North Korea’s far-reaching cyber campaigns have generated around $2bn for the country’s burgeoning weapons programme, according to a new report from the United Nations.
The dictatorship is one of the only countries in the world known to use cyber attacks to generate revenue, rather than gather intelligence or steal intellectual property, and has carried out a number of high profile attacks in recent years.
“[North Korea] used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income,” said the report.
“Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programmes, with total proceeds to date estimated at up to two billion US dollars,” the report added.
In recent years, North Korea is believed to have conducted at least 35 attacks involving financial institutions, cryptocurrency exchanges and mining. The attacks on exchanges enabled the country “to generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector,” according to the report.
Sign up to Emerging Threats, our weekly cyber security newsletter
North Korea’s most high profile cyber gang is the Lazarus Group, which has been blamed for the WannaCry attack that swept through the NHS in 2017.
Lazarus hackers shot to prominence in 2014 when they crippled Sony Pictures’ computer network ahead of the release of The Interview, a satire on the leadership of the North Korean government.
As well as disabling Sony’s network, the group released troves of sensitive data, including a string of embarrassing emails about A-list film stars, and threatened cinemas that planned to screen the film.