Reuters and staff writer, with CNA

Cybersecurity firm Kaspersky Lab on Monday said it had obtained digital evidence that bolsters suspicions by some researchers that North Korea was involved in last year’s US$81 million cyberheist of the Bangladesh central bank’s account at the Federal Reserve Bank of New York.

The Bangladesh Bank heist was one in a string of financially motivated cyberattacks by a division of Lazarus dubbed Bluenoroff, a 58-page report released by Russian-based Kaspersky said.

Its targets included banks, financial and trading firms, casinos and digital currency businesses in at least 18 nations, including Taiwan, the report said.

Lazarus has also been linked to the 2014 attack on Sony’s Hollywood studio, which the US government blamed on North Korea.

The report said Lazarus hackers made a direct connection from an IP address in North Korea to a server in Europe that was used to control systems infected by the group.

Kaspersky researcher Vitaly Kamluk told Reuters by telephone that the finding marked “the first time we have seen a direct connection” between North Korea and Lazarus, a hacking group whose activities dating back to 2009 have been documented by the world’s biggest cybersecurity firms.

The North Korean government has denied allegations of hacking made by officials in Washington and South Korea, as well as security firms.

Kamluk said he could not conclusively say that Pyongyang was behind the attacks, because it was possible the hackers went to great effort to make it look like they were from North Korea, or that North Koreans were working with others.

Still, he said that Pyongyang’s involvement was the most likely explanation.

Banking and cybersecurity researchers have previously discovered that financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam have been subject to four similar cyberheists.

However, Kaspersky now believes that similar attacks have been directed at financial institutions in Taiwan, Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Thailand and Uruguay.

In response to the threat, Chien Hung-wei (簡宏偉), director of the Executive Yuan’s Department of Cyber Security, said that the government was prepared for online attacks and had the situation under control.

Chien said the Financial Supervisory Commission had relayed the threat to government agencies and financial institutions, and that the government was paying close attention to the situation.