US Predicts More North Korea Cyber Heists to Fund WMDs
Christy Lee contributed to this report, which originated in VOA’s Korean Service.
WASHINGTON — North Korea is likely to ratchet up fraudulent cyber operations to fund its weapons of mass destruction program after failing to secure sanctions relief from the U.S., according to a U.S. State Department official.
“As North Korea feels the impact of sanctions, it will become more reliant on state-sponsored criminal activities, including through cyber operations, to help fund its weapons of mass destruction programs,” a Department of State spokesperson told VOA’s Korea Service on Tuesday.
North Korea was hoping to see sanctions ease at the Hanoi summit in February in return for dismantling its Yongbyon nuclear facility. However, Washington told Pyongyang to carry out a comprehensive denuclearization if it wanted to end sanctions.
Sanctions placed on North Korea, especially those imposed since 2016 in response to its increased nuclear and missile tests, have apparently hurt Pyongyang’s economy.
“There is no question that sanctions are squeezing North Korea’s economy, and the impact [means it will] increase efforts to find ways to circumvent sanctions or alternative sources of funding,” said Robert Manning, a senior fellow at the Atlantic Council.
“That is behind [North Korean leader] Kim [Jong Un]’s effort to boost his ties with China and Russia and also using cyber currencies to work around the bans on financial transactions,” he added.
Cyberattacks pose a risk
Ken Gause, director of the Adversary Analytics Program at the Center for Naval Analyses, said North Korea is resorting to “thievery including cyberattacks to bring in funds” as it feels “the pinch from the sanctions regime.”
Douglas Paal, vice president for studies at the Carnegie Endowment for International Peace, said North Korea may resort to cyber theft “to create pressure on the U.S. to reconsider lifting sanctions.”
The State Department spokesperson warned that the U.S. national security and global economy are under threat by North Korea’s illicit cyber operations.
“North Korean cyberattacks and other malicious cyber activities pose a risk to critical infrastructure in countries around the world and to the global economy,” said the spokesperson.
According to the report by the United Nations Panel of Experts on North Korean Sanctions Committee issued in early March, North Korea “carried out at least five successful [cyber] attacks against cryptocurrency exchanges in Asia between January 2017 and September 2018, resulting in a total loss of $571 million.”
The report further stated that “Cyberattacks by [North Korea] to illegally force the transfer of funds have become an important tool in the evasion of sanctions and have grown in sophistication and scale since 2016.”
Impact felt around the world
Secretary of Homeland Security Kirstjen Nielsen highlighted the global impacts of North Korea’s cyberattacks, last month at George Washington University.
“In the past two years we witnessed North Korea’s WannaCry ransomware spread to more than 150 countries, holding health care systems hostage and bringing factories to a halt,” Nielsen said in her speech.
North Korea’s WannaCry attacks hit 300,000 computers around the world in 2017 with the hackers demanding ransom payments in cryptocurrencies and crippling more than 20 percent of hospitals in the U.K., costing billions of dollars.
Last September, the U.S. Justice Department charged a North Korean man suspected of launching cyberattacks using the WannaCry ransomware to hack Sony Pictures Entertainment in 2014. Park Jin Hyok is thought to be a member of the Lazarus Group, an infamous hacking team sponsored by the North Korean government.
The Sony hack caused an estimated $35 million in damage from the theft of personnel emails and unreleased films from the company that were then leaked. The cyberattack occurred before the release of The Interview, a comedy that depicted an assassination of North Korean leader Kim Jong Un, which Pyongyang called “an act of war.” The leaked emails revealed the pay gap between top male and female movie stars.
Park and his co-conspirators also “targeted and then executed the fraudulent transfer of $81 million from Bangladesh Bank … [and] cyber-heists at many more financial services victims in the U.S. and other countries … with attempted loss well over $1 billion,” according to an affidavit submitted by the Federal Bureau of Investigation to the U.S. District Court in the Central District of California in 2018.
The transfer occurred in 2016, and North Korea’s cyber-heist at the central bank of Bangladesh is “the largest cyber-theft from a financial institution to date,” according to the document.
Earlier last month, the House passed the Cyber Diplomacy Act of 2019 that called for President Donald Trump to designate North Korean entities that “knowingly engage in significant activities undermining cyber security through the use of computer networks to target foreign persons or governments or other entities on behalf of the Government of North Korea.”
The bill was introduced in January by Representatives Michael McCaul, a Republican from Texas and Eliot Engel, a Democrat from New York.
General Paul Nakasone, the commander of U.S. Cyber Command and director of the National Security Agency told the Senate Armed Service Committee at a hearing in February that “the scope and pace of malicious cyber activities continue to rise” globally and pointed to North Korea, China, Russia and Iran for conducting cyber operations to threaten U.S. national interests.