This post is also available in: heעברית (Hebrew)

North Korean state sponsored cyber criminals are carrying out ransomware attacks against healthcare and critical infrastructure to fund further operations, according to an official statement made by both US and South Korean cyber security and intelligence agencies.

The attacks, which demand cryptocurrency ransoms in exchange for recovering access to encrypted files, are designed to support North Korea’s national-level priorities and objectives. This includes “cyber operations targeting the United States and South Korea governments — specific targets include Department of Defense Information Networks and Defense Industrial Base member networks,” the authorities said. report that threat actors from North Korea have been linked to espionage, financial theft, and crypto jacking operations for years, including the infamous WannaCry ransomware attacks of 2017 that infected hundreds of thousands of machines located in over 150 countries.

Besides procuring its infrastructure through cryptocurrency obtained via its criminal activities, the adversary is known to create fake personas, function under third-party foreign affiliate identities, employ intermediaries, and utilize VPNs to conceal its origins.

According to a new report made by the United Nations, North Korean hackers stole virtual assets that are estimated to be worth between 630 million and 1 billion dollars in 2022 alone. The report further detailed that the threat actors used increasingly sophisticated techniques to gain access to digital networks involved in cyber finance, and to steal information from governments, companies, and individuals that could be useful in North Korea’s nuclear and ballistic missile programs.

Prepared to dive into the world of futuristic technology? Attend INNOTECH 2023, the international convention and exhibition for cyber, HLS and innovation at Expo, Tel Aviv, on March 29th-30th

Interested in sponsoring / a display booth at the 2023 INNOTECH exhibition? Click here for details!