North Korea is advancing on the front lines of cyberwarfare, analysts said, stealing billions of dollars, and presenting a clearer and more present danger than its banned weapons programs.
Pyongyang is under multiple international sanctions over its atomic bomb and ballistic missile programs, which have seen rapid progress under North Korean leader Kim Jong-un.
However, while the world’s diplomatic focus has been on its nuclear ambitions, Pyongyang has been quietly and steadily building up its cybercapabilities.
Photo: AFP
Analysts say that its army of thousands of well-trained hackers are proving to be just as dangerous.
“North Korea’s nuclear and military programs are long-term threats, but its cyberthreats are immediate, realistic threats,” said Oh Il-seok, a researcher at the Institute for National Security Strategy in Seoul.
Pyongyang’s cyberwarfare abilities first came to global prominence in 2014 when it was accused of hacking into Sony Pictures Entertainment as revenge for The Interview, a satirical film that mocked Kim.
The attack resulted in the posting of several unreleased movies online, as well as a vast trove of confidential documents.
Since then the North has been blamed for a number of high-profile cyberattacks, including an US$81 million heist from the Bangladesh central bank, as well as the 2017 WannaCry global ransomware attack, which infected about 300,000 computers in 150 nations.
Pyongyang has denied any involvement, describing US allegations over WannaCry as “absurd.”
“We have nothing to do with cyberattacks,” a spokesman for the North Korean Ministry of Foreign Affairs said.
However, the US Department of Justice in February indicted three North Koreans on charges of “participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks.”
In its Annual Threat Assessment Report, Washington acknowledged that Pyongyang “probably possesses the expertise to cause temporary, limited disruptions of some critical infrastructure networks” across the US.
The North’s cyberprogram “poses a growing espionage, theft and attack threat,” the document from the Office of the US Director of National Intelligence said.
It accused Pyongyang of stealing hundreds of millions of dollars from financial institutions and cryptocurrency exchanges, “probably to fund government priorities, such as its nuclear and missile programs.”
North Korea’s cyberprogram dates to at least the middle of the 1990s, when then-North Korean leader Kim Jong-il reportedly said that “all wars in future years will be computer wars.”
Today Pyongyang’s 6,000-strong cyberwarfare unit, known as Bureau 121, operates from several countries, including Belarus, China, India, Malaysia and Russia, a US military report published in July last year said.
Scott Jarkoff of cybersecurity firm CrowdStrike rates Bureau 121 highly.
“They are extremely sophisticated, dedicated, and capable of conducting advanced attacks,” Jarkoff said.
Bureau 121 recruits are trained in coding languages and operating systems at special establishments such as Mirim University, said former student Jang Se-yul, who defected in 2007.
Now known as the University of Automation, it takes in only 100 students a year from among the North’s highest-scoring schoolchildren.
“We were taught that we had to be prepared against America’s cyberwarfare capabilities,” Jang told reporters. “Ultimately, we were taught that we had to develop our own hacking programs, since attacking the enemy’s operating system is the best defense.”
Cyberwarfare is particularly appealing for small, poor countries like the North that are “outgunned in terms of equipment such as planes, tanks and other modern weapons systems,” Stimson Center researcher Martyn Williams said. “Hacking just requires a computer and Internet connection.”
Most state-sponsored hacking groups are mainly used for espionage purposes, but experts say that North Korea is unusual in also deploying its cybercapabilities for financial gain.
Pyongyang has blockaded itself to protect against the COVID-19 pandemic, adding to the pressure on its economy, and has for years sought to earn foreign currency by multiple means.
“Stealing it is a lot faster and potentially more lucrative than doing business, especially if you have skilled hackers,” Williams said.
The February US indictment accused the three North Koreans of stealing more than US$1.3 billion of money and cryptocurrency from financial institutions and companies.
When it was issued, US Assistant Attorney General John Demers called North Korea’s operatives “the world’s leading bank robbers,” adding that they were “using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash.”
The rise of cryptocurrencies such as bitcoin have presented hackers globally with a whole new range of increasingly lucrative targets.
In addition, their decentralized networks were a particular bonus for the North, offering a way to circumvent financial sanctions, Jarkoff said.
“This allows North Korea to easily launder money back into the country, outside the control of the global banking system,” he said. “Cryptocurrency is attractive because it is uncontrolled, borderless and relatively anonymous.”
POLITICAL PRISONERS VS DEPORTEES: Venezuela’s prosecutor’s office slammed the call by El Salvador’s leader, accusing him of crimes against humanity Salvadoran President Nayib Bukele on Sunday proposed carrying out a prisoner swap with Venezuela, suggesting he would exchange Venezuelan deportees from the US his government has kept imprisoned for what he called “political prisoners” in Venezuela. In a post on X, directed at Venezuelan President Nicolas Maduro, Bukele listed off a number of family members of high-level opposition figures in Venezuela, journalists and activists detained during the South American government’s electoral crackdown last year. “The only reason they are imprisoned is for having opposed you and your electoral fraud,” he wrote to Maduro. “However, I want to propose a humanitarian agreement that
ECONOMIC WORRIES: The ruling PAP faces voters amid concerns that the city-state faces the possibility of a recession and job losses amid Washington’s tariffs Singapore yesterday finalized contestants for its general election on Saturday next week, with the ruling People’s Action Party (PAP) fielding 32 new candidates in the biggest refresh of the party that has ruled the city-state since independence in 1965. The move follows a pledge by Singaporean Prime Minister Lawrence Wong (黃循財), who took office last year and assumed the PAP leadership, to “bring in new blood, new ideas and new energy” to steer the country of 6 million people. His latest shake-up beats that of predecessors Lee Hsien Loong (李顯龍) and Goh Chok Tong (吳作棟), who replaced 24 and 11 politicians respectively
Young women standing idly around a park in Tokyo’s west suggest that a giant statue of Godzilla is not the only attraction for a record number of foreign tourists. Their faces lit by the cold glow of their phones, the women lining Okubo Park are evidence that sex tourism has developed as a dark flipside to the bustling Kabukicho nightlife district. Increasing numbers of foreign men are flocking to the area after seeing videos on social media. One of the women said that the area near Kabukicho, where Godzilla rumbles and belches smoke atop a cinema, has become a “real
‘WATER WARFARE’: A Pakistani official called India’s suspension of a 65-year-old treaty on the sharing of waters from the Indus River ‘a cowardly, illegal move’ Pakistan yesterday canceled visas for Indian nationals, closed its airspace for all Indian-owned or operated airlines, and suspended all trade with India, including to and from any third country. The retaliatory measures follow India’s decision to suspend visas for Pakistani nationals in the aftermath of a deadly attack by shooters in Kashmir that killed 26 people, mostly tourists. The rare attack on civilians shocked and outraged India and prompted calls for action against their country’s archenemy, Pakistan. New Delhi did not publicly produce evidence connecting the attack to its neighbor, but said it had “cross-border” links to Pakistan. Pakistan denied any connection to
RSS