North Korean hackers have been mostly associated with hacking incidents all over the world, for the past few years. A trend has been seen that whenever a fintech business is attacked, the first people to be pinned by the media are North Koreans. But, is that even possible?
International Telecommunication Union has said that almost 0% of the North Korean population has access to the internet. Even though the environment is not feasible for breeding any cyber-criminals or even officials capable of cyber espionage, however, tracing the steps of those transactions it is evident that these hacks were indeed carried out by the North Koreans.
The North Korean government has strict surveillance on all its national telecommunications and has allowed selected number of people to communicate with the outside world. However, some privileged have access to all kinds of software and computers.
This prompts these influential users to use services outside the country in China or India. Thus, it can be said that the North Koreans are present in the crypto world, even though in smaller numbers but all of them seem to enjoy the central power’s support. It makes it plausible for the hacks to be more of a state effort than individual’s.
There seems to be a connection between these hacks and the economic sanctions that have been put on North Korea. Experts believe that the North Korea was behind DDoS attacks against South Korea in 2009, attack on the Bangladesh National bank in 2016 and the attack on Sony Pictures in 2014 were all done after the increase in economic sanctions. Since 2017, the U.S. government has been closely monitoring any malicious activity by North Korean hackers however, by 2017 the hackers have become involved in the crypto world.
Experts from FireEye, a security research firm have already tracked down a few patterns in North Korean sponsored attacks. North Korean sponsored hacks have become more targeted towards wallets and crypto exchanges and experts seem to think that the money is earned through these hacks may be used to fund the government’s failing economy.
Analysis of a few crypto hacks during 2017 revealed that almost 65% of the hacks from 2017 to 2018 period were carried out by the same group that identifies itself as Lazarus. The amount totals to about 65% of the total value of the crypto assets stolen globally in 2017. The group was also behind the security breach of the Japanese exchange Coincheck in 2018.