Network of North Korean hackers: robbery of banks, sabotage in the cinema and thousands of pirates in the service of the war against the West

The cybernetic power of North Korea has become the least threat to the West. Undaunted by the American sanctions – because of his complete isolation -, silent in the recruitment of his computer scientists – while suspending his nuclear tests in the continuation of the dialogue between Donald Trump and Kim Jong-un – and very dangerous in terms of security and financial crimes.

An article published by the New York Times in 2017, he estimated the number of pirate soldiers at over 6,000 and explained that they were operating from outside the country. In a recent article in the same media, citing a specialist at the Center for Strategic and International Studies, he says the strategy responds to his military inferiority. "They will never compete with US and South Korean soldiers tank by tank", explained Victor Cha, about the change of strategy of the communist country.

In fact, the two summits that US President Donald Trump had with his counterpart Kim Jong-un came to a revealing conclusion of the regime's real goals. While leaders met in Hanoi, Vietnam, cyberattacks against American and European companies persisted.

The tensions – and also the attacks – began in 2017 when, shortly after taking office, Trump led a series of insults that further undermined the deteriorating relations between the two countries. In response to a "rocket-man" charge, Kim has developed a series of nuclear tests threatening to send an ogive to the United States. These tensions gave way to an apparent diplomatic engagement by Trump, which culminated in the first summit in Singapore last June. From that moment until the new summit, held in February in Hanoi – although it stopped abruptly for lack of agreement has mitigated the pbadages between leaders – Pyongyang promised to end his missile tests. However, he did not do the same thing with his cyberattacks.

According to a survey by the cybersecurity company McAfee, The goals of North Korean hackers range from the safety of banks and utilities to oil and gas companies. Various experts claim that, thanks to the underestimation of the West, North Korea has succeeded in setting up one of the most sophisticated and damaging cyber armies in the world.

Banks: the opportunity to make money in an impoverished nation

Banks and financial institutions have become an increasingly attractive target for North Korean pirates. Last October, they were identified as responsible for a wave of cyber attacks that caused "hundreds of millions of dollars" in losses. Among the banks victims of the attack are the regional agencies Bancomext of Mexico and the Bank of Chile. The US FireEye cybersecurity firm also quotes in its report a possible attack from Banco del Austro in Ecuador and entities in Brazil and Uruguay.

US media announced on Feb. 5 that the New York District Federal Reserve would collaborate with the Central Bank of Bangladesh in a lawsuit seeking to recover US $ 81 million of funds stolen by North Korea. 2016 in one of the biggest bank robberies. of modern history. The case is paradigmatic of the legal difficulties arising from this type of crime, as well as the mechanisms available to try to recover the money.

Instead of going after North Korea, the lawsuit was filed against a Philippine bank, where the stolen funds briefly fell before a complex series of transfers that redirected them to Philippine casinos, after which they became impossible to trace. The New York Federal Reserve, which had money before it was illegally transferred, is collaborating and even urging citizens and Filipino organizations to help recover the funds, according to an agreement reached between the banks.

The hackers managed the theft by violating the systems of Bangladesh and using SWIFT's global payment network to send fraudulent orders to the US central bank branch in New York, which oversees the account and was cheated to release the funds. Of the US $ 1 billion requested, US $ 81 million was sent to Manila, Philippines-based Rizal Commercial Banking Corp (RCBC), and only US $ 15 million was recovered.

RCBC lawyer, Tai-Heng Cheng, described Bangladesh's request as "completely unfounded" and "nothing more than an unobtrusive public relations campaign" to get rid of the blame for this episode. "The charges are not only false, but they are not allowed to be presented here because none of the defendants are in the United States. ", Said the lawyer quoted by Reuters

Indeed, the global losses of cybercrime, that the The Center for Strategic and International Studies says that their turnover reaches 600 billion USD per yearthey are devastating to the victims. But it is very difficult, if not impossible, to recover the stolen money because the perpetrators, if they are identified, are often actors that are beyond the control of the law enforcement authorities.

According to the statements of a former head of the British intelligence services cited by the New York Times, the work of your North Korean cyber-hackers may mean about one billion dollars a year, equivalent to a third of the value of the country's exports.

Objective: The cultural industry

One of the objectives of the Cybernetic Army working under Pyongyang's command was cultural industry, and it is against her that she developed her most famous attack, Developed centrally to preserve the image of Northern leader Kim Jong-Un, 33 years old.

This came in 2014, motivated by the need to block the launch of a movie in which Kim Jong-a was satirized and included the destruction of the Sony Pictures Entertainment computer servers, the paralysis of studio operations and filtering files. embarrbading emails from some executives. The code has destroyed 70% of Sony's computers.

Before the attack, the regime had clearly indicated its intention to block the creation of the L & # 39; interview (L & # 39; interview), a comedy about a plan to badbadinate the head of North Korea, after officially denouncing the film "the obvious sponsorship of terrorism, as well as an act of war" in a letter to the UN Secretary-General of the time, Ban Ki-moon.

What had gone relatively unnoticed until a certain time was that North Korea had also hacked a British television channel a few weeks earlier to prevent it from airing a drama about a kidnapped nuclear scientist in Pyongyang.

In August 2014, after Channel Four announcing its intention to broadcast a television series on the subject, North Korea first appealed to diplomatic channels and officially protested against the British government, in which the program was described as "scandalous farce". When the same thing was ignored, the attack happened.

Then, the White House responded with economic sanctions that North Korea had barely noticed, which, again, ignites warnings about the need for the West to put in place new mechanisms to counter the threat.

The construction of North Korea's modern hacker army has not started with young Kim Jong-un, but with his father, Kim Jong-il, a movie lover who has witnessed the rise of the Internet and has become one of his most fervent amateurs.

Although his hobby was not enough to provide his country with a network that reaches the homes of North Koreans on foot, his death in 2011 would have a little over a thousand IP addresses, less than what exists in a block from New York City-, the ability to spy on and attack his enemies quickly seduced him. It was around 1990, when a group of North Korean computer scientists confirmed this idea on his return from a trip abroad.

North Korea then began very early to identify promising students, to receive special training and to send the best to computer education programs in China. In the late 1990s, the FBI's Counterintelligence Division observed that North Koreans employed in United Nations jobs were quietly enrolling in university computer programming courses in New York City.

According to a major deserter cited by the Time, after witnessing the "shock campaign" of the US campaign in Iraq in 2003 through CNN, Kim Jong-il warned his army: "If the war was up to now on bullets and oil (…) in the 21st century, it is information."

That's what his son understood and when Kim Jong-un succeeded him in 2011; he made the decision to expand the cyber mission to no longer serve as a weapon of war, also focusing on theft, harbadment and politics.

"Cyberwarfare, with nuclear weapons and missiles, is a versatile sword that guarantees the ability of our military to attack without truce"said Kim Jong-un, according to the testimony of a chief of South Korean intelligence services.

In 2012, government officials and private investigators reported that North Korea had distributed its piracy teams overseas, based mainly on China's Internet infrastructure. This allowed them to exploit unsafe internet connections and maintain a degree of anonymity. Now, the world faces the challenge, more and more pressing, of developing strategies to neutralize this power.