Nhasi, the US Dhipatimendi rePfumaHofisi yeForeign Assets Control (OFAC) yakazivisa zvirango zvakanangana nemapoka matatu ekuNorth Korea anotsigirwa nehurumende ane hutsinye anokonzera Mawodzanyemba Koriya's yakaipa cyber chiitiko pane yakakosha zvivakwa. Zviito zvanhasi zvinozivisa mapoka eNorth Korea ekubira anowanzo zivikanwa mukati meiyo cybersecurity indasitiri yakazvimirira se "Lazarus Boka," "Bluenoroff," uye "Andariel" semasangano, zvishandiso, kana masangano anodzorwa eHurumende yeNorth Korea zvichiteerana neExecutive Order (EO). ) 13722, zvichibva pahukama hwavo neReconnaissance General Bureau (RGB). Lazarus Boka, Bluenoroff, uye Andariel vanodzorwa neUS- uye United Nations (UN)-yakatemerwa RGB, inova yeNorth Korea's primary intelligence Bureau.
"Treasury iri kutora matanho kuNorth Korea mapoka ekubira anga achirwisa cyber kutsigira zvirongwa zvisiri pamutemo zvezvombo uye makosi," akadaro Sigal Mandelker, Treasury Under Secretary weTerrorism and Financial Intelligence. "Ticharamba tichisimbisa zvirango zviripo zveUS neUN kurwisa North Korea uye kushanda pamwe nenharaunda dzepasirese kuti tivandudze cybersecurity yemari network."
Zvakaipa Cyber Chiitiko naLazarus Boka, Bluenoroff, uye Andariel
Lazarus Boka rinonangana nemasangano akadai sehurumende, mauto, emari, kugadzira, kushambadza, midhiya, varaidzo, uye makambani ekufambisa epasi rese, pamwe nehurongwa hwakakosha, vachishandisa matekiniki akadai secyber espionage, kuba data, heists mari, uye inoparadza malware mashandiro. Yakagadzirwa neHurumende yeNorth Korea kutanga 2007, boka iri rakashata recyber riri pasi pe110th Research Center, 3rd Bureau yeRGB. Iyo 3rd Bureau inozivikanwawo seye3rd Technical Surveillance Bureau uye inotarisira North Korea cyber mashandiro. Pamusoro pebasa reRGB sechinhu chikuru chinokonzeresa hutsinye hwecyber zviitiko zveNorth Korea, RGB iri zvakare mukuru weNorth Korean intelligence agency uye inobatanidzwa mukutengeserana kwezvombo zveNorth Korea. Iyo RGB yakasarudzwa neOFAC muna Ndira 2, 2015 zvichiteerana neEO 13687 yekuve sangano rinodzorwa reHurumende yeNorth Korea. Iyo RGB yakanyorwawo muchikamu cheEO 13551 musi waNyamavhuvhu 30, 2010. UN yakasarudzawo RGB musi waKurume 2, 2016.
Lazarus Group yakabatanidzwa mukuparadza kweWannaCry 2.0 ransomware kurwisa uko United States, Australia, Canada, New Zealand neUnited Kingdom vakazivisa pachena kuNorth Korea muna Zvita 2017. Denmark neJapan dzakapa zvirevo zvinotsigira uye makambani akati wandei eUS akatora matanho akazvimirira kuti avhiringidze. chiitiko cheNorth Korea cyber. WannaCry yakabata nyika dzinosvika zana nemakumi mashanu pasirese uye yakadzima makomputa angangoita mazana matatu ezviuru. Pakati pevakabatwa neveruzhinji vaive United Kingdom's (UK) National Health Service (NHS). Inenge chikamu chimwe muzvitatu chezvipatara zvekuUK zvechipiri - zvipatara zvinopa varwere vanorwara zvakanyanya uye mamwe masevhisi ekukurumidzira - uye masere muzana ezvekurapa muUK akaremara nekurwiswa kwerudzikinuro, zvichikonzera kubviswa kweanopfuura zviuru gumi nepfumbamwe uye pakupedzisira kudhura. iyo NHS inopfuura $150 miriyoni, zvichiita kuti ive yakanyanya kuzivikanwa denda rerudzikinuro munhoroondo. Lazarus Boka rakange rakakonzeresa zvakananga kune inozivikanwa 19,000 cyber-kurwisa kweSony Mifananidzo Varaidzo (SPE).
