UN report
North Korea’s hackers steal record sums for nuclear program
North Korea is apparently preparing for its first nuclear test since 2017. photo
© Ahn Young-Joon/AP/dpa
North Korea launched 73 ballistic missiles in 2022. This is mainly financed by global hacker forays. A United Nations report provides insight into Kim Jong Un’s cyber army.
According to the United Nations, North Korea stole more money from cybercrime in the past year than ever before. Several estimates put at least $630 million or even $1 billion stolen from the internet. This shows “that 2022 was a record year for the theft of virtual assets in North Korea,” according to a previously confidential UN expert report that the German Press Agency was able to view.
In the past six years, the state-employed hackers are said to have captured a total of around 1.2 billion dollars online. The money, which was often invested anonymously in cryptocurrency, is then used by the heavily sanctioned country to finance its nuclear and missile programs, which ruler Kim Jong Un has recently pushed ahead with.
Meanwhile, the UN experts again see “a significant acceleration” in Pyongyang’s nuclear weapons program. Stockpiles of fissile material were rising, reflecting new North Korean nuclear policies and a string of missile launches. Earlier this year, Kim announced an exponential increase in his country’s nuclear arsenal, further escalating tensions on the Korean peninsula.
Preparing for a possible nuclear test
The UN reported last year that North Korea was preparing for its first nuclear test since 2017. Recently, construction work continued at the Punggye-ri underground nuclear test facility in the north of the country. According to the UN report, in 2022 Pyongyang fired at least 73 ballistic missiles in violation of UN Security Council resolutions – 42 of them in the last four months of the year. Among them was the test of a new type of solid fuel rocket.
North Korea’s cyber attacks are blamed, among others, on the state hacker group Lazarus and its subgroups. Increasingly sophisticated ransomware attacks and hacks targeting cryptocurrency marketplaces have been observed. In so-called ransomware attacks, the attackers penetrate the systems, take control and lock the victims out. The data is usually encrypted and only made accessible again after a ransom has been paid.
Diplomatic relations are broken
According to the UN report, another scam used by hackers is to infect certain organizations active in the crypto business with malware in order to be able to intercept money transfers. “In addition, as part of the campaign, the hacking group registered fake domains impersonating well-known banks and venture capital firms,” it said. North Korea is also trying to steal NFTs (“non-fungible tokens”) via so-called phishing attacks. With them, digital content can be provided with a non-exchangeable certificate and thus marked as original, which sometimes leads to immense increases in value.
With the missile tests and his nuclear program, Kim Jong Un wants to increase the pressure on the world community to lift the sanctions against his country. At the same time, diplomatic relations with the United States have been broken since Kim’s failed second summit with former US President Donald Trump in February 2019. In May, the United States failed in the UN Security Council with a resolution for stricter international sanctions against Pyongyang. Russia and China vetoed the vote in New York.