Category: Cyberwar

OFAC’s new North Korea (sort of) designations

Today, the Treasury Department’s Office of Foreign Assets Control published a colossal list of amendments to the North Korea designations on its list of Specially Designated Nationals—its sanctions blacklist for the financial industry. The amendments are requirements under the new Otto Warmbier North Korea Nuclear Sanctions and Enforcement Act, the North Korea Sanctions and Policy Enhancement Act, and the regulations promulgated under those authorities. Today’s announcement is an encouraging sign that the administration is feeling more pressure to enforce these...

DOJ indicts 2 Chinese men for laundering stolen South Korean Bitcoin for North Korean hackers

Today, the U.S. Attorney’s Office for the District of Columbia unsealed an indictment of two Chinese nationals, Tian Yinyin and Li Jiadong, charging them with money laundering and running an unlicensed money transmitting business, for laundering $100 million in stolen Bitcoin and Ether for North Korean hackers between July 2018 and April 2019. The indictment alleges that the $100 million was part of a $250 million take the Lazarus Group stole from four cryptocurrency exchanges, three of them in South...

Computer crime, bank fraud & money laundering: A preview of Kim Jong-un’s indictment

The Wall Street Journal is reporting that hackers employed by the government of North Korea have been implicated in yet another international bank fraud scheme using . This time, the victim is a bank in Taiwan, and the take was $60 million, all of it laundered through accounts in Cambodia, Sri Lanka, and the United States. In a blog post Tuesday, cybersecurity researchers at U.K. defense company BAE Systems PLC also implicated Lazarus in the Taiwanese theft, saying that tools...

To prevent a larger hostage crisis, shut PUST down now — all of it.

The news that North Korea arrested its third American hostage over the weekend ought to change the shape of our discussion about PUST, the Pyongyang University of Science and Technology. Kim Sang-duk, a U.S. citizen and professor at the Yanbian University of Science and Technology (YUST) in Yanji, China, was detained in North Korea on Saturday at Pyongyang’s Sunan airport, a source familiar with the case confirmed to NK News on Sunday. Chan-Mo Park, current chancellor of the Pyongyang University of Science and Technology...

WSJ: Feds may indict North Koreans in Bangladesh Bank fraud

This story just gets more interesting by the day: Federal prosecutors are building cases that would accuse North Korea of directing one of the biggest bank robberies of modern times, the theft of $81 million from Bangladesh’s account at the Federal Reserve Bank of New York last year, according to people familiar with the matter. The charges, if filed, would target alleged Chinese middlemen who prosecutors believe helped North Korea orchestrate the theft, the people said. The current cases being pursued...

Top NSA official attributes attempted $1B bank heist to North Korean hackers

The story of the Bangladesh Bank/SWIFT heist has gotten much more interesting of late. Now, not only do we have a senior U.S. intelligence official attributing it to a government, we learn that the North Koreans tried to steal nearly …. A senior National Security Agency official appeared to confirm that North Korean computer hackers were behind a multi-million dollar heist targeting Bangladesh’s central bank last year. Computer hackers attempted to steal $951 million, but only got away with $81 million, some of which...

N. Korea, Lazarus & SWIFT: Are the white hats closing in? (Update: SWIFT cuts off remaining N. Korean banks)

In the last month, major news stories about North Korea have bombarded my batting cage faster than I’ve been able to swing at them. I’d wondered when I’d have a chance to cover Katy Burne’s detailed story in the Wall Street Journal about the empty half of the SWIFT glass ” that despite its recent decision to disconnect three U.N.-designated North Korean banks, it’s still messaging for banks that are sanctioned by the Treasury Department, but not by the U.N.:...

The Commerce Department should review PUST’s export licenses for North Korea

Last week, several news outlets reported that representatives of PUST, the Pyongyang University of Science and Technology, are in the United States, seeking support to expand their curriculum in North Korea. PUST didn’t say what kind of support it seeks, but recent reports suggest that PUST has lost donors and had to slash its budget. PUST is probably looking for money. Donors, however, would be wise to keep their checkbooks closed until the Commerce Department and a U.N. Panel of...

Why North Korea will go back on the list of state sponsors of terrorism this year

As I write, Yonhap is reporting that North Korea may be fueling up two ICBMs for a test. Meanwhile, in Washington, Texas Republican Ted Poe has already shaped one part of the likely response to that. Poe isn’t one to back down from a fight — not with leukemia, and not with North Korea. He’s back at the helm of the House Subcommittee on Terrorism, Nonproliferation, and Trade, where one of his first acts this year was to reintroduce a...

