ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintIcon Twitter
International relations

North Korea ramps up ransomware attacks in hunt for cash

Emerging cyber power trains 1,000 digital 'warriors' a year

SEOUL -- North Korea is firing a fusillade of ransomware attacks outside its borders, turning to cryptocurrency extortion for easy money as tough international sanctions bite.

Pyongyang has increasingly targeted small and midsize businesses in South Korea with ransomware since 2018, apparently to exploit weak security and the common language, according to a source with knowledge of the North's illegal financing activities. The South's National Intelligence Service reports 1.58 million attempted cyberattacks a day here.

Hackers infiltrate servers and internal systems, encrypting important data and demanding cryptocurrency from victims wanting it back. Ransoms are cashed on Chinese exchanges.

Demands often range between 1 and 10 bitcoins (roughly $50,000 to $500,000), according to South Korean media. The true figure remains unclear, since many victims do not report the incidents. Ransomware cost businesses an estimated more than 2 trillion won ($1.8 billion) in 2020, surging 18-fold in five years.

North Korean thefts of virtual assets totaled around $316 million from 2019 to November 2020, according to a draft report presented to the United Nations Security Council committee on North Korea sanctions.

But "tracking such activities requires the cooperation of the Chinese government," making it impossible to "determine the exact amount of foreign currencies the North has obtained," a source said.

North Korea previously relied on currency counterfeiting, drug trafficking and arms exports to the Middle East as important sources of income, and the U.N. economic sanctions have blocked these activities. Now cyberattacks are an efficient and safe way for Pyongyang to obtain funds, an expert said.

So how did the North's hacker army come to be?

In 2012, North Korean leader Kim Jong Un ordered the formation of a unit for strategic oversight of cyber operations at the Reconnaissance General Bureau intelligence agency. He visited the RGB in 2013, reportedly saying that with its "brave" cyberwarriors, "we can penetrate any sanctions."

Pyongyang trains hackers at special academies, according to the South's publicly funded Institute for National Security Strategy. Mirim College sends 120 graduates a year to Bureau 121, the infamous cyberwarfare unit with world-class hackers under the RGB. Kim Il Sung Military University, which educates members of the future military elite, reportedly cultivates some 1,000 cyberwarriors annually.

The North has other organizations for cyber operations besides the RGB. A military division is responsible for cyberattacks on South Korean forces. A unit in the ruling Workers' Party is said to run about 140 websites for propaganda efforts targeting South Koreans.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Try 1 month for $0.99

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends July 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to Nikkei Asia has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media

Nikkei Asian Review, now known as Nikkei Asia, will be the voice of the Asian Century.

Celebrate our next chapter
Free access for everyone - Sep. 30

Find out more