The secretive communist nation is hell-bent on syphoning off as much cryptocurrency as its army of hackers can lay their hands on in order to fund weapons programs and bypass worldwide sanctions against Pyongyang, it has been claimed. A terrifying hacking programme – codenamed ‘Lazarus’ – has allegedly already infiltrated banks and crypto assets in more than 150 countries, with claims of at least $700million being stolen. Many millions more may have been taken by hackers which authorities cannot trace back to Kim Jong-un’s crack team of coders, it has been alleged. According to renowned expert Gareth Niblett – owner and director of cybersecurity firm Blackarts – North Korea’s leaders now consider cyberspace as a military domain.
He said: “North Korea has been desperately trying to raise cash to combat international embargoes over recent years, and have resorted to stealing it since at least 2016.
“They go where the money is.
“It started with traditional banking systems around the world – Bank of Bangladesh and Banco de Chile for example and, more recently, moving to using malware to mine cryptocurrency.”
It is believed the Reconnaissance General Bureau – North Korea’s equivalent of the CIA – is behind Lazarus.
RGB officers are alleged to select the country’s best young programmers and send them to intensive training camps where they are taught to become highly-skilled hackers.
The youths are said to be lured by the promise of cash, better working conditions and even international travel where they are dispatched as spies in various countries around the world under the guise of being innocent IT executives working abroad.
Once fully trained, it is claimed Lazarus agents then hack cryptocurrency exchanges and spread highly destructive ransomware on other networks.
Exchanges in South Korea and Japan were recently hacked, and many governments point the finger at Pyongyang for the spread of the Wannacry virus in 2017.
That attack almost brought the NHS to its knees, costing a staggering £92m after being forced to cancel 19,000 appointments.
Mr Niblett said: “North Korea is one of a number of growing global cyber powers building offensive cyber capabilities for military, intelligence, and economic aims.
“Cyber is now considered as the fifth military domain, after land, sea, air, and space.”
The evidence, he says, is clearly stacked up against Kim Jong-un’s regime.
He said: “It is evidently sanctioned and funded by the North Korean state.
“Hacking activities have been linked to military and education establishments, as well as front companies operating internationally.”
Mr Niblett stressed that all was being done to tackle cyber attacks and hacks into cryptocurrency exchanges, but added that many of the aggressive activities simply cannot be prevented.
He ruled out the prospect of more direct action, in the short term.
He said: “As well as international sanctions, which most countries have complied with, Western intelligence agencies will likely have mapped the North Korean network with a view to detecting or disrupting their activities, or destroying capabilities should the need arise.
“Any direct action has to be weighed against emerging nuclear capabilities, a military stand-off in the Korean peninsula, stability/predictability of the regime’s leadership, and ongoing US negotiations.
“For now, it’s likely that efforts will be more focussed on detecting, disrupting, and recovering from hacks, rather than overt attacks.”
Coin Rivet is a website bringing news, information, analysis, opinion and insight from the fast-moving blockchain world.