Hacked again

For the last several weeks, North Korea-watchers in Washington have been warning each other about suspicious attachments and spoof messages. I was starting to feel ignored, envious, and unimportant until Friday, when a friend warned me that my site was blocked by his office’s anti-malware software. I don’t have the sophisticated defenses that big institutions do, but fortunately, I have an excellent hosting service. The last time this happened, they recommended a subscription service that cleans up malware injects. Between the hosting service...

N. Korea’s biggest a**hole shoots Vice-Premier, sends second-biggest a**hole to weed the fields

Here at OFK, stories about kremlinology are usually page two material. Too often, we’ll read reports that some official or minor celebrity has been executed, only to read a year later that the target has risen like Lazarus from the KCNA crypt. As a general rule, the closer a story about North Korea is to the center of the power structure, the less I tend to believe it. Which is why I didn’t even tweet the report yesterday that His Porcine...

Meet the “Libertarians” who would surrender our liberty & our security to Kim Jong-un’s censors

I doubt that America has fully come to terms with the damage done to its freedom of expression by the Sony cyberterrorist attack of 2014, or by the increasing willingness of Muslim supremacists to extinguish our civil liberties through violence. It is an easy thing to be a civil libertarian when the subject is, say, the limits of a proposed law allowing the FBI or NSA to eavesdrop on suspected terrorists’ communications or monitor their social media posts. Even if we...

How much have sanctions affected PUST? Not enough, apparently.

Chan-Mo Park, the Chancellor of the Pyongyang University of Science and Technology, or PUST, and a U.S. citizen, is blaming South Korean bilateral sanctions for his difficulties recruiting new academic talent. He told VOA on Wednesday, “We want to recruit South Korean professors, but the May 24 measure blocks it.” He was referring to trade and exchange sanctions South Korea made against North Korea on May 24, 2010. The sanctions came after South Korea accused the North of sinking one...

Meet the assassin/killer/hacker/terrorist Kim Jong-un just put in charge of relations with S. Korea

With all recent movement on sanctions legislation in the House and Senate, I’ve skimmed over the developments in North Korean Kremlinology, reports about which often read like the dossiers in a lost, bad-acid fueled manuscript for a “High Castle” sequel. If you believe that personnel is policy, however, Kim Jong-un’s choice of a replacement for Kim Yang-gon, who ran Pyongyang’s so-called United Front Department until he died in a car-maybe-not-accident recently, is a dark omen about Kim Jong-un’s policy instincts. The...

North Korea and Sony, one year later: An op-ed in the Wall Street Journal

Just over a year ago, President Obama publicly blamed North Korea for a cyberattack on Sony, and for cyberterrorist threats against American moviegoers. Last January 2nd, he signed an executive order authorizing new sanctions against North Korea, part of a promised “proportional response.” A year later, we’re still waiting to see what President Obama will do to defend freedom of expression here in America. Professor Lee and I have an op-ed in today’s Wall Street Journal, making the case for a stronger response.

Defectors: PUST is training North Korean hackers

Not for the first time, the Pyongyang University of Science and Technology, a showpiece for academic engagement between North Korea and the Outer Earth, stands accused of teaching its elite students to work as hackers in Kim Jong-Un’s notorious cyberwarfare units.  North Korea is reportedly recruiting graduates from Pyongyang University of Science and Technology for cyber warfare. North Korean defector Jang Se-yul, who worked in the North’s electronic warfare command, and another defector Yi Chol claimed on Wednesday in a news conference...

House Subcommittee Chair calls for re-listing North Korea as a terror sponsor

Last month, I posted video of a hearing before the House Subcommittee on Terrorism, Non-proliferation and Trade, where Chairman Ted Poe of Texas and Ranking Member Brad Sherman of California grilled a hapless State Department official about North Korea’s sponsorship of terrorism, and why North Korea wasn’t listed. State’s performance at the hearing wasn’t just bad, but exceptionally so. Poe and Sherman were both visibly exasperated with State’s stonewalling, and seemed convinced that State was ignoring the law. Now, Poe has put his...

Arsenal of Terror, 2d Edition: N. Korea accused of hacking into Seoul subway control center

North Korea is suspected of hacking into a Seoul subway operator last year for at least five months, a ruling party lawmaker said Monday citing a report submitted by the country’s intelligence agency. After hacking into two operating servers of Seoul Metro, which runs Subway Lines 1 through 4, the hackers allegedly broke into more than 210 employee computers and infected 58 with malicious codes, Rep. Ha Tae-kyung of the ruling Saenuri Party said, quoting a report by the National...