As South Africans, we tend to view North Korea as a problem that affects other countries.

Don’t get me wrong, the constant missile launches are concerning, and the fact that Kim Jong Un may have executed the team that handled that failed Trump summit is horrifying, but it doesn’t necessarily impact us directly.

Turns out that line of thinking was a tad naive.

According to Business Insider, South Africa was among a number of countries that fell victim to cybercriminals working for North Korea to raise money for nuclear weapons testing.

South Africa suffered one such attack, according to new detail emerging this week, alongside 16 other countries including Nigeria, Gambia, Liberia, Costa Rica and Malaysia – while 10 attacks were supposedly launched on South Korea.

According to a confidential report prepared for the United Nations the attacks sought to set up fake interbank transfers by hijacking bank computers and infrastructure, and to steal cryptocurrency tokens through direct attacks on users as well as crypto exchanges.

Earlier in August Reuters saw a summary of the report, which said that some $2 billion, the equivalent of around R30 billion, was lost to a wave of North Korean cyber crimes.

The attacks are being described as “widespread and increasingly sophisticated”. Even more worrying is that North Korea’s hackers didn’t even feel the need to hide their identities.

In one instance – in a country that was not named – suspected North Korean hackers compromised a bank’s ATM infrastructure to such an extent that agents spread across more than 20 countries could make 10,000 cash withdrawals.

In South Korea cryptocurrency exchanges were particular targets, while North Korea apparently also hijacked infrastructure in order to mine cryptocurrency for its own account.

It is not yet clear what the attack vector was in South Africa, or whether the detected attack succeeded.

That said, at least one (unnamed) bank in Africa managed to fend off the attack.

Here’s a little more info via BusinessTech:

No details of the attack on South Africa are provided, but the report stated that there were three main methods North Korea used to raise cash:

• Attacks on the SWIFT system, which is typically used for cross-border money transfers between banks.
• Attacks on cryptocurrency exchanges and individual holders, where tokens were stolen.
• Mining of cryptocurrency.

Scary stuff.

I don’t know what’s worse – the brazen cyber attack, or the fact that they’re acquiring funds to test more nuclear weapons.

[sources:businessinsider&businesstech]