Hacks back North Korean nukes
A United Nations report says North Korea’s cyberattacks have brought in about US$3 billion to fund nuclear weapons endeavours.
The annual report by the UN Panel of Experts on the Democratic People's Republic of Korea (DPRK) highlights investigations into 58 cyber incidents from 2017 to 2023, with a significant focus on 17 cryptocurrency thefts in 2023 alone, surpassing US$750 million.
This revelation stems from collective inputs from UN member states, media sources, and private entities, painting a grim picture of North Korea's cyber operations.
The report says; “According to one member state, the DPRK's cyberactivities fund approximately 50 percent of its foreign currency income, crucial for its weapons programs.”
The DPRK's cyber operatives are accused of targeting the virtual asset industry to sidestep UN sanctions and foster revenue streams.
Notably, a cybersecurity firm branded North Korea as the “world's most prolific cyber-thief”, and despite North Korea's denial of hacking accusations, the UN panel's findings indicate that the country’s cyberattacks are allowing nuclear facilities to remain operational.
The rogue nation has carried out various weapons tests, including at least seven ballistic missile launches and the deployment of a military observation satellite via ballistic missile technology, between July 2023 and January 2024.
North Korea’s Supreme Leader Kim Jong Un's oversight of new missile tests and aspirations for a nuclear-armed navy were highlighted in January, alongside allegations of DPRK targeting defence companies to steal information, aiding the advancement of its weapons programs.
Additional investigations are probing alleged contraventions of UN sanctions, including conventional arms sales, restricted petroleum products import, and illicit overseas labour revenue generation.
The report sheds light on diverse tactics employed by North Korean state actors, including the Lazarus Group's deception of job seekers through malicious applications for backdoor access to corporate networks.
These cyber actors exploited phishing, social engineering, and security weaknesses to purloin cryptocurrency, showing an increasing reliance on laundering operations in China and Russia, while also targeting these nations' government agencies and companies.
The UN report says five DPRK-linked cyber groups - the Lazarus Group, Andariel, BlueNoroff, ScarCruft, and Kimsuky - are recommended for sanctions, urging enhanced security measures by individuals and cryptocurrency exchanges to thwart DPRK transactions.