Government-backed hackers in North Korea have realized there’s a much better use for their skills than stealing secrets or causing chaos. A new report reveals that hackers in Pyongyang are focused primarily on stealing as much money as possible.
Most nation-state hacking enterprises focus on covert espionage, but North Korea has for several years shown a preference to profit from its hackers, according to the report from the Financial Security Institute, a South Korean government-backed organization. It says a hacking group known as Andariel has been carrying out profit-making attacks for at least two years against banks, defense contractors, and other businesses in South Korea.
The report says the group has attempted to hack ATMs, sell bank information on the dark web, and compromise online poker and gambling sites.
Andariel is an offshoot of the North Korean hacking group known as Lazarus, implicated in the crippling attack on Sony Pictures in 2014. The Lazarus group, established as far back as 2009, is run by North Korea’s top spy agency, the Reconnaissance General Bureau. This is the second offshoot of the group to be identified.
In April, Russian cybersecurity firm Kaspersky Lab identified Bluenoroff as the North Korean hacking offshoot responsible for attacks on financial institutions in at least 18 countries, most notably the $81 million heist from the Bangladesh central bank in 2016.
More recently, researchers have linked North Korean hackers to the WannaCry ransomware attack that crippled systems around the globe, most notably the U.K.’s state-run health services.
The impoverished hermit kingdom has been provoking the U.S. in recent months with rapid-fire missile tests, culminating on July 4 with its first successful test of an intercontinental ballistic missile. Due to severe sanctions imposed by the international community, Pyongyang has limited avenues to generate money, so it has turned to hacking, with experts estimating these activities bring in hundreds of millions of dollars every year.
Experts have speculated that these hacks play a role in funding the country’s rapid development of nuclear-capable missiles.
Display photo: North Korean leader Kim Jong Un gives field guidance at the Sci-Tech Complex, in this undated photo released by North Korea’s Korean Central News Agency (KCNA) in Pyongyang October 28, 2015.