US authorities are reportedly preparing to bring charges against North Korea, who investigators believe, may have orchestrated the high-profile Bangladesh Bank cyberheist, which saw hackers make away with $81m. Charges are also expected to be brought against Chinese middlemen, who authorities believe, may have helped Pyongyang plan and execute the cyberheist.
According to unspecified sources familiar with the matter, the Department of Justice is reportedly in agreement with the assessment of some private cybersecurity firms, which have previously claimed that the bank hack was connected to a North Korea-linked hacker group called Lazarus, also believed to be responsible for the 2014 Sony hack, The Wall Street Journal reported.
NSA deputy director Richard Ledgett, speaking at an Aspen Institute roundtable in Washington on Tuesday (21 March), said: "If that linkage is true, that means a nation-state is robbing banks. That is a big deal; it's different."
When asked if he thought nation-state actors were now robbing banks, Ledgett responded: "I do," Foreign Policy reported.
US Treasury authorities are also mulling imposing sanctions against alleged Chinese middlemen, according to sources. The sanctions appear to be the preferred punitive measures when the government believes that the suspected lawbreakers are unlikely to land in US custody.
The US attorney's office as well as the FBI's field offices in New York and Los Angeles have been investigating the cybertheft. However, the FBI's LA field office has taken a lead role in the investigations, according to sources familiar with the matter. The shift in the lead role reportedly occurred after investigators uncovered links between the Sony hack and the Bangladesh bank hack. The code used to carry out both the cyberattacks reportedly reveals that the two attacks may be linked.
"The whole security community has said that the attack tools and techniques used in Sony are the same ones used in Bangladesh," said Eric Chien, an engineer with Symantec.
However, some federal officials believe that there is not much evidence to conclusively prove Pyongyang's involvement in the cyberheist. Instead, a minority of officials believe that the Bangladesh Bank hackers may have borrowed, tweaked and recycled the malware used by the Sony hackers. This theory suggests that the Bangladesh Bank hackers may not necessarily be linked to North Korea, according to sources.
Reports of US authorities considering charges against North Korea follow the US government's recent indictment of four men, including two alleged Russian spies over their involvement in perpetrating the 2014 Yahoo hack.
Meanwhile North Korea continues to face pressure from the international community over its activities related to recent missile launches. Experts believe that North Korea hackers' attacks against banks and financial institutions may be a way by which the country could gain access to foreign currency.