As the U.S. economy shows sudden weakness, American consumers understandably express increasing anxiety…
CFIF on Twitter CFIF on YouTube
Elizabeth Warren Prepares to Punish the U.S. Economy and Investors with Her Misnamed "Stop Wall Street Looting Act"

As the U.S. economy shows sudden weakness, American consumers understandably express increasing anxiety.  A troubling new Gallup survey reports that economic confidence has now declined to lows unsurpassed since the early days of the Covid pandemic in 2020.

Undeterred by that accumulating weakness and alarm, however, Senator Elizabeth Warren (D - Massachusetts) appears restless to strike yet another dangerous hammer blow by re-introducing her misnamed "Stop Wall Street Looting Act."

She may think that title can conceal the bill's danger, but Americans and elected officials mustn't be fooled or invite the potentially catastrophic economic peril.

Senator Warren’s bill includes significant tax increases, as well as new legal liabilities and bureaucratic regulations on U.S. investment…[more]

October 18, 2021 • 01:48 PM

Liberty Update

CFIFs latest news, commentary and alerts delivered to your inbox.
Home The Issues Homeland Security North Korean Cyber Warfare: Focused On Money, Not Missiles
North Korean Cyber Warfare: Focused On Money, Not Missiles Print
By Samuel Bocetta
Thursday, December 21 2017
In short, while missile tests or hacks of celebrities’ private photos will continue to generate the most headlines, these miss the point of the DPRK’s growing cyber capabilities.

Every time North Korea conducts a missile test, it understandably makes headlines around the world. While ICBMs capable of carrying nuclear payloads might be good for showmanship, however, in truth the North Korean missile program, while steadily improving, represents something of a sideshow in the country’s growing military capability.

At the heart of the DPRK’s military strategy is cyber warfare. The reclusive state’s technological capabilities used to be laughed at, but no more. Reports now suggest that the DPRK employs an “army” of over 6,000 hackers, working both within the country and outside it, who have been responsible for some of the most devastating attacks of recent years.

The most publicized attack of the past few years has been the 2014 operation that targeted Sony Pictures. This is understandable: a rogue state seeking to sabotage the release of a Hollywood comedy makes for a good story.

The emphasis on this attack, however, cloaks the true nature of the DPRK’s cyber operation. It is true that the regime has occasionally targeted organizations which planned to air information critical of it, such as the Sony hack or the more recent attack on Channel 4 in the UK, which had planned to run a satirical TV series.

However, the true target of North Korean cyber attacks is far more mundane: The regime needs money, and hacking is the easiest way to get it.

From Humble Beginnings

It would be nice to believe, of course, that our movies and documentaries are so ideologically powerful as to be seen as a threat to the power of Pyongyang. In truth, however, the regime cares little about how it is seen outside its own borders, and the country itself remains so technologically underdeveloped that no North Korean is likely to see them.

Indeed, the technological capabilities of the DPRK have long been underestimated. In 2011, when the previous leader of the country, Kim Jong-il, died, the country was estimated to have just 1,024 IP addresses. For reference, that’s less than the number for a typical city block.

Until the 1990s, the internet, and cyber warfare more generally, were not given much support by the regime. There is a good reason for this, of course: Totalitarian states tend to be suspicious of the freedom of the web, as evident in China’s reaction to it.

By the late 1990s, however, this was starting to change. North Koreans “assigned to work at the United Nations were also quietly enrolling in university computer programming courses in New York,” as the New York Times puts it. It was the US invasion of Iraq in 2003, however, that really spurred the development of North Korean cyber warfare. Inspired by the U.S. “Shock and Awe” campaign, Kim Jong-il issued a warning to his military: “If warfare was about bullets and oil until now,” he told top commanders, according to a prominent defector, Kim Heung-kwang, “warfare in the 21st century is about information.”

The Perfect Weapon

There are many reasons why cyber weapons are viewed as desirable in Pyongyang. Perhaps the most pragmatic of these is that developing such weapons is cheap. In contrast to the development of conventional weapons, which require serious outlay on hardware, cyber warfare merely requires bright students to be trained in its techniques. The DPRK’s approach is to simply pull promising students out of high school, pay them well, and train them in cyber warfare.

Once trained, these “cyber soldiers” can use existing internet infrastructure to launch attacks. Indeed, given the still-parlous state of such infrastructure inside the DPRK itself, it seems that many attacks actually originate from outside the country, with India and Eastern Europe appearing to be favored. This also points to another advantage of cyber weapons: Their use is deniable, because Pyongyang can claim that attacks originate with “rogue hackers” rather than the government.

Because of this, recent attention has shifted to the role of North Korean criminal organizations that operate from outside the country. The two main groups are known as Lazarus and Guardians of Peace (GOP). According to a report by commercial security firm Recorded Future, these groups almost exclusively launch attacks from IT infrastructure located outside of the DPRK. Just like the growing numbers of people who use a VPN to hide their location online, this makes tracing the source of attacks very difficult.

On the other hand, if an attack can be traced to a country outside the DPRK, this can bring hackers within the reach of law enforcement. Recently, the Australian Federal Police have been very active in this area, working with foreign police forces to seize equipment and shut down attacks before they happen. Even in these cases, however, it is easy for hackers to deny that they are under the orders of the North Korean government, and so these attacks retain plausible deniability.

Perhaps the biggest advantage of cyber weapons for the DPRK, though, is that their use brings little effective retaliation. Launching retaliatory cyber attacks on a country that remains stubbornly analogue is pretty difficult, even if the U.S. and other countries are willing to escalate the current conflict.

Following The Money

It’s hardly a one-way street, of course. As the Washington Post reported in September 2017, “Early in his administration, President Trump signed a directive outlining a strategy of pressure against North Korea that involved actions across a broad spectrum of government agencies and led to the use of military cyber-capabilities.” These have included a DDOS attack last month. The focus of these attacks, though, has been on traditional counter-intelligence: They have aimed to shut down North Korea’s intelligence agencies, rather than try to cause widespread damage.

The DPRK’s focus is different. With little to lose in terms of international reputation, and suffering under otherwise crippling sanctions, most recent attacks have focused on one thing: stealing money.

In fact, when taken as a whole, this appears to be the primary purpose of North Korea’s cyber program. In 2016, hackers working for the DPRK tried to steal $1 billion from the New York Federal Reserve. Though foiled on that occasion, the hackers still got away with $81 million, and more generally have developed a system that is quietly stealing hundreds of millions of dollars a year.

In short, while missile tests or hacks of celebrities’ private photos will continue to generate the most headlines, these miss the point of the DPRK’s growing cyber capabilities. A country that used to crudely counterfeit $100 bills has found a new strategy for generating cash: stealing it electronically.

Samuel Bocetta spent decades working for the U.S. Navy and as a consultant to defense contractors, specializing in electronic warfare and advanced computer systems.  He is currently writing and teaching defense engineering.

Quiz Question   
In which century were the first mandatory vaccination laws enacted in the United States?
More Questions
Notable Quote   
"At the end of last week, there were 584 container ships idling off the world's ports, waiting to be loaded or unloaded. Disruptions in the bulk cargo sector look to be even worse.Experts suggest the problems are temporary. For instance, Bloomberg columnist Brooke Sutherland maintains that three weeks of declines in ocean freight rates tells us 'the worst may be over for the supply-chain snarls that…[more]
—Gordon G. Chang, Author of "The Coming Collapse of China"
— Gordon G. Chang, Author of "The Coming Collapse of China"
Liberty Poll   

Which is the current greatest day-to-day concern to your family?