N. Korea grows as a cyber power
Hackers stealing millions, could unleash havoc
When North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them. They were digitally looting an account of the Bangladesh Central Bank when bankers grew suspicious about a withdrawal request that had misspelled “foundation” as “fandation.”
Even so, Kim Jong Un’s minions got away with $81 million in that heist.
Their track record is mixed, but North Korea’s army of more than 6,000 hackers is undeniably persistent, and undeniably improving, according to U.S. and British security officials who have traced these attacks and others back to the North.
Amid all the attention on Pyongyang’s progress in developing a nuclear weapon capable of striking the continental United States, the North Koreans have also quietly developed a cyberprogram that is stealing hundreds of millions of dollars and proving capable of unleashing global havoc.
Unlike its weapons tests, which have led to international sanctions, the North’s cyberstrikes have faced almost no pushback or punishment, even as the regime is using its hacking capabilities for actual attacks against its adversaries in the West.
And just as Western analysts once scoffed at the potential of the North’s nuclear program, so did experts dismiss its cyber potential — only to now ac-
knowledge that hacking is an almost perfect weapon for a Pyongyang that is isolated and has little to lose.
The country’s primitive infrastructure is far less vulnerable to cyber retaliation, and North Korean hackers operate outside the country, anyway. Sanctions offer no useful response, since a raft of sanctions are imposed. And Kim’s advisers are betting that no one will respond to a cyberattack with a military attack, for fear of a catastrophic escalation between North and South Korea.
It is hardly a one-way conflict: By some measures, the U.S. and North Korea have been engaged in an active cyber conflict for years.
Both the U.S. and South Korea also have placed digital “implants” in the Reconnaissance General Bureau, the North Korean equivalent of the CIA, according to documents Edward Snowden released several years ago. U.S.-created cyber and electronic warfare weapons were deployed to disable North Korean missiles, an attack that was, at best, only partially successful.
Indeed, both sides see cyber as the way to gain tactical advantage in their nuclear and missile standoff.
Once North Korea counterfeited crude $100 bills to try to generate hard cash. Now intelligence officials estimate that North Korea reaps hundreds of millions a dollars a year from ransomware, digital bank heists, online video game cracking and, more recently, hacks of South Korean Bitcoin exchanges.
When Kim Jong Un succeeded his father, in 2011, he expanded the cyber mission beyond serving as just a weapon of war, focusing also on theft, harassment and political-score settling.
“Cyberwarfare, along with nuclear weapons and missiles, is an ‘all-purpose sword’ that guarantees our military’s capability to strike relentlessly,” Kim reportedly declared, according to the testimony of a South Korean intelligence chief.
And the array of U.N. sanctions against Pyongyang only incentivized Kim’s embrace.
“We’re already sanctioning anything and everything we can,” said Robert Silvers, former assistant secretary for cyberpolicy at the Department of Homeland Security during the Obama administration. “They’re already the most isolated nation in the world.”