North Korea continues global attacks on banks, but U.S. shows willingness to follow its tracks. The hacker group dubbed BeagleBoyz is still conducting a global campaign targeting banks to initiate fraudulent SWIFT transfers and ATM cash outs, according to an official warning from the U.S. government. Victims in at least 38 states from Argentina to Zambia have been affected over the last five years alone. USCYBERCOM acknowledged it went on the offensive, leveraging “a persistent engagement approach… [to disrupt] North Korea efforts to illicitly generate revenue…through cyber-enabled operations,” according to BGen Joe Hartman.
Australia and New Zealand fortify financial sector cybersecurity. Persistent DDOS attacks on New Zealand's stock exchange continue, forcing an hours-long suspension of trade at one point. NZ’s National Cyber Security Centre issued a nationwide warning of DDoS attacks on NZ entities, “predominantly in the financial sector.” Across the Tasman, the Australian government announced new security requirements for the Australian financial sector and other critical infrastructure in tandem with a new cybersecurity strategy, in response to large-scale state-sponsored cyberattacks in June.
Governments clamp down on crypto hacks, signal capability to trace crypto laundering. In Europe, Ukrainian police busted a cryptocurrency money laundering operation with help from Binance, a crypto exchange (who happened to lose ~40 million in a 2019 hack). In the US, government officials announces multiple seizures of crypto assets tied to North Korean hackers, and three separate terrorist finance campaigns. The US Cryptocurrency Strike Force traced the currency, “which criminals previously thought to be impossible,” said USAG Michael Sherwin. The seizure of North Korean accounts came a week after F-Secure published a report that Lazarus Group continues to steal cryptocurrency, now via LinkedIn phishing.
India’s plans for a national FinCERT regain steam. The “security of the financial system has been accorded high priority,” in the Indian government, and they are discussing a National Computer Emergency Response Team for the Financial Sector, which was originally proposed in 2017. This follows a report by the Data Security Council of India on increasing fraud in digital payment systems, and hints from Modi in his National Independence Day speech of a “new cyber security policy.”
If you’d like to dive deeper, please take a look at the curated News Round-Up below. As always, we invite you to sign up for regular updates from Carnegie’s Cyber Policy Initiative, join the FinCyber Network on LinkedIn, and follow @CarnegieCyber, @MaurerTim, and @ArthurRobNelson on Twitter.
Tim Maurer, Arthur Nelson, and the Cyber Policy Initiative Team at the Carnegie Endowment for International Peace