North Korean Hackers Charged Over $1.3 Billion Cryptocurrency Mega-Heist

North Korea by Roman Harak is licensed under CC BY-SA 2.0

North Korea is a strange place. Most of us think of fat dictators and nuclear weapons when we imagine the small nation, but one thing that North Korea is doing more and more these days is hacking.

They hacked Sony a number of years ago and threatened to do terrorist attacks if “the Interview” played in theaters and now North Korea’s legions of cyber warriors are up to more sneaky tricks.

The latest hack comes from three top North Korean hackers who the US Department of Justice (DOJ) says were working on stealing $1.3 billion in cryptocurrency and other currencies from banks and individuals.

At this point, North Korea is a worse threat than Russia in the cyber realm according to DOJ who said “North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers.”

School. Pyongyang, North Korea. by (stephan) is licensed under CC BY-SA 2.0

What Did the North Korean Hackers Do?

According to the DOJ, the three individuals in question are Jon Chang Hyok, Kim Il and Park Jin Hyok. They made cryptocurrency malware and gained access via backdoors into victims’ computers and companies that trade cryptocurrencies. They then made a blockchain system to get around sanctions and raise cash secretly outside the evasion of US punishment.

Park was charged with also being behind the 2014 hack of Sony with the WannaCry ransomware and the 2016 stealing of over $80 million from the main bank of Bangladesh. Park and his other two accompliches worked together with a top North Korean hacking group called the Reconnaissance General Bureau which is also known as the Lazarus Group and APT 38.

They also worked from Russia and China to do their online spearfishing and crypto malware operation, which raised major red flags once companies and individuals realized they were the target of a sophisticated cyber attack.

The North Korean Hacking Threat

In addition to its nuclear ambitions and totalitarian communist police state backed by China, North Korea is training up a new generation of cyber terrorists. As Asia Society Policy Institute Vice President Daniel Russel detailed,  North Korean dictator Kim Jong Un has a massive cyber army.

“It’s estimated to comprise about 7,000 people who are trained pretty extensively, both in specialized domestic programs in North Korea, including in parts of their universities. In other cases, they then seem to receive training in China or in Russia. Quite a few of them are dispersed through China, Russia, and some in India,” Russel explained.

“They use other countries as a platform and for conducting their various cyber activities because North Korea has pretty much air-gapped its own internal internet or intranet system, both to prevent North Koreans accessing information from the rest of the world, but more importantly to prevent the rest of the world from getting in,” he added.

As Russel points out, the United States and other nations are especially vulnerable to a malicious country like North Korea’s cyber capabilities.

“Cyber weapons kind of level the playing field for North Korea in a way that nukes can’t. Not only do the United States, China, Russia, have vastly more nuclear weapons than North Korea, but a nuclear weapon is an all-or-nothing proposition,” Russel points out.

“Cyber warfare has a very different risk-return calculation. it’s a low-cost, asymmetric, relatively speaking, low-risk weapon system. And the US is the most vulnerable country on planet Earth to disruptive cyberattacks.”

America needs to be hardening its electrical grid, infrastructure and defense systems in terms of their cyberattack resistance capability. North Korea is working night and day to try to cause chaos and it’s up to us to stop them.