By Julia Nicolls
North Korea’s team of over 5,000 hackers is growing and improving faster than most have predicted. Despite only recently recognizing the magnitude of this threat, the U.S. and other countries claim that North Korea poses a significant threat to their national security, says the Wall Street Journal.
According to the Wall Street Journal, cybersecurity experts traditionally viewed North Korean hackers as second-rate when compared to their Russian, Iranian, or American counterparts. Therefore, it came as a surprise when these hackers made headlines by hacking into Sony Entertainment’s online databases and erasing company information in 2014.
Bred for espionage, the government plucks these soon-to-be hackers from the masses as early as age 11. These hackers are sent to elite cyber schools to train and compete.
North Korean defectors claim that the primary motivations for youth entering these schools are the ability to travel outside the country and financial support. Since many citizens are isolated from the rest of the world and live in poverty, hacking is considered an ideal opportunity.
The hackers have become increasingly skilled and intelligent over time. Many of them speak fluent English and hide malware in bible apps.
According to the New York Times, in 2016 these cyber warriors sought a more ambitious target. They went after an account managed by the Federal Reserve: the Bangladesh Central Bank.
By hacking their servers and using fabricated transfer requests, they attempted to drain over $1 billion from the account. The results of such an attack could have been catastrophic due to the large amount of reserves held by central banks.
According to the New York Times, the only thing that stopped them from wreaking havoc on the Bangladesh Central Bank was a small spelling error. The hackers spelled “fandation” instead of “foundation.” Despite this blunder, they still managed to steal $81 million.
Attacks are not infrequent. South Korean officials estimate that they experience around 1.5 million cyber-attack attempts by North Korea daily. European financial institutions, as well as the U.S., are subject to these intrusions constantly.
Global Post Investigations says one of the many reasons behind these attacks is the sanctions placed on North Korea by western nations like the U.S. These attacks act as an alternative source of revenue for the reclusive Pyongyang regime. “A nation-state robbing banks… that’s a big deal. This is different,” says Richard Ledgett, former deputy director of the National Security Agency.
Most recently, North Korea hacked the National Health Service, which canceled scheduled operations, diverted ambulances, and made patient records unavailable. According to The Guardian, this affected computers in more than 150 countries.
The attack allegedly affected over 19,000 computers. A government report found that the NHS was vulnerable because they did not follow recommended cybersecurity guidelines, exposing them to threats.
The U.S. Justice Department charged suspected North Korean spy Park Jin Hyok for his involvement in the NHS attack, in addition to his involvement in the Sony Entertainment and Federal Reserve attacks.
The different cyber-attacks to the U.S. and the UK are so frequent that it is hard to discern between isolated attacks and larger campaigns. As Steve Rodhouse, director of general operations at the UK’s National Crime Agency, said to The Guardian, “The ransomware attacks that affected the UK appear to be part of a series, and it’s right that they are prosecuted together to show the full scale of offending.”