Skip to content
More from
Bloomberg
Cybersecurity
relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting
cybersecurity

North Korea Hackers Tried to Take $1.1 Billion in Bank Attacks

Updated on

North Korea Hackers Tried to Take $1.1 Billion in Bank Attacks

  • Global attacks have been going on for four years, FireEye says
  • Bank networks penetrated as thieves got more than $100 million
Cyberwar Is More Common Than You Think

A North Korean hacking group has tried to steal at least $1.1 billion in a series of attacks on global banks over the past four years, according to cybersecurity firm FireEye Inc.

The hackers, which FireEye identified as APT38, have infiltrated more than 16 organizations in 11 countries including the U.S., and stolen more than $100 million. The group has hacked heavily defended servers at banks and spent time scouring their networks. Security officials should be alarmed, FireEye said last week in a report.

“They understand banking networks pretty well,” Charles Carmakal, vice president of consulting at FireEye, said in an interview. “And they probably have geopolitical considerations behind the timing, location of their attacks.”

The most prominent attack by APT38 was the theft of funds from the Bangladeshi central bank’s accounts at the U.S. Federal Reserve in 2016. In that case, the hackers got the Fed to transfer some $100 million by sending fake wiring orders. About $40 million was recovered when the hack was discovered and transfers reversed before they could be withdrawn.

Read more: Mexico foiled $110 million bank heist, then kept it a secret

In January, Mexico’s state-owned trade bank thwarted the attempted theft of $110 million using similar methods. In May, a Chilean bank lost $10 million. Both attacks were carried out by APT38, FireEye said in the report.

North Korean diplomats and official media have denied that the country plays any role in cyberattacks.

In recent attacks, the hacking group “burns the house down,” wiping out computer hard drives to erase its tracks, Carmakal said. While the attacks continue, APT38 hasn’t targeted American banks amid North Korea’s peace talks with the U.S., he said.

Banks and other financial institutions are targeted by the most sophisticated cyber criminals, who are attracted to the lure of big-money paydays, FireEye and other groups have said. That has prompted banks to outspend other industries to protect themselves, with the biggest U.S. firms’ annual cybersecurity budgets reaching $1 billion.

Financial firms face the highest number of attempted breaches from computer addresses that have already been blocked because of misbehavior, according to a report set for release Tuesday by cybersecurity firm eSentire. That points to targeted campaigns and persistent efforts by sophisticated attackers, according to Eldon Sprickerhoff, founder and chief innovation officer of eSentire.