Facebook
X
LinkdIn
Copy Link
For a country that is notorious for its lack of connection to the outside world, North Korea is one of the world experts in cyber warfare.
Only this week, North Korean hackers managed to steal $1.5 billion from the cryptocurrency exchange Bybit, in what is the largest cryptocurrency hack on record. The fact that the stolen money is just over 5 percent of the country’s GDP does not mean the profits will be going to the North Korean people or economy though. After all, nuclear weapons and missiles hardly come cheap.
There has been a deluge of North Korean cyberattacks in the twenty-first century. The country even has its own state-run cyberwarfare agency, the elusive “Bureau 121,” which forms an integral part of the Reconnaissance General Bureau, the country’s central intelligence agency responsible for managing and orchestrating clandestine intelligence operations. Bureau 121 was established in the late 1990s, and is explicitly tasked with conducting cyber disruption, such as infiltrating computer networks. The bureau quickly became infamous for hiring the brightest and the best minds, not least from young North Koreans studying computing at universities.
One of the most notable North Korea groups responsible for carrying out cyberattacks has been the so-called Lazarus Group, also known (ironically) as “Guardians of Peace.” Supported by the North Korean government, it has been responsible for many North Korean cyberattacks in the last two decades. Who can forget how in 2014 the Seth Rogen film The Interview — where two American journalists meet Kim Jong-un in North Korea and eventually manage to assassinate him — was stymied by a successful attempt to hack into the computer systems of Sony Pictures. Confidential data was leaked, including personal details of Sony employees and future film scripts. The not-so-peaceful Guardians of Peace demanded that Sony withdraw the film from public distribution and even threatened terrorist attacks on cinemas that showed the movie. The film’s intended premiere date in New York was postponed.
As technology has evolved, so too have North Korea’s tactics. Pyongyang initially targeted South Korean government websites and came close to raiding the Bangladeshi Central Bank. It then launched ransomware cyberattacks — such as the WannaCry malware of May 2017 which affected Britain’s health service computers — and began targeting journalists and academics with phishing campaigns. As the world became obsessed with cryptocurrency and non-fungible tokens (NFTs) so too did North Korea. In March 2022, the Lazarus Group orchestrated a major heist, wherein it acquired $620 million in cryptocurrency from the NFT-based video game, Axie Infinity. Yesterday’s theft, of over double that amount, sets a concerning precedent.
Before the first Trump administration began in 2017, Barack Obama made clear to his successor how big a problem North Korea would be. Over seven years have passed since then, and the North Korean threat is now increasingly complex. For all the West’s efforts to sanction North Korea’s bad behavior, the hermit kingdom continues to find ways to evade them. One of the targets on the FBI’s wanted list is Park Jin Hyok, a member of the Lazarus Group who allegedly played a central role in the 2014 Sony Pictures and 2017 WannaCry ransomware attacks. Park may also have been the mastermind behind this week’s theft. But the FBI’s arrest warrant has just been ignored by North Korea. In Pyongyang’s view, Park simply does not exist.
Illicit cyber activities have funded at least half of North Korea’s weapons of mass destruction programs
Meanwhile, North Korea’s cyberwarfare campaign looks set to continue. It is a highly lucrative means of funding its nuclear and missile capabilities. As of January 2024, illicit cyber activities have funded at least half of North Korea’s weapons of mass destruction programs which, in addition to nukes, also includes biological and chemical weapons.
Pyongyang’s renewed rapprochement with Moscow could mean things get worse. The Moscow-Pyongyang relationship is not just restricted to the exchange of munitions and manpower in return for oil, food, cash, and advanced missile technology. The possibility of these two rogue states engaging in cyber cooperation cannot be ruled out. You only need to read the “comprehensive strategic partnership treaty” signed between the two countries in June last year to see why. It not only contained a mutual defense clause but saw both states pledge to strengthen cooperation in “information and communication technology security.”
It is therefore vital that the West takes the North Korean threat seriously. The West cannot be seen to be afraid of our enemies. We instead need to act reliably and robustly, while standing true to our values of democracy, freedom, and prosperity.
Leave a Reply