Cash-strapped North Korea believed to be stepping up cyber thefts against the South

The number of cyber strikes has increased dramatically compared with that of four years ago.
The number of cyber strikes has increased dramatically compared with that of four years ago.PHOTO: REUTERS

SEOUL (THE YOMIURI SHIMBUN/ASIA NEWS NETWORK) - North Korea is suspected to have launched an average of 1.5 million cyber attacks per day in 2020 against the South Korean public sector, such as financial and infrastructure systems, according to sources close to the South Korean government.

The number of strikes has increased dramatically compared with that of four years ago, and many were performed in attempts to steal money, the sources said.

As Pyongyang is believed to be suffering a shortage of foreign currency due to border closures - which are one measure in place to protect against the coronavirus pandemic - as well as prolonged economic sanctions imposed on the country, some South Korean experts say the attacks were carried out to offset financial difficulties.

Cyber attacks made on the public sector numbered an average of 410,000 per day in 2016, but the figure increased about fourfold to 1.62 million in 2020, according to a report by South Korea's National Intelligence Service submitted to the national assembly in November last year.

About 40 per cent of the forays were hacks, in attempts to attack financial institutions and to steal crypto-assets or virtual currencies.

According to the sources, 90 per cent to 95 per cent of the cyber attacks targeting the country in 2020 - or an average of 1.5 million attacks per day - are believed to have been launched by North Korea. Most were made after being routed through other countries.

North Korea in the past executed cyber attacks to steal information or crash infrastructure systems. However, the main purpose has shifted to stealing money in recent years.

Pyongyang is suspected to have been involved in a case involving Bangladesh Bank in which about US$80 million (S$107 million in today's rates) was stolen in 2016.

North Korea is also accused of being behind the WannaCry computer virus in 2017 that demanded banks around the world, including Japanese and US institutions, pay ransoms.

The United States Federal Bureau of Investigation issued a warning in August last year that a group of hackers affiliated with the Reconnaissance General Bureau, North Korea's foreign intelligence service, has resumed cyber attacks against financial institutions in various countries since February last year.

According to a report by Slovak cyber-security firm ESET, released in November last year, another group of North Korean hackers has launched a new round of attacks exploiting South Korean security software programs.

The offensives are believed to reflect North Korea's attempts to step up theft attacks as the country suffers financially amid the pandemic.

"North Korea is currently in a situation in which it can obtain foreign currency only through illegal means such as hacking," said Professor Yoo Ho-yeol from Korea University, who specialises in North Korean studies.

"Kim Jong Un's regime is building up its cyber forces and is likely to continue attacks for monetary purposes," Prof Yoo said, referring to the North Korean leader.