Malta has been listed as one of several victims of North Korean hacking attempts in a leaked UN security council report.
Last week, the confidential UN report seen by Reuters – researched by “independent experts” and presented to the U.N. Security Council North Korea sanctions committee – suggested that the blacklisted State had used “widespread and increasingly sophisticated” hacks to collect roughly $2 billion.
A new lengthier version of the report, seen by Associated Press, details how North Korea may have carried out at least 35 hacks in 17 countries – including Malta - and that US experts are investigating.
The report does not make clear exactly what North Korea hackers targeted but sources have told Times of Malta that it is likely to have been the Bank of Valletta cyber attack last February.
Sources said the Malta Security Services and the state IT agency MITA were working with a team from the US Federal Bureau of Investigation after suspicions that the hack could have been part of a string of similar attacks across the world.
The Sunday Times had quoted senior sources who singled out North Korea as the lead suspect.
Who else did North Korea attack?
Meanwhile, the UN says that South Korea bore the brunt of the efforts, having suffered 10 attacks.
The nation’s Bithumb cryptocurrency exchange is said to have been hacked at least four times.
India came next with three cyberattacks, while Bangladesh and Chile each had two attacks.
Thirteen countries suffered one attack each, listed in the report as: Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam.
North Korea is believed to have generated an estimated €2 billion for its weapons of mass destruction programmes using “widespread and increasingly sophisticated” cyber-attacks to steal from banks and cryptocurrency exchanges.
What happened at Bank of Valletta?
Back in Malta, sources told Times of Malta that a review of the BOV breach had already uncovered how hackers could have been attempting to infiltrate as far back as last October.
A source said similar “phishing” – a method used to break into a computer system via electronic communication – had first been detected locally some 10 months ago. This had the same digital fingerprint as the hacking group believed to have carried out the successful heist in February.
The hacking group is also believed to have targeted another Maltese bank, however, their attempts to infiltrate appear to have been unsuccessful.
The hackers were believed to have broken into the Autorité des Marchés Financiers which regulates the stock exchange in France.
They then sent out e-mails to Maltese and French entities posing as the authority using an innocent looking e-mail that included the authority’s official letterheads and a decoy document that, when clicked on, gave the hackers access to the bank’s systems.