N Korean raids on bitcoin exchanges expose vulnerability

opinion December 20, 2017 01:00

By The Korea Herald
Asia News Network

The world already knows that North Korea’s cyberattacks – like its nuclear bombs and long-range missiles – pose a serious threat to global security.



Yet the recent hacking of digital currency exchanges show how ill-prepared we are to fight the North’s state-trained hackers. 

South Korea’s National Intelligence Service said last week it had evidence that North Korean hackers broke into four cryptocurrency exchanges this year. 

It said emails sent by the hackers were traced to North Korean hacking sites. The emails contained the same malicious codes that a North Korean hacking unit planted in attacks on Sony Pictures in 2014 and the Bangladeshi central bank in February this year. 

The hackers stole the personal information of about 36,000 customers of Bithumb, the largest cryptocurrency exchange in the country, with which they demanded 6 billion won (Bt180 million) in ransom money. The infiltrators succeeded in stealing bitcoins worth 7.6 billion won from two other digital currency exchanges. The stolen bitcoins are now valued at 90 billion won. 

The NIS said there were also attempts to breach 10 more cryptocurrency exchanges last month alone. This shows that the fast-growing digital currency market has become a major target for North Korean hackers.

It would be strange if the North did not target a market whose value is exploding, since the country is suffering from a severe shortage of hard currency. 

Crucially, digital currencies like bitcoin are easier to gather than physical currency. They can also be traded anonymously and so are easier to launder. Intelligence officials said North Korean hackers change the digital currency they steal into US dollars or euros in developing countries and funnel them into North Korean funds. 

The latest North Korean cyber-heists confirm the rogue regime is shifting its hacking-for-money operation into higher gear, as it badly needs hard currency in the face of international economic sanctions imposed over its nuclear and missile programmes. 

In fact, North Korean hacking units have attempted to breach foreign governments and financial institutions in an increasingly bold and indiscriminate manner. They siphoned $81 million from the Bangladeshi central bank and also attempted break-ins at the Bank of Korea and the Federal Reserve Bank of New York. 

US intelligence officials believe North Korea earns about $1 billion a year – one third the value of its exports – from cyber heists. This calls for South Korea and the international community to make extra efforts to protect the fast-expanding digital currency market and other financial systems from North Korean hackers. 

It is all the more important not to allow loopholes in the ongoing economic sanctions against the North’s nuclear and missile programmes. 

Equally important is that focusing on blocking the North’s hacking for money should not mean lowering our guard against the North’s overall cyberwarfare. 

Intelligence officials said North Korea has been running cyberwarfare units manned by specially trained elite staff since the 1990s. They conduct indiscriminate attacks on foreign governments and institutions, stealing confidential data and intelligence and disrupting computer systems and networks. Many of the attacks have political and military purposes. North Korean hackers attacked Sony Pictures in 2014 in response to a film that ridiculed its leader Kim Jong-un. 

Last year, North Korean hackers stole classified South Korean military secrets, including the US joint wartime operation blueprint and a contingency plan for taking down the North Korean leadership. 

The recent cases show that North Korean hackers are watching for every opportunity to break into our systems. We are in a virtual war and we must take counter-measures accordingly.