Akasarudzwawo nhasi madiki-mapoka eRazaro Boka, rekutanga rinodaidzwa kuti Bluenoroff nemafemu mazhinji ekuchengetedza akazvimirira. Bluenoroff yakaumbwa nehurumende yeNorth Korea kuti iwane mari zvisiri pamutemo zvichitevera kuwedzera kwezvirango zvepasi rose. Bluenoroff inoita zvakashata cyber chiitiko muchimiro checyber-enabled heists kurwisa masangano emari ekunze akamiririra North Korea hurumende kuti iwane mari, muchikamu, yekuwedzera kwayo zvombo zvenyukireya uye ballistic missile zvirongwa. Mafemu eCybersecurity akatanga kuona boka iri kutanga muna 2014, apo kuedza kweNorth Korea cyber kwakatanga kutarisa kuwana mari mukuwedzera pakuwana ruzivo rwemauto, kukanganisa network, kana kutyisidzira vavengi. Sekureva kweindasitiri nenhau yenhau, muna 2018, Bluenoroff yakanga yaedza kuba mari inopfuura bhiriyoni imwe chete yemadhora kubva kumasangano emari uye, sekureva kwenhau dzenhau, yakabudirira kuita mabasa akadaro kumabhanga muBangladesh, India, Mexico, Pakistan, Philippines, South Korea. , Taiwan, Turkey, Chile, uye Vietnam.
Zvinoenderana nemafemu ekuchengetedza cyber, kazhinji kuburikidza nekubira uye kupindira kumashure, Bluenoroff yakaita mashandiro akabudirira akanangana nemasangano anopfuura gumi nematanhatu munyika gumi neimwe, kusanganisira iyo SWIFT messaging system, masangano emari, uye cryptocurrency exchanges. Mune chimwe chezviitwa zvecybernoff zvakaipisisa, boka rekubira rakashanda pamwe chete neLazarus Group kubira mari inosvika mamiriyoni makumi masere emadhora kubva kubhanga guru reBangladesh reNew York Federal Reserve account. Nekushandisa malware yakafanana neyakaonekwa muSPE cyber attack, Bluenoroff neLazarus Boka vakaita zvinopfuura makumi matatu nematanhatu zvikumbiro zvekuendesa homwe hombe vachishandisa zvakabiwa SWIFT magwaro mukuyedza kuba mari inosvika 16 miriyoni pasati paitika chikanganiso chetypographical chakazivisa vashandi kudzivirira imwe mari kubva. kubiwa.
Yechipiri Razaro Boka sub-boka rakasarudzwa nhasi ndiAndariel. Inotarisana nekuita hutsinye hwecyber mashandiro kumabhizinesi ekunze, masangano ehurumende, masisitimu emari masevhisi, makambani akazvimirira, uye mabhizinesi, pamwe neindasitiri yekudzivirira. Mafemu eCybersecurity akatanga kuona Andariel muna 2015, uye akataura kuti Andariel anogara achiita cybercrime kuti awane mari uye anonangana nehurumende yeSouth Korea nezvivakwa kuitira kuunganidza ruzivo uye kugadzira kusagadzikana.
Kunyanya, Andariel akacherechedzwa nemafemu ekuchengetedza cyber achiedza kuba ruzivo rwekadhi rebhangi nekubira maATM kuti abvise mari kana kuba ruzivo rwevatengi kuti vazotengesa pamusika mutema. Andariel zvakare ane basa rekugadzira uye kugadzira yakasarudzika malware yekubira mu online poker nenzvimbo dzekubhejera kuba mari.
