In recent years, North Korea has notably intensified its cyber operations, particularly targeting the cryptocurrency industry. This strategic shift emerged around 2017 when the country's cybercriminal activities, previously focused on traditional financial institutions, pivoted towards the burgeoning field of digital currencies. The impetus for this change was likely due to the increased scrutiny and enhanced cybersecurity measures adopted by banks and financial institutions following a series of high-profile heists, including the infamous Bangladesh Bank robbery, according to Recorded Future .
Cryptocurrency, being a relatively new and less regulated industry, presented a lucrative and vulnerable target. North Korean operatives, leveraging their state-supported cyber capabilities, have since been implicated in a series of sophisticated attacks on various cryptocurrency exchanges and platforms globally. By 2022, their efforts culminated in the theft of an estimated $1.7 billion worth of cryptocurrency. This figure is staggering, not only in its sheer size but also in its economic significance to North Korea. It represents a substantial portion of the nation's GDP and a significant chunk of its military budget, highlighting the strategic importance of these cyber heists to the regime.
The tactics employed by North Korean cyber actors mirror those used by traditional cybercriminals, including phishing, exploitation of software vulnerabilities, and the deployment of advanced malware. However, the scale and sophistication of their operations are markedly enhanced by the support and resources of a nation-state. This state backing allows them to execute more ambitious and coordinated attacks than typical cybercriminal
Read more on blockchain.news