North Korean Hackers Linked to Banking Heist

By Luisa Chainferber
Staff Writer

North Korean hackers associated with the government have been accused of heisting hundreds of millions of dollars from financial institutions across the globe. The team of hackers, named as APT38, has attempted to steal more than $1 billion in 11 countries, says Politico.

A report from the American cybersecurity firm, Fire Eye, has indicated that APT38 has a large operation and vast resources, reports the New York Post. The hackers’ initial operations focused on banks in Asian countries such as Vietnam, Malaysia, and Taiwan. Later operations were extended to target other countries such as Brazil, Turkey, Mexico, and the United States.

Fire Eye researchers have also explained that APT38 is one of several hacking cells from an umbrella group known as Lazarus, but APT38 is distinct from the others, and it has the responsibility to raise funds for the isolated North Korean regime, says South China Morning Post.

According to the GP Investigations, Pyongyang has been long excluded from global markets due to Western sanctions, so the regime seeks revenue from outlawed realms. While these have usually encompassed producing heroin, printing fake money, and forging name-brand cigarettes, hacking is becoming increasingly more important for revenue than any other illicit activity. North Korea has created the world’s greatest bank-robbing crew that, unlike its competitors, has the assurance that it will not be charged for national law violations.

Chris Inglis, a former deputy director of the National Security Agency, argued that North Korea could have one of the world’s most successful cyber programs, “not because it’s technically sophisticated, but because it has achieved all of their aims at very low cost,” The New York Times reports. The advisers of Kim Jong-un, current Supreme Leader of North Korea, take for granted that no state will respond to a cyberattack with a military attack due to the fear of a disastrous escalation between North and South Korea.

In September, the U.S. Justice Department charged a North Korean national computer programmer, Park Jin Hyok, for a cyber-hacking connected to the computer hacking of Sony in 2014, WannaCry ransomware, and other cyberattacks, reports CNN. Analysts expect North Korea to conduct similar operations focused on cryptocurrencies, such as Bitcoin, because international sanctions make it harder for the regime to use the U.S. dollar.

In order to create its army of hackers, the North Korean regime selected promising students at an early age for special training, and many students were sent to China for top computer science programs. The counterintelligence division in the Federal Bureau of Investigation also remarked that during the 1990s, some of the North Koreans appointed to work at the United Nations were found enrolling in university computer programming courses in New York, as  The New York Times reports.

Several signs indicate that the hackers’ ability has been increasing as they operate with codes that are so advanced, that they cannot be detected by any antivirus program, The Wall Street Journal reports.

Many hackers are incorporating perfect language skills into coding, which gives the impression that the hacks come from another country. According to The Wall Street Journal, John Hultquist, director of intelligence analysis at U.S. cybersecurity firm Fire Eye, ranked North Korea as part of the world’s mature hacking operations and said the whole world should take notice.