect North Korea's nuclear ambitions," the report found.
During early 2018, analysts noticed a flurry of activity from APT43, with efforts concentrated on spear-phishing campaigns intended to collect sensitive user data.
This strategy uses "social engineering," in which the bad actor interacts and makes an effort to build rapport with actual people in an effort to obtain important information, ABC News reported.
In one case, APT43 was observed attempting to establish a relationship with a potential victim by impersonating a journalist with an email titled "Request for comments" and questions about geopolitical responses to North Korean military expansion.
The investigation revealed that the gang steals and launders cryptocurrency to fund these endeavors.
Once the currency is stolen, typically by harvesting private online user information, the group was observed laundering the assets through websites that generate new forms of crypto for a fee.
According to experts, this procedure successfully breaks the link between the open source and the initial payment.
"Put another way, imagine you stole millions of dollars in gold, and while everyone is looking for stolen gold, you pay silver miners with stolen gold to excavate silver for you," Mandiant Principal Analyst Michael Barnhart said.
"Similarly, APT43 deposits stolen cryptocurrency into various cloud mining services to mine for a different cryptocurrency. For a small fee, DPRK walks away with untracked, clean currency to do as they wish."
Mandiant's newly released report is in line with strategies established by the Biden administration's top cybersecurity officials to encourage information sharing about cyber threats.
TikTok is one app that, in the opinion of a very senior official, could be a security risk. Director of the Cybersecurity and Infrastructure Security Agency Jennifer Easterly testified before lawmakers on Tuesday that she is in favor of outlawing the Chinese-owned social media giant, which has aggressively embraced short-form video sharing and has dubbed anything similar a "huge, huge risk."
Despite the likelihood of the threat, Easterly expressed skepticism over the feasibility of a total ban in the United States.
Experts believe that geolocation data on the open internet can be changed and scrambled using virtual private networks and other cyber techniques, making a U.S. prohibition challenging.
CISA, one of the leading agencies working to establish cybersecurity reporting norms and standards, will work to help victims of cybercrime and strengthen vulnerable institutions, Easterly vowed.
The director said CISA is working to improve its own "visibility into the overall ecosystem" of cyberattacks while acknowledging the agency's limitations.
Easterly referenced her time in the private sector where the "return on investment was things not happening."
"So you know at a broad level, bad things not happening is hard to -- hard to measure," Easterly said. "So what we want to do is get more granular with the visibility what we've gotten out of that [budget] to say this is how we've reduced the incidence of bad things happening."
Easterly herself, as well as cybersecurity authorities, have highlighted concerns about the daily influx of assaults coming from abroad.
In an effort to combat these dangers, CISA publishes cybersecurity road maps to aid industry and government in lowering risks, including by sending security specialists to assist state and local governments directly.
Rep. Andy Harris, R-Md., pressed Easterly on whether CISA had any hand in suppressing reports about the laptop that belonged to President Joe Biden's son Hunter.
The director quickly refuted the claim, pointing out that she wasn't in her current position at the time and outlining the disinformation work the agency should do to support local governments.
© 2024 Latin Times. All rights reserved. Do not reproduce without permission.