Increasing pressure from the U.N. and sanctions from international governments have stifled North Korea’s already struggling economy, and the correlation between how desperate the nation is and the rise in hacking activity to siphon funds is apparent.
North Korean Hackers Stole $626 Million in 2022 Alone
Of the 1.5 trillion won (the equivalent of $1.2 billion) in cryptocurrency theft orchestrated by North Korean hackers since 2017, $626 million in virtual assets — almost half of the total amount — were swiped this year alone, according to an Associated Press report. Both North and South Korea share the won as their national currency, and about 99.8 billion won ($78 million) of the stolen funds came from South Korea. North Korean hackers have become some of the best in the world at the theft of digital assets, and experts widely believe the “Hermit Kingdom” increasingly prefers crypto hacking and other cyber intrusions as a source of desperately needed foreign currency to aid its sputtering economy. Furthermore, stolen funds can also be used to push the nation’s nuclear program forward following harsh sanctions from the U.N. amid persistent nuclear and missile testing in the region. North Korea’s strict protocols regarding the COVID-19 pandemic have also put a strain on the nation’s day-to-day activities.
North Korean Attacks Expected to Rise Next Year
The NIS noted that North Korean hacking activity is expected to increase next year, with their focus being on stealing advanced South Korean tech and confidential intel. “Marking the third year under its five-year economic development plan in 2023, the North is expected to be bent on stealing key technologies, and collecting diplomatic and security intelligence in a bid to meet its policy goals,” the NIS told the Yonhap News Agency. High-profile cyberattacks stemming from North Korea are nothing new, and the nation with a fully state-controlled internet has already been pegged on the FBI’s “Cyber’s Most Wanted” list since 2021. The nation’s hackers are known to belong to highly dangerous, state-sponsored Advanced Persistent Threat (APT) groups which are behind some of the most advanced and devastating cyberattacks, such as those targeting neighboring South Korean nuclear research facilities and the massive Axie Infinity hack. The nation’s hackers are also known to target both U.S. and overseas companies that delve into military defense and aerospace with advanced malware. Cybersecurity firm Mandiant also noted the world should be on the lookout for a high-magnitude escalation in North Korean, Chinese, and Iranian cyber operations in 2023.