CISA and other federal agencies were joined by the National Intelligence Service (NIS) and the Defense Security Agency of the Republic of Korea (ROK) in releasing the latest cybersecurity advisory in the US government's ongoing #StopRansomware effort. This alert highlights continuous state-sponsored ransomware activities by the Democratic People's Republic of Korea (DPRK) against organizations in the US healthcare sector and other vital infrastructure sectors. The agencies have reason to believe cryptocurrency ransom payments from such operations support DPRK's "national-level priorities and objectives".
"North Korea's cyber program poses a growing espionage, theft, and attack threat," the Annual Threat Assessment report in 2021 said. "North Korea has conducted cyber theft against financial institutions and cryptocurrency exchanges worldwide, potentially stealing hundreds of millions of dollars, probably to fund government priorities, such as its nuclear and missile programs."
DPRK has a lengthening history of conducting ransomware attacks against organizations in both US and South Korean territories, some of which have become "mainstream" to fund their other cybercrime activities. Who can forget WannaCry in 2017, for example, the strain that attacked unpatched Windows systems that remained vulnerable against EternalBlue? The US and UK had recognized that North Korea, via the Lazarus Group, a nation-state advanced persistent threat (APT) group, was responsible for unleashing WannaCry to the world.
Then the ..
Support the originator by clicking the read the rest link below.
