As of late, there has been a significant change in the targets of the team of hackers out of North Korea as an increase in bank accounts have been hacked. Hackers used to focus their efforts on government agencies or companies in countries that it considered hostile, with the goal of obtaining secret information and causing social discord. But, financial attacks are what we should be looking out for now.
Some of the recent cyberattacks include the $81 million stolen from Bangladesh’s central bank and an attempt at hacking Polish banks. While hackers have used cyberattacks in the past to gain information, the latest trend regarding targets suggests that the hacks are acting a source of funding as well.
Cybersecurity expert Roderick Jones, sat down with Inside Counsel to discuss the news trend in North Korea cybersecurity attacks. North Korea has a long history of using illicit means to acquire foreign currency. In the past, according to Jones, this has involved the large scale forgery of U.S. $100 bills as well as engaging in other traditional crime activities such as illicit gaming and counterfeiting.
“The need to operate in the black market comes from North Korea’s trade isolation from the rest of the world, the cyber hacking of bank accounts is the latest manifestation of a long trend and we should expect to see more of it now U.N. sanctions have been tightened on the regime,” he explained. By focusing on companies and countries that are in opposition to the North Korean regime they can achieve two aims at once - raise funds and create instability in countries they consider to be their opponents.”
So, why are financial attacks what we should be looking out for now?
The North Korean’s have up to now been focused on attacking global financial institutions and have had some successes. However, these returns will diminish as cyber security protections are increased in the global financial sector.
“There are few cyber-security protections around wealthy individuals and executives in the West and it seems likely that the North Korean hacking units will look at the successes organized crime groups have had against wealthy individuals and move in that direction,” he said.
In fact, the recent WannaCry attacks that used ransomware are now considered by some to have emanated from North Korea, disabling a big part of the health care system in the U.K., according to Jones. “This may have been an unintended consequence but it shows the physical application of cyber-war,” he said.
One of the most famous cyber-attacks remains the US attack against the Iranian nuclear program, known as Stuxnet. This is credited with slowing down the Iranian nuclear program and it’s hard to imagine the US isn’t using similar methods against North Korea to slow down its nuclear weapons program.
More and more, hackers are using hacking as a source of funding. Per Jones, whether they are aligned with a state or organized crime group, Hackers need to show revenues to continue to function. Since these operations run like businesses and are not funded by tax payer dollars, they operate a hybrid approach that sometimes involves hacking strategic targets and sometimes is simply designed to produce revenue.