Tuesday, May 22, 2018

"How North Korean hackers became the world’s greatest bank robbers"

From Global Post Investigations, May 16:
The Reconnaissance General Bureau, North Korea’s equivalent to the CIA, has trained up the world’s greatest bank-robbing crews. In just the past few years, RGB hackers have struck more than 100 banks and cryptocurrency exchanges around the world, pilfering more than $650 million. That we know of.

It was among the greatest heists against a United States bank in history and the thieves never even set foot on American soil.

Nor did they target some ordinary bank. They struck an account managed by the Federal Reserve Bank of New York, an institution renowned for its security.

In vaults 80 feet below the streets of Manhattan, the bank holds the world’s largest repository of gold. Many of these gold bars belong to foreign governments, which feel safer storing their gold inside well-defended bunkers in America than at home.

By the same token, overseas governments also store cash with the Fed. But this is cash in the 21st-century sense: all ones and zeroes, not smudgy bills. The bank holds vast foreign wealth on humming servers wired up to the internet.
That’s what the thieves went after in February 2016: nearly $1 billion, sitting in a Fed-run account. This particular account happened to belong to Bangladesh. Having already hacked into the servers of the Bangladesh Central Bank, the criminals waited until a Friday — a day off in many Muslim-majority nations, Bangladesh included.
Then they started draining the account.

Posing as Bangladesh Central Bank staff, the hackers sent a flurry of phony transfer requests to the Fed totaling nearly $1 billion. The Fed started zapping cash into accounts managed by the thieves overseas, most of them in the Philippines. Much of the money was quickly pulled out as cash or laundered through casinos.
From there, the trail goes cold.

The hackers didn’t get the full billion they desired. Most of the bogus requests were caught and canceled by suspicious personnel. But they did end up with an amazing score: $81 million.
The culprits of this heist are loyal to one of the most impressive organized crime syndicates in the world. They don’t work for the Triads, nor the Sinaloa Cartel, nor Sicily’s Cosa Nostra. They are agents of the Reconnaissance General Bureau (or RGB), which is headquartered in Pyongyang. This is North Korea’s equivalent to the CIA.

Like the CIA, North Korea’s RGB is steeped in clandestine overseas plots: assassinations, abductions and lots of spying. But it is perhaps better understood as a mash-up between the CIA, the KGB and the Yakuza.

What distinguishes the bureau is its entrepreneurial streak — one with a distinctly criminal bent.
For decades, North Korea has been beleaguered by Western sanctions and barred from global markets. This has prodded the regime to seek revenue in darker realms that are beyond the law. These black-market enterprises have included heroin production, printing bogus $100 bills and counterfeiting name-brand cigarettes.

But all of those rackets have now been totally eclipsed by hacking. The bureau has trained up the world’s greatest bank-robbing crews, a constellation of hacking units that pull massive online heists.
These thieves also have one distinct advantage over other syndicates: They are absolutely confident that they’ll never be charged. So it goes when your own country sponsors your criminal mischief.
This is a new phenomenon, according to US intelligence officials. “A nation state robbing banks … that’s a big deal. This is different,” says Richard Ledgett. He was, until his recent retirement, the deputy director of the National Security Agency.

In recent years, North Korea has launched hacks against more than 100 banks and online exchanges in a total of 30 countries. The RGB appears to have successfully pilfered $650 million. That we know of.

And yet they are chronically overlooked — at least in the American media, where talk of online subterfuge is dominated by Russian political hacks. If you weren’t aware that North Korea pulled a heist on the Federal Reserve, note that the caper went down in February 2016, when the media spotlight was fixed on the US presidential race at the expense of, well, almost everything else.
Now that gaze has swung toward North Korea — and for good reason.

Not so long ago, North Korea spoke of smiting the US with its “treasured nuclear sword of justice.” Now it offers grand gestures of warmth. Kim Jong-un has released American prisoners. He has giddily stepped into South Korea — if only for a moment — and he is now readying peace talks with President Donald Trump, a man who has threatened the young autocrat’s life via Twitter. (This could all change in an instant, of course. The North Korean leader suspended talks with South Korea on Wednesday over joint US-Korea military exercises and threatened to cancel his summit with Trump.)...