US Government Unveils Public Information and Resources to Counter North Korea’s Cyber Threat

The US government has launched a comprehensive initiative to provide public information and resources to counter the growing cyber threat posed by North Korea.

The Growing Cyber Threat from North Korea

According to the Office of the Director of National Intelligence, the Democratic People’s Republic of Korea (DPRK) poses a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber attacks. The DPRK has been using its cyber capabilities to steal from financial institutions to generate revenue, with attempts to steal over $1.1 billion from financial institutions across the world.

CISA’s Technical Reports on HIDDEN COBRA

The Cybersecurity and Infrastructure Security Agency (CISA) has released technical reports on the malicious cyber activities by the DPRK, known as HIDDEN COBRA. These reports provide critical information to network defenders to identify and reduce exposure to the DPRK’s malicious cyber activities.

Resources for Stakeholders

To combat this threat, CISA is providing extensive cybersecurity and infrastructure security knowledge and practices to its stakeholders, including resources such as:

• Protecting Critical Infrastructure: https://www.cisa.gov/protecting-critical-infrastructure
• Cyber Safety: https://www.cisa.gov/cyber-safety
• Detection and Prevention: https://www.cisa.gov/detection-and-prevention

FBI’s Efforts to Combat Cyber Threats

The FBI is also providing current information on potential cyber threats through its Private Industry Notifications (PIN) and FLASH reports. The FBI’s Cyber Division is dedicated to investigating and disrupting cyber crimes, and provides resources such as:

• FBI PIN and FLASH Reports: https://www.fbi.gov/investigate/cyber
• FBI Legal Attaché Program: https://www.fbi.gov/contact-us/legal-attaché-offices

US Department of Defense’s Cyber Command

The US Department of Defense’s Cyber Command is actively seeking out DPRK malicious cyber activities, including malware that exploits financial institutions and conducts espionage. Malware information can be found at the following Twitter accounts:

• @US_CYBERCOM
• @CNMF_VirusAlert

Treasury Department Sanctions

The US Department of the Treasury has also issued sanctions related to the DPRK’s malicious cyber-enabled activities. The Office of Foreign Assets Control (OFAC) provides a wealth of information on DPRK sanctions, including sanctions advisories and frequently asked questions (FAQs).

Additional Resources

• Financial Crimes Enforcement Network (FinCEN): https://www.fincen.gov
  • Advisories on North Korea’s use of the international financial system
  • Suspicious activity reporting obligations for financial institutions
• Federal Financial Institutions Examination Council (FFIEC): https://www.ffiec.gov
  • Cybersecurity Assessment Tool to help financial institutions assess their cybersecurity risk management practices

Conclusion

This comprehensive initiative aims to provide public information and resources to counter the growing cyber threat posed by North Korea, and to support efforts to disrupt and dismantle its malicious cyber activities.