"Cyber attacks are like nuclear bombs".
An internal UN report, quoted by various media outlets, reveals these and other details of North Korean cyber activities. According to the report, the captured sums are used in particular to finance nuclear weapons and missile programmes. As early as 2019, UN sanctions monitors reported that North Korea generated an estimated two billion US dollars over several years for its weapons of mass destruction programmes through widespread and increasingly sophisticated cyberattacks. The US-based blockchain analytics firm Chainalysis' assessment of this is that "it is not an exaggeration to say that cryptocurrency hacking is a significant part of the national economy". According to ArsTechnica, the father of the incumbent leader, Kim Jong Il, is quoted in a book published by the North Korean army as saying: "If the internet is like a weapon, cyber attacks are like atomic bombs".
While it is estimated that only less than one per cent of the North Korean population has restricted and closely monitored access to the internet, potential members of the estimated 7,000-strong cyber army are identified as early as school. Gifted talents are selected and then trained in elite government institutions. With some of them also receiving training in China and other countries, where they gain additional experience and learn to speak English perfectly. Security specialist and vice-president at Chainalysis, Erin Plante, says: "They train people who show the first signs of cyber competence and send them to other places around the world to integrate them into organisations and into society and culture. There are these hacker cells all over Asia-Pacific that are merging with the rest of the tech community."
Cars and houses as a reward
According to information from the New Yorker, the best hackers who were involved in scams in which millions of US dollars worth of foreign currency were captured would be rewarded with cars or comfortable houses, as well as similar material benefits. Such values are unattainable for ordinary citizens of North Korea, that's why they are dubbed "special gifts from Kim Jong Un", the North Korean leader.
Experts expect North Korean hackers to increase their attempts to steal advanced South Korean technologies and confidential information on South Korean foreign policy and national security strategies through cyberattacks this year. Therefore in December last year, high-level diplomats from the United States, South Korea and Japan agreed to step up efforts to curb illegal North Korean cyber activities. Details of this have not yet been disclosed.
Attacks on targets in Germany
North Korean hackers are currently increasingly attacking targets in Germany. For example, Google Chrome users are being tricked into installing a browser extension. However, this extension is only used to capture access data, especially for email accounts. With the help of these account data, the attackers try, among other things, to install a malicious app on the smartphone. For this purpose, a test group is initiated to which attacked users are added. It is then possible to install contaminated apps on other devices without being noticed and without manual intervention. This is the result of a warning issued by the Federal Office for the Protection of the Constitution (BfV), where further details on the attacks can also be found.
Author: Uwe Sievers