Financial Crime World

South Korea’s Financial Institutions Face Growing Cybersecurity Threats from DPRK Hackers, Warn US Authorities

Joint Advisory Issued by US and South Korean Authorities

The United States Department of State, Federal Bureau of Investigation, National Security Agency, and their South Korean counterparts have issued a joint advisory warning that North Korea-based cyber group Kimsuky is posing significant threats to financial institutions in the Democratic People’s Republic of Korea (DPRK).

Kimsuky’s Tactics and Goals

According to the advisory, Kimsuky, a set of DPRK cyber actors, has been conducting large-scale social engineering campaigns targeting victims at think tanks, academic institutions, and news outlets with the aim of gathering intelligence. The group’s tactics include spearphishing campaigns designed to compromise networks and steal sensitive information.

Warning Signs and Measures to Enhance Network Security

The joint advisory provides detailed insights into how Kimsuky operates, warning signs that may indicate a spearphishing campaign is underway, and measures that can be taken to enhance network security against Kimsuky operations. Some of the key takeaways include:

  • Be cautious of unsolicited emails or messages with attachments or links from unfamiliar sources
  • Verify the authenticity of emails and messages before interacting with them
  • Use strong passwords and enable two-factor authentication
  • Regularly update software and operating systems to ensure you have the latest security patches

Urgent Action Required by Financial Institutions in South Korea

In response to the growing threat, US authorities are urging financial institutions in South Korea to take immediate action to protect themselves against Kimsuky’s attacks. The advisory also encourages anyone who believes they have been targeted by a DPRK spearphishing campaign to report the incident to www.ic3.gov and reference #KimsukyCSA in the description.

Commitment to Combating Cyber Threats

The release of this advisory is a concrete outcome of the US-South Korea Working Group on DPRK Cyber Threats, highlighting the shared commitment between the two governments to combat the growing threat of cyber attacks from North Korea.