North Korea likely behind Taiwan SWIFT cyber heist -BAE (updated)

Far Eastern International Bank

16/10/2017 22:43

(Adds link to BAE report in second-to-last paragraph) 
    By Jim Finkle 
    TORONTO, Oct 16 (Reuters) - Cyber-security firm BAE Systems 
Plc  BAES.L  said on Monday it believes the North Korean Lazarus 
hacking group is likely responsible for a recent cyber heist in 
Taiwan, the latest in a string of hacks targeting the global 
SWIFT messaging system.  
    "The likely culprit is Lazarus," BAE cyber-intelligence 
chief Adrian Nish told Reuters by telephone. 
    The British firm has previously linked Lazarus to last 
year's $81 million cyber heist at Bangladesh's central bank, as 
have other cyber firms including Russia's Kaspersky Lab and 
California-based Symantec Corp  SYMC.O . 
    BAE's claim that Lazarus is likely responsible for the hack 
on Taiwan's Far Eastern International Bank  2845.TW  
demonstrates that North Korea continues to seek to generate cash 
through hacking. 
    Nish said he expects the group to continue to target banks.  
    "They are not just going to go away. They've built the 
tools. They are going to keep going back," he said. 
    Still, he noted that the group appears to have had 
difficulty in pulling funds out of the banking system, after the 
massive Bangladesh heist, which prompted SWIFT and banks to 
boost security controls. 
    Taiwan's Central News Agency reported last week that while 
hackers sought to steal some $60 million from Far Eastern Bank, 
all but $500,000 had been recovered by the bank.  
    BAE previously disclosed that Lazarus attempted to steal 
money from banks in Mexico and Poland, though there is no 
evidence the effort succeeded. 
    A security executive with SWIFT, a Belgium-based 
co-operative owned by banks, last week told Reuters that hackers 
have continued to target the message system this year, though 
many attempts have been thwarted by the new security controls. 
 urn:newsml:reuters.com:*:nL2N1MO0O6 
    SWIFT declined comment on the findings, which BAE detailed 
in a report on its website: http://bit.ly/2kUS4nu. 
  
    The report provides technical details on malware samples 
that BAE believes were likely used to target the Taiwan bank. 
 
    <^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
North Korea revealed:    https://www.reuters.com/north-korea/ 
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^> 
 (Reporting by Jim Finkle in Toronto; Editing by James 
Dalgleish) 
 ((jim.finkle@thomsonreuters.com; +1 416 687-7362; Reuters 
Messaging: jim.finkle.thomsonreuters.com@reuters.us)) 
 
Keywords: CYBER HEIST/NORTHKOREA TAIWAN