Three North Korean Hackers Indicted in US Federal Court
The United States Justice Department has lodged charges in federal court against three North Korean nationals in a massive nation-state cybercrime operation. The North Korean hackers are suspected of being part of the origination team for the legendary WannaCry ransomware as well as actors in an extensive array of cybercrimes including cryptocurrency scams and cyberattacks that impacted scores of organizations including Sony Pictures, Britain’s Nation Health Service (NHS), and banks on three continents.
Don’t let ransomware take your business hostage!
Officials allege that starting in 2014, the suspects worked as nation-state hackers and began their cybercrime operations as part of a North Korean response to the release of a Sony Pictures film disparaging that country’s leader. Those operations included:
- Creating and distributing several strains of malware including three variations of WannaCry ransomware its associated arts including WannaCrypt, Wana Decrypt0r 2.0, WanaCrypt0r 2.0 and Wanna Decryptor.
- WannaCry and its variants are estimated to have infected about 200,000 computers across 150 countries that used Windows XP and Windows 7.
- Organizations impacted by that malware include NHS, FedEx, Boeing, Honda, Nissan and hundreds more.
- WannaCry ransomware was also used in attacks against world governments including targets in India, Russia, Ukraine and Taiwan.
- The gang demanded payment in cryptocurrency and is estimated to have taken in $130,634.77 (51.62396539 XBT) in just its first round of attack in 2017.
- Officials allege that this group is behind repeated spear-phishing campaigns from 2016 through early 2020 that targeted employees of the US Defense Department, the State Department, and workers at U.S.-cleared defense contractors, energy firms, aerospace companies and tech firms.
- The suspects have also been charged in other schemes including electronic bank heists, money laundering, cryptocurrency scams and more hacking-related offenses.
Learn the Secret of How Cybercriminals Trick You Into Falling for Phishing Messages!
Ransomware has been a constant menace to cybersecurity professionals as it has evolved and grown. Worldwide, ransomware attacks grew by nearly 150 percent in 2020, including more than 40 percent in Q3 2020 alone. It’s not a problem that is going away anytime soon either. It’s just too profitable. Ransomware-related cybercrime costs expected to exceed $20 billion this year according to research by Cybersecurity Ventures, with a new ransomware attack launched every 11 seconds.
It’s also the preferred weapon of nation-state cybercriminals. More than 40 percent of nation-state cyberattacks consist of a phishing email that’s laced with ransomware. Attacks by nation-state actors aren’t just a government problem. Over 90% of security alerts released by Microsoft about nation-state cyberattacks in 2020 warned of danger against non-governmental or infrastructure targets. Businesses and organizations in diverse industries are in their sights, with technology companies leading the pack as the targets of 60 percent of nation-state cyberattacks.
Protecting your systems and data from ransomware starts with protecting your company from phishing with BullPhish ID and Graphus. This power pair of solutions is exactly what you need to get the job done.
Security awareness training can stop up to 70 percent of cyberattacks from impacting your business.
The newly updated and upgraded BullPhish ID is the ideal solution for improved security awareness training for organizations of any size. Our fresh release includes over 80 plug-and-play complete phishing campaign kits and training videos in 8 languages with content that covers today’s social engineering and spear phishing challenges as well as traditional phishing. New features include user-friendly training portals that make everyone’s experience better, expanded personalization options for campaign materials and new reporting features that help trainers and businesses measure the effectiveness of their training efforts.
Over 40 percent of the phishing emails sent in a 2020 test weren’t caught by traditional email security.
Graphus is the second part of this winning combination, featuring automated phishing protection that puts three layers of AI-powered security between phishing email and your employees. Graphus provides strong protection immediately. Plus, Graphus is smart, so it keeps to learning your company’s communication patterns as your business evolves to provide constant protection that’s tailored to your business. It also doesn’t need fussy updates or have to wait for traditional threat intelligence to start protecting you from new threats unlike a Secure Email Gateway (SEG).
Don’t let cyberattacks put the brakes on your business. Stay agile and keep your engine running under any conditions. Start your journey on The Road to Cyber Resilience now! DOWNLOAD THIS PACKAGE>>