Welcome to Codebook, Axios' cybersecurity newsletter. If you have a tip or story idea for the newsletter, just hit reply.
North Korean soldiers attend a mass rally. Photo: Kim Won-Jin/AFP/Getty Images
Neither cozying up to Kim Jong-un nor charging an alleged North Korean agent involved in the disastrous WannaCry malware fiasco has stopped Pyongyang from orchestrating digital bank heists. The best bet to stopping North Korea's misbehavior might be to start with petty crime.
The big picture: North Korea relies on money from cyber crimes to compensate for sanctions. But they aren't all $81 million heists. "North Korean hackers spend most of the day doing low-level crime — cheating at online poker, cracking video games, committing low-level financial crime. That's where most of the money comes from," said Priscilla Moriuchi, director of strategic threat development at threat intelligence firm Recorded Future.
Recorded Future released a new overview of North Korean hacking and internet usage Thursday, including recent developments in online crime, like sham cryptocurrencies.
What they're saying: "Start thinking of North Korea as a mob family," said Moriuchi. As with the mob, the nation's day-to-day petty crimes provide a foundation for the bigger efforts, like the bank heists and cryptocurrency market looting.
Details: One interesting note from the Recorded Future report is that the few elite households that have access to the external internet within North Korea are using it more for business and less for entertainment than they were only a short while ago.
That's intriguing for a number of reasons, not the least of which is the creation of potential targets for American cyber warriors.
The other shoe dropped on Wednesday, when the New York Times reported that U.S. intelligence agencies are aware Russia and especially China snoop on personal calls made with his unsecure phone.
Trump denies the story. On Twitter, natch.
The big picture: The fact that the president will not cave to national security requests as simple as using a secure phone probably offers as much insight into his decision-making process as anything he says on the phone.
Academic thieves using phishing websites target American universities more than those of any other country, with the University of Washington at the top of the list, according to Kaspersky Lab. Go Huskies!
The big picture: Stealing academic research and intellectual property via hacking is a very real problem, as 9 Iranians were indicted for such a scheme in March.
By the numbers: Kaspersky tracked attacks that used look-alike webmail portals to steal email credentials for 131 universities in 18 countries.
According to a new report by CA Veracode, a company that automatically scans for security flaws, 50% of the vulnerabilities they discover remain unpatched after 121 days.
Why it matters: Think of it as the computer security equivalent of the inspirational poster, "It's not how hard you fall, it's how fast you get back up.” Flaws in computer code are inevitable, but companies need to have processes in place to fix them.
By the numbers: By Veracode’s stats, around 75% of known security vulnerabilities persist after 21 days; 25% persist after 472 days.
Interestingly, the most “mission critical” apps appear to take longer to fix than many less critical ones.
Photo: Fernando Trabanco Fotografía/Getty Images
The three major crowd-sourced penetration testing companies — Bugcrowd, HackerOne and Synack — will split an expansion of the Department of Defense's "Hack the Pentagon" bug bounty program that could be worth up to $34 million.
Why it matters: Bug bounty programs offer incentives, like cash rewards, to third-party researchers to independently search for security flaws and report bugs to manufacturers and organizations so they can be fixed.
Details: The new effort represents a more than 7-fold increase in funding.
Codebook will return Tuesday.