The Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM) have identified malicious malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme. The government is calling these actors BeagleBoyz. This group has attempted to steal nearly $2 billion since 2015 and have at times rendered computer systems and financial institutions inoperable. This is a very sophisticated attack, and the hackers are often able to avoid detection while accessing encrypted data.
If your company has any sort of retail payment system, there are several things you can do including requiring chip and PIN verification, as well as multi-factor authentication. All businesses should continue to use good cyber practices, including keeping operating system patches up to date and scanning for malicious email attachments. For a thorough explanation of this threat and steps you can take, visit the CISA’s website. As always, for individual help with your policies to prevent and respond to a cyber attack, feel free to contact us.