North Korean hackers are tapping into banks around the globe to make fraudulent money transfers and cause ATMs to spit out cash, the U.S. government warned on Wednesday.
A technical cybersecurity alert jointly written by four different federal agencies, including the Treasury Department and FBI, said there had been a resurgence in financially motivated hacking efforts by the North Korean regime this year after a lull in activity.
Since February 2020, North Korea has resumed targeting banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs,” the warning reads.
U.S. law enforcement titled the hacking campaign “Fast Cash” and blamed North Korea’s Reconnaissance General Bureau, a spy agency, for it. They described the operation as going on since at least 2016 but ramping up in sophistication and volume recently.
Over the last several years, North Korea has been blamed by U.S. authorities and private sector cybersecurity companies for hacking numerous banks in Asia, South America and Africa.
“North Korean cyber actors have demonstrated an imaginative knack for adjusting their tactics to exploit the financial sector as well as any other sector through illicit cyber operations,” Bryan Ware, a senior cybersecurity official at the U.S. Homeland Security Department, said in a prepared statement.
Cybersecurity experts and foreign policy analysts have said these types of hacking operations are conducted to help fund the North Korean government, which is cash-strapped due to expansive sanctions continuously placed on it by the U.S. and other western countries.
“The continued attacks are proof of the reliance the regime has on these funds, along with being a testament to their technical ability and determination,” said Vikram Thakur, a technical director for U.S. cybersecurity firm Symantec.