Is North Korea Responsible For Cyber-Attacks On Banks?
A top cyber-security firm is investigating whether North Korea could be linked to attacks on banks in recent months.
Symantec said it had evidence that the same group attempted to steal money from a bank in the Philippines, one in Vietnam and Bangladesh’s central bank.
It also said the rare malware deployed was similar to that used in the hacking of Sony Pictures in 2014.
The US government said North Korea was behind the Sony hack.
If North Korea is found to be behind the bank attacks, it would be the first time a country has been detected stealing money in a cyber-attack, Symantec’s technical director Eric Chien told Reuters.
In February this year, hackers stole $81m (£55m) from the central bank of Bangladesh.
According to Symantec, it was the same group that attempted to steal $1m from the Tien Phong Bank in Vietnam and attacked a bank in the Philippines.
In addition, the code shares similarities with malware used by the group known as Lazarus which has been accused of various attacks on the US and South Korea, including the attacks against Sony Pictures Entertainment.
In a report form the BBC May 2015 it was reported that North Korean hackers are capable of attacks that could destroy critical infrastructure and even kill people, a high-profile defector warned.
Speaking exclusively to BBC Click, Prof Kim Heung-Kwang said the country had around 6,000 trained military hackers.
The warning follows last year’s Sony Pictures hack – an attack attributed to North Korea.
Korean technology expert Martyn Williams stressed the threat was only “theoretical”.
Prof Kim has called for international organisations to step in to prevent North Korea launching more severe attacks.
Are You Covered For CyberAttack ?
BLOOMFIELD, Conn.—A recent study from NTT Com Security, found that 49 percent of the U.S. companies surveyed currently do not have insurance specifically for cybersecurity attacks.
NTT Com Security surveyed 1,000 “non-IT business decision makers in organizations in the U.K., U.S., Germany, France, Sweden, Norway and Switzerland,” for the report.
“Faced with risks every day, it’s easy for organizations to look for quick-fix solutions rather than focusing on building a solid security and risk management strategy,” Garry Sidaway, SVP security strategy and alliances for NTT Com Security, said in a prepared statement.
“Rather than relying solely on an insurance policy to cover losses, businesses need a different game plan. Buy insurance by all means, but ensure that you can demonstrate that you have put controls in place to reduce your risks, and, what these controls cover. This way you know what is being insured,” he said.
While a majority of global organizations believe information security breach insurance is crucial, less than half—41 percent—are fully covered for both security breaches and data loss, and just over one-third have dedicated cybersecurity insurance, according to the company’s 2016 Risk:Value report.
U.S. businesses are the most likely to have this type of insurance, 51 percent, compared to 26 percent in the U.K.
“Security needs to be embedded into the culture of an organization, from top to bottom, championed by the CEO, designed and executed by the CISO and communicated effectively so that every employee takes responsibility for ensuring that good practices are followed,”