New North Korean Ransomware Threat to ‘Major Institutions’ Detected, Say South Korea, US

cryptonews.com:

South Korean and United States intelligence agencies have warned that Pyongyang-based hackers are trying to hit “major international institutions” with ransomware attacks. But experts say that “overlapping sanctions” could help Seoul and Washington thwart North Korean cyber thieves.

Per the South Korean media outlets SBS and New Daily, the Seoul-based National Intelligence Service (NIS) warned that North Korea was “trying to steal virtual assets” by “distributing ransomware to major institutions located all around the world.”

The NIS made its announcement in conjunction with the US National Security Agency (NSA) and the Federal Bureau of Investigation (FBI). The move marks the first time that US and South Korean intelligence agencies have issued a joint security advisory.

The NIS claims that North Korea-linked hacking organizations are now taking aim at the computer networks of “major institutions.” They claimed the North is targeting a variety of fields, including the health and medical care sectors.

The security agency claimed that hackers were making use of virtual private networks (VPNs). It also said the North was using “fake websites” and social media accounts.

Experts claimed that a coordinated response could help stop hackers in their tracks. Asia Kyungjae quoted Lim Jong-in, a professor at the Graduate School of Information Security at Korea University, as stating:

“If we use overlapping sanctions in cooperation with the United States, it will likely become more difficult for Pyongyang to launder the funds it hacks.”

Lim added that a new sanctions regime of this type would likely deter Chinese banks and other firms in the nation from cooperating with North Korea.

The professor said:

“[The threat of overlapping sanctions]