03/28/2024 – 18:37
According to a United Nations report, cybercrime financed 40% of North Korean programs to produce weapons of mass destruction. Legal vacuum generates climate of impunity, experts point out. “Malicious” cyberattacks involving theft of cryptocurrencies would have yielded North Korea around 3 billion dollars (R$15 billion) between 2017 and 2023, enough to cover up to 40% of the costs with programs for the production of weapons of mass destruction by the Kim Jong-un regime. The conclusion is from a recent report produced by a United Nations committee of experts that monitors sanctions against the country.
To DW, analysts say the cryptocurrency sector is “extremely concerned” about the effectiveness and impunity with which a powerful state actor appears to be stealing virtual currencies, and the slowness with which international law has reacted to the rapid pace of development of the cryptocurrency. branch.
This is due, in part, to the fact that governments in many countries most threatened by North Korean cyberattacks – notably South Korea, Japan and the United States – are currently having to deal with other serious political challenges that consume their time and energy. .
Released on March 20, the UN report on North Korean cyber activities investigated 58 attacks against companies operating in the cryptocurrency sector and concluded that Pyongyang is not only behind all of them but also continues to attack financial institutions – a strategy to circumvent UN sanctions and cover the high costs of developing nuclear weapons and long-range missiles.
“The Democratic People's Republic of Korea's (DPRK) malicious cyber activities account for about 50% of its foreign currency revenues, and are used to finance its weapons programs,” the report states.
Citing information provided by unidentified UN Member States, the document's authors further state that these same revenues from cybercrime finance “40% of the DPRK's weapons of mass destruction programs”.
Hackers use social engineering techniques
Analyst at Brave New Coin, a research firm specializing in cryptocurrencies based in Auckland, New Zealand, Aditya Das says the “scope and complexity” of the activities of one such hacker group, Lazarus, shocked the industry. They are seen as a front for North Korea's official hacking team.
“The volume and quantity of virtual currency thefts associated with the Lazarus Group were unprecedented: $615 million (R$3 million) from Ronin Network, $100 million (R$501 million) from Horizon, $100 million (R$501 million) from Atomic Wallet”, comments Das. “It looks like they are keeping an eye on all the big cryptocurrency platforms.”
The analyst warns that Lazarus, “with its broad network and repetitive attack approach”, also appears to be targeting smaller groups and individuals, and explains the group's operating tactics: “Lazarus is known for its social engineering campaigns and phishing, targeting employees at large organizations by sending them emails and LinkedIn messages with infected attachments.”
It was thus, using a “sidechain” associated with the Axie Infinity blockchain game, that hackers were able to access the Ronin network in April 2022. In a “sidechain” of this type, transactions can be carried out without being detected. The company estimates that fraudulent withdrawals amounted to almost $615 million.
Legal vacuum makes it difficult to combat cybercrime in the crypto sector
The security of the cryptocurrency sector is also hampered by the decentralized, free and global nature of these assets – something that pleases users, but makes regulation by governments difficult.
“If possible, it would be good if the real criminals were criminally prosecuted, not the apps they use,” says Das. “But we know how well North Korea covers its tracks and denies hacking attacks. If criminal prosecution is not possible, prevention is the best option for now.”
North Korea continues to financially support its hacking teams because they are an important source of revenue for the regime. And therefore, according to Das, future cyberattacks will continue to be successful.
But they do not only represent a risk for companies in the financial sector, warns Park Jung-Won, professor of international law at Dankook University, in South Korea. According to him, these hackers regularly test the security systems of South Korean authorities: banks , companies that maintain contracts with the military, and infrastructure, such as the nuclear energy sector.
“We are very familiar with the illegal activities of the North. The government and military have paid much more attention to them in recent years and provided additional resources to ensure the country's security,” says Jung-Won.
Regulation faces a lack of consensus
Also at an international level, there are efforts to create laws that regulate the sector at a global level, but there are still major obstacles to overcome until then.
“We are trying to create laws that combat cyber theft, cyber terrorism and other similar crimes. However, it is difficult to reach well-defined standards, because they require the consensus of all States involved”, says Park. “Currently, there are many loopholes that malicious actors like North Korea can exploit.”
Even within South Korea, it is difficult to reach an agreement on laws against cyber attacks that threaten the country, ponders the professor. With just under a month to go before the elections, government and opposition parties are still not willing to reach an agreement.
“We know that the North created and trained teams of specialized hackers, who are very efficient and whose sole task is to attack us”, warns Park. “We need to urgently respond to these challenges.”
#Cryptocurrency #scams #fund #nuclear #weapons #North #Korea