North Korea-backed cyberattacks on crypto and tech firms will only become more sophisticated over time as the country battles prolonged economic sanctions and resource shortages.
Former CIA analyst Soo Kim told CNN on July 10 that the process of generating overseas crypto income for the regime has now become a “way of life” for the North Koreans.
She also added that it is likely that their crypto attacking “tradecraft” will only improve from here on.
"Even though the tradecraft is not perfect right now, in terms of their ways of approaching foreigners and preying upon their vulnerabilities, it's still a fresh market for North Korea," said Kim.
The RAND Corporation policy analyst made the comments almost two months after the release of a joint advisory from the United States government about the infiltration of North Korean operatives across freelance tech jobs — posing risks of intellectual property, data, and funds theft that could be used to violate sanctions.
Former FBI intelligence analyst Nick Carlsen told CNN that DPRK operatives embedded in these firms would not only earn income used to skirt sanctions but they could also potentially identify vulnerabilities in certain client systems that their hacker comrades could take advantage of.
"Any vulnerability they might identify in a client's systems would be at grave risk,” explained Carlsen.
Related: Crypto market crash wipes out millions from North Korea's stolen crypto funds
In a lengthy Twitter expose about North Korean hackers, The Defi Edge noted that these crypto attacks typically target bridges, focus on companies based in Asia, and often begin by targeting unsuspecting employees.
What the Crypto Hacks Have in Common• They tend to target bridges in Crypto• They
Read more on cointelegraph.com