North Korean soldiers attend a mass rally. Photo: Kim Won-Jin/AFP/Getty Images
Neither cozying up to Kim Jong-un nor charging an alleged North Korean agent involved in the disastrous WannaCry malware fiasco has stopped Pyongyang from orchestrating digital bank heists. The best bet to stopping North Korea's misbehavior might be to start with petty crime.
The big picture: North Korea relies on money from cyber crimes to compensate for sanctions. But they aren't all $81 million heists. "North Korean hackers spend most of the day doing low-level crime — cheating at online poker, cracking video games, committing low-level financial crime. That's where most of the money comes from," said Priscilla Moriuchi, director of strategic threat development at threat intelligence firm Recorded Future.
Recorded Future released a new overview of North Korean hacking and internet usage Thursday, including recent developments in online crime, like sham cryptocurrencies.
What they're saying: "Start thinking of North Korea as a mob family," said Moriuchi. As with the mob, the nation's day-to-day petty crimes provide a foundation for the bigger efforts, like the bank heists and cryptocurrency market looting.
- "We know from defector interviews that North Koreans who operate outside the country need to earn a salary to stay abroad," said Moriuchi. Most of that salary is sent back to the regime. Cheating at poker is certainly one way to accomplish the goal.
- Hackers often operate outside of North Korea because the country has such poor connectivity to the rest of the world.
- One way to slow Pyongyang's more flashy crimes — one that developers outside the government could participate in — is to incorporate better security practices into video games or poker. "That technology already exists," said Moriuchi.
Details: One interesting note from the Recorded Future report is that the few elite households that have access to the external internet within North Korea are using it more for business and less for entertainment than they were only a short while ago.
- The amount of streaming video, video games and entertainment content being accessed is down. But surfing using secure, virtual private networks during the work day is up.
That's intriguing for a number of reasons, not the least of which is the creation of potential targets for American cyber warriors.
- Few countries have the same amount of infrastructure online as the United States. As such, we will always be easier to target with cyber warfare than Russia or China, who simply have less stuff to fire at.
- But North Korea is particularly elusive in the cyber arena because for so long it has had so little in the way of online connections.
- Most of North Korea uses an internal intranet.
- "We can't say the online computers are, say, missile testing systems. But knowing that they are increasingly reliant on the internet realistically means more targets," said Moriuchi.