Skip to content
Salus Cyber

Salus News July 25th 2022

By Sam Mansfield,
25 July 2022

$10 Million Bounty on DPRK Hackers

On Tuesday, the 26th of July 2022, the U.S. State Department announced bounty rewards of up to $10 million for any information disclosure that could help disrupt North Korea’s cryptocurrency theft, cyber-espionage, and other state-backed activities. North Korean state-backed cybercrime organisations are currently believed to make up a large proportion of all the capital entering the pariah state. This income is thought to be directly responsible for funding the DPRK’s nuclear weapons program. In the past, North Korea has been identified as responsible for high-profile cyber incidents such as the WannaCry malware attack in 2017 and the Bangladesh Bank cyber heist in 2016.

This development comes a week after the Justice Department disclosed the seizure of $500,000 USD worth of BitCoin caused by North Korean state-backed hackers using the new Maui ransomware.

The North Korean cyber threat has been a forefront issue for the Cybersecurity & Infrastructure Security Agency (CISA) for several years. Back in 2020, CISA released a security advisory in partnership with the U.S. Department of State, the Treasury, Homeland Security, and the FBI. The advisory was addressed to the international community and the public, and it highlighted the cyber threat posed by the DPRK. Elements highlighted in the advisory consisted of cyber-enabled financial theft, money laundering, extortion campaigns and cryptojacking. The document also attributed the DPRK to the Bangladesh Bank Heist, WannaCry 2.0, the FastCash Campaign, and the Digital Currency Exchange hack.

The announcement was made on Twitter, encouraging potential whistleblowers to use the State Department’s TOR-based tip line to safely provide information.

If you have information on any individuals associated with the North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward.

The initiative offers informants potential safe-haven relocation or monetary recompense via cryptocurrency. However, while the tips program offers relocation, it is unlikely that informants currently living in North Korea would be able to take advantage of it without fleeing past the border to South Korea first.

The Rewards for Justice tips line was made available via TOR at he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion. Tips can also be submitted via Signal, Line, Telegram, Viber, and WhatsApp.

References

DPRK Cyber Threat Advisory (cisa.gov)
U.S. Offers $10 Million Reward for Information on North Korean Hackers (thehackernews.com)

IBM Data Breach Report 2022

On Wednesday, the 27th of July, IBM released the annual Cost of a Data Breach Report, highlighting a continuous increase in the impact and costs of data breaches compared to previous years.

The global average recorded in the study reached a staggering $4.35 million (£3.57 million as of 29/07/2022) per data breach incident, an observed thirteen percent increase over the last two years. The average is pulled up considerably by big-ticket data breach events; for example, this week alone, T-Mobile reached a settlement payout of $350 million for its data-breach class action suit.

IBM’s research suggests that this recorded increase in cyber incidents had a non-insignificant contribution to the rise in costs of goods and services throughout 2022. Sixty percent of surveyed organisations raised their product or service prices in response to a breach.

The report also gave insight into the wide spread of data breaches. Eighty-three percent of organisations analysed in the report have experienced more than one data breach over the company’s lifetime.

The share of organisations that deployed zero trust strategies grew from thirty five percent in 2021 to forty-one percent in 2022. However, approximately eighty percent of critical infrastructure organisations studied in the report did not adopt zero trust strategies. Organisations implementing zero trust strategies had significantly reduced the average cost of breach occurrences, $4.23 million compared with $5.4 million.

Organisations included in the report that deployed security AI and automation incurred $3.05 million less on average in breach costs compared to studied organisations that have not deployed the technology. Security AI and automation were identified as the biggest cost saver observed in the study. Additionally, it was found that companies implementing Extended Detection and Response (XDR) shortened the time required to identify and contain the data breach by one month.

Ransomware victims that decided to pay the ransom saw the average damage caused by a breach reduced from $4.35 million to $3.74 million; however, this does not include the cost of the ransom itself. This relatively small reduction in the cost of damages (fourteen percent) indicates that even when victims pay the ransoms, they rarely receive their data back in full.

References

Cost of a Data Breach Report 2022 | IBM
Cost of a Data Breach Report 2021 (ibm.com)
IBM Data Breach Report highlights ‘costlier and higher-impact data breaches than ever before’ (continuitycentral.com)