Zvinoenderana neindasitiri nenhau yenhau, kunze kwekuedza kwayo kupara mhosva, Andariel anoenderera mberi nekuita zvakashata zvecyber kurwisa vashandi vehurumende yeSouth Korea nemauto eSouth Korea mukuyedza kuunganidza hungwaru. Imwe nyaya yakaonekwa munaGunyana 2016 yaive yekupindirwa kwecyber mukombuta yega yeSouth Korean Defence Minister muhofisi panguva iyoyo uye intranet yeDefence Ministry kuitira kutora hungwaru hwekuita zvechiuto.
Kuwedzera kune zvakaipa zviitiko zvecyber pane zvakajairwa masangano emari, hurumende dzekunze, makambani makuru, uye zvivakwa, North Korea's cyber Operations zvakare inonangana neVirtual Asset Provider uye cryptocurrency exchanges kuti zvigone kubatsira mukuvhiringidza mari dzemari uye humbavha hunogonesa cyber hunogonawo kupa mari yeNorth Korea. WMD uye ballistic missile zvirongwa. Sekureva kweindasitiri nenhau yenhau, mapoka matatu aya anotsigirwa nehurumende anogona kunge akaba mari inosvika madhora mazana mashanu nemakumi manomwe nenomwe mu cryptocurrency chete, kubva mukutsinhana kushanu muAsia pakati paNdira 571 naGunyana 2017.
Kuedza kweHurumende yeUS Kurwisa North Korean Cyber Threats
Kuparadzaniswa, Dhipatimendi reHomeland Security's Cybersecurity uye Infrastructure Security Agency (CISA) uye US Cyber Command (USCYBERCOM) mumwedzi ichangopfuura vakashanda tandem kuburitsa malware samples kune yakavanzika cybersecurity indasitiri, akati wandei akazonzi akaitwa neNorth Korean cyber vatambi. , sechikamu chekuedza kuri kuramba kuchienderera mberi kuchengetedza hurongwa hwemari hweUS uye zvimwe zvakakosha zvivakwa pamwe nekuve nekukanganisa kukuru mukuvandudza kuchengetedzwa kwenyika. Izvi, pamwe chete nekuita kwanhasi kweOFAC, muenzaniso wenzira yehurumende-yakafara yekudzivirira nekudzivirira kubva mukutyisidzira kuri kuwedzera kweNorth Korea cyber uye idanho rimwezve muchiratidzo chekuramba chiripo chakatarwa neUSCYBERCOM.
Nekuda kwechiito chanhasi, zvinhu zvese nezvido mumidziyo yemasangano aya, uye zvechero masangano ane, zvakananga kana zvisina kunanga, 50 muzana kana kupfuura nemasangano akasarudzwa, ari muUnited States kana mune kana kutonga. yevanhu vekuUS yakavharwa uye inofanirwa kuudzwa kuOFAC. Mitemo yeOFAC inowanzo rambidza zvese zvinoitwa nevanhu vekuUS kana mukati (kana kufambisa) United States zvinosanganisira chero pfuma kana zvido mumidziyo yevanhu vakavharirwa kana vakasarudzwa.
Pamusoro pezvo, vanhu vanoita mamwe matransferensi nemasangano akasarudzwa nhasi vanogona kuratidzwa ivo pachavo. Pamusoro pezvo, chero sangano rezvemari rekunze rinogonesa kutengeserana kwakakosha kana kupa masevhisi akakosha emari kune chero masangano akasarudzwa nhasi anogona kuve pasi peakaundi yemumiriri weUS kana kubhadhara-kuburikidza nezvirango.
ZVOKUBVA MUNYAYA INO:
- In addition to the RGB's role as the main entity responsible for North Korea's malicious cyber activities, the RGB is also the principal North Korean intelligence agency and is involved in the trade of North Korean arms.
- Approximately one third of the UK's secondary care hospitals — hospitals that provide intensive care units and other emergency services — and eight percent of general medical practices in the UK were crippled by the ransomware attack, leading to the cancellation of more than 19,000 appointments and ultimately costing the NHS over $112 million, making it the biggest known ransomware outbreak in history.
- Bluenoroff conducts malicious cyber activity in the form of cyber-enabled heists against foreign financial institutions on behalf of the North Korean regime to generate revenue, in part, for its growing nuclear weapons and ballistic missile programs.
