A British cybersecurity firm believes that North Korean hackers are responsible for a recent cyberheist in Taiwan, which targeted the global SWIFT messaging system.
“The likely culprit is [North Korean hacking group] Lazarus,” Adrian Nish, cyber-intelligence chief at BAE Systems, told Reuters.
BAE, along with Russia’s Kaspersky Lab and California-based Symantec Corp., has already linked Lazarus to last year’s $81 million cyberheist at Bangladesh’s central bank. Earlier this year, it was reported that U.S. federal prosecutors were “building cases” against North Korea for the cyberattack, which has also been linked, in part, to the 2014 Sony Pictures hack.
News of this latest attack is proof that North Korea is working to generate cash through hacking – and Nish expects the group to continue to target banks.
“They are not just going to go away. They’ve built the tools. They are going to keep going back,” he said.
There is some good news, though: After the Bangladesh heist prompted SWIFT and banks to boost security controls, it does appear that Lazarus has had difficulty getting into the system.
In fact, while hackers tried to steal some $60 million from Far Eastern Bank, all but $500,000 had been recovered by the bank. And BAE previously reported that the group tried to steal money from banks in Mexico and Poland, but it doesn’t appear they were successful.
In addition, a security executive with SWIFT, a Belgium-based co-operative owned by banks, revealed that hackers have continued to target the message system this year, with many attempts stopped by the new security controls.