Nigeria has been listed among 18 countries where North Korean hackers have allegedly been attacking banks to get funds for sponsoring its nuclear programme.
Cyber security firm, Kaspersky, which disclosed this in its latest report, said this could be regarded as the biggest bank compromise in history.
The finding comes after more than a year-long investigation into the activity of Lazarus, a hacking group allegedly responsible for the theft of $81 million from the Central Bank of Bangladesh last year.
The suggestion that North Korea could have been behind the attack, or at least involved, has added to concerns that the Hermit Kingdom is becoming more bold in its cyber attacks against global financial institutions.
The massive amounts of stolen money North Korea pilfers is likely being spent on advancing its development of nuclear weapons, two international security experts told CNN.
“This is all for their nuclear weapons and missile programmes. They need this money for building and researching more ballistic missiles,” said Anthony Ruggiero, a senior fellow for Foundation for Defence of Democracies who specialises in North Korea.
The US has long been suspicious of the ties the Moscow-based company has to Russia but on the surface, Kaspersky Lab is one of the world’s leading cyber security and antivirus firms.
The company’s report, which it presented this week at a cyber security conference in the Caribbean, claims it found evidence of the same hacking operation launching attacks on financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay. When Sony got hacked in 2014 as it was preparing to release a Hollywood comedy satirising North Korea’s leader, the resulting FBI investigation pointed finger at North Korea with clues reportedly leading to the Lazarus hackers.
As at October last year, Nigerian banks lost over N8 billion to electronic fraud within two years, even as there were fears that the figure could climb to N33 billion by end of 2016.
Data provided by the Nigeria Electronic Fraud Forum (NeFF) show that there was a spike in phishing attacks, email scams and spam messages targeting corporate bodies, individuals, financial institutions and banks’ customers across the country.
According to the statistics, these cyber attacks have ballooned by 635 per cent from 1,461 in 2014 to 10,743 in 2015.
A year earlier, the networks of three South Korean banks and its two largest broadcasters were hacked and blame was also placed on the country’s neighbour to the North.
According to security experts, North Korea has focused its known cyber crimes almost entirely on financial institutions in recent years.