North Korea’s hacker army in growing in strength that has allows cybercriminals to earn billions of dollars for the good of the country, using various criminal schemes, from hacking ATMs to stealing cryptocurrencies. About this reported The New Yorker.
North Korea is the only country in the world whose government carries out blatantly criminal break-ins in order to obtain monetary gain. Groups of the military intelligence unit of the Intelligence Directorate of the General Staff of the DPRK have been created and trained especially for these purposes.In 2019, a UN group of experts published a report, according to which North Korea made $2 billion from cybercrime. According to the UN, many of the funds stolen by North Korean hackers go to the development of the Korean People’s Army’s weapons program, including the development of nuclear missiles.
Cybercrime is also a cheap and effective way to get around the tough sanctions that have long been imposed on the country. According to John C. Demers, Assistant Attorney General for the Department of Homeland Security of the US Department of Justice, North Korea “using a keyboard, not a weapon” and “has become a criminal syndicate with a flag.”
Priscilla Moriuchi, a researcher at the Belfer Center for Science and International Relations at Harvard University, noted that while North Korean hackers are technically advanced, their more important feature are criminal skills.
In the case of the theft of more than $100 million from the Central Bank of Bangladesh, the robbers waited seventeen months after reconnaissance before committing the robbery.
The scale and creativity of North Korea’s digital crime has taken many by surprise. Pyongyang cybercriminals have been able to hack computer networks around the world and have demonstrated true innovation in the use of new technologies. In most countries, hackers develop their skills by experimenting on home computers during their teens.
But North Korea’s hackers grow up in a special environment, with few families having computers and the state controlling access to the Internet. The most promising students are encouraged to use computers in schools. Those who do well in mathematics are transferred to specialized secondary schools.
Much of the cybercriminal activity is carried out by the Intelligence Directorate of the General Staff of the KPA, in which the so-called Unit 180 is responsible for “conducting cyber operations to steal foreign money from outside North Korea.” The Lazarus Group is the most well-known division of North Korean financially motivated hackers.
The most frequent target of the North Korean cyber army is South Korea, which has been hit by hundreds of major attacks.
Over the past two years, the tactics of North Korean cybercriminals have become more cautious. In addition to attacks on large financial institutions, the hackers have developed a faster and less flamboyant “operating pace.” They managed to systematize financial fraud, attacks on small financial institutions and ordinary citizens. Now they look more like a regular criminal gang.
The most reliable source of income for North Korea has become cryptocurrency theft. A specialist from Chainalysis Jesse Spiro said North Korean hackers have stolen more than $1.75 billion worth of cryptocurrencies from trading exchanges. This revenue stream alone could cover about 10% of North Korea’s total defence budget.
And we just recently wrote that North Korean hackers attack IS specialists again.
