Analysts believe North Korea is making progress on the front lines of cyberwarfare, stealing Cryptocurrency worth billions of dollars and posing a clearer and more immediate threat than its prohibited weapons programs.
Pyongyang is under international sanctions for developing nuclear weapons and ballistic missiles, but analysts say the North has also strengthened its cyber skills, with an army of thousands of well-trained hackers extracting funds to fund the state’s weapons projects.
According to a recent report, North Korean hackers stole about $400 million in cryptocurrencies in 2021, making it one of the most rewarding years to date for cybercriminals in the brutally restricted country.
Cybercriminals
According to an analysis from Chainalysis, a cryptocurrency tracking service, hackers attempted at least seven distinct attacks last year, largely targeting financial firms and centralized exchanges with a variety of tactics including phishing, malware, and social engineering. The cybercriminals worked to acquire access to organizations’ “hot” wallets—digital wallets that are connected to the internet—and then transfer payments to North Korean accounts.
The crimes are the most recent evidence that the heavily sanctioned regime continues to rely on a community of cybercriminals to help fund domestic activities. Recently, a confidential United Nations assessment accused North Korea’s dictatorship of undertaking “operations against financial institutions and virtual currency exchange houses” to pay for weapons and keep the North Korean economy running.
According to a 2020 US military study, North Korea’s cyber-program dates back to at least the mid-1990s, but it has since developed into a 6,000-strong cyberwarfare organization known as Bureau 121 that operates from numerous countries, including Belarus, China, India, Malaysia, and Russia.
Cryptocurrency
Chainalysis further says that after this money was obtained, a “laundering cover up and cash out” scheme was initiated. Between 2020 and 2021, the number of North Korean-linked hacks jumped from four to seven, with the value taken from these attacks increasing by 40%.
The US Justice Department charged three North Koreans in February with plotting to steal more than $1.3 billion from banks and businesses worldwide and staging bitcoin digital thefts.
The rising value of cryptocurrency has aided North Korean hacking operations. The surge in cryptocurrency pricing and usage has made digital assets more appealing to malevolent actors in general, contributing to more sensational crypto heists in 2021.
Hacking Groups
Based on Chainalysis reporting, the Lazarus Group, a hacker organization with ties to North Korea that has previously been linked to the Sony Pictures hack and the “WannaCry” ransomware attacks, among other occurrences, was responsible for the majority of last year’s crimes. US sanctions have been imposed on the group.
Other than sanctions and defensive cybersecurity measures, the United States and other nations can do nothing to stop North Korean crypto hacking activities because criminals face no real likelihood of extradition.
North Korea’s foreign ministry spokesman denied the US claim that Pyongyang was behind the hacking.