The United States government outlined an aggressive set of countermeasures it said could stymie North Korea’s highly lucrative and often cryptocurrency-dependent global cybercrime campaigns in a new warning on Wednesday.
Pointing to a laundry list of cyber assaults allegedly initiated by North Korean state actors, the Departments of State, Treasury and Homeland Security, and the Federal Bureau of Investigation (FBI) argued that cutting the country’s money flow – said over the past two years to have raised billions of dollars, including $1.5 billion in crypto – is vital to stopping the rogue regime’s development of weapons of mass destruction.
“We strongly urge governments, industry, civil society, and individuals to take all relevant actions” to stop future attacks from occurring, the agencies said. This includes implementing tough anti-money-laundering frameworks for digital currency, expelling North Korean IT workers, following best cyber practices, and communicating with law enforcement.
Together, these steps could help mitigate a threat the U.S. government has apparently named “HIDDEN COBRA.” It’s a criminal pattern whose crypto focus dates back to at least May 2017, when the WannaCry ransomware attack infected hundreds of thousands of computers and demanded bitcoin as ransom. World governments have largely blamed North Korean actors for the hack.
Since then, HIDDEN COBRA’s perpetrators have mounted increasingly sophisticated and diverse cyber campaigns – including multiple plots entirely dependent on digital currency. Cryptojacking has collectively raised $25,000 in monero and money laundering has washed hundreds of millions in stolen exchange funds that would otherwise have fallen under sanctions.
“The DPRK also uses cyber capabilities to steal from financial institutions, and has demonstrated a pattern of disruptive and harmful cyber activity that is wholly inconsistent” with international cyberspace norms, the government…