North Korea hackers ‘WannaCry’ for money
Cyberattacks have shifted, intensified
North Korea has trained thousands of hackers to pose a weaponized cyber threat to its neighbors and the world, but lately it’s been using them to make money.
The White House on Monday said North Korea was behind a malware attack last May named “WannaCry.” The attack encrypted and rendered useless hundreds of thousands of computers in more than 150 countries and sought ransom to unlock the machines.
Analyst James Lewis of the Center for Strategic and International Studies said WannaCry is an example of how North Korea’s cyber capabilities have morphed under leader Kim Jong Un.
“Hacking is an intelligence function, tightly controlled by the party of the Kim family for political purposes and to make hard currency,” Lewis said. “That’s one of the new developments in the past few years. ... They try to use hacking to make money.”
North Korea, which bans its citizens’ access to an unrestricted Internet and lacks universal access even to electricity, decided two decades ago to invest hackers who could reach across the world to do damage, said Martyn Williams, a contributor to 38 North, a publication of the U.S.-Korea Institute at Johns Hopkins University.
The timeline of notable operations shows how objectives have changed:
July 4, 2009 — North Korean hackers launched an attack on the U.S. holiday that employed thousands of computers around the world to overload government websites in the U.S. and South Korea. Sony Pictures, October 2014 — A group that called itself “Guardians of Peace” stole company documents from Sony Pictures weeks before the studio planned to release The Interview, a dark comedy about a CIA-inspired assassination attempt against Kim. The documents embarrassed company executives and their release played a part in a pressure campaign that derailed the film’s planned distribution. President Obama pledged to “respond proportionally” to North Korea for the operation. Bangladesh Bank, February 2016 — In a sophisticated caper, suspected North Korean hackers sought to drain $951 million from the central bank of Bangladesh through the U.S. Federal Reserve’s SWIFT money transfer system.
The robbers succeeded in transferring $81 million to four private accounts in the Philippines.
Williams said North Korean cyber robbery appears to be the result of increased sanctions over its rogue nuclear weapons program.
“It’s harder for the country to raise money in the traditional way so its raising money on the Internet,” he said.
The WannaCry attack and the public blame by the White House show that the U.S.-North Korean cyber conflict is getting more intense, said Katie Moussouris, an analyst who advised the U.S. government on cyber defense.