Hackers trained by North Korea’s military have expanded their repertoire from cyberwarfare to financial fraud as part of a bid to skirt international sanctions following weapons tests by Pyongyang, according to a well-informed source.
“Pyongyang has expanded the dossier of the Reconnaissance Directorate General of the North Korean Armed Forces Department from hacking enemy computer networks to ‘earning’ foreign currency on the Internet,” the source, who has first-hand information about the North’s military cybersquads, said Wednesday.
Speaking to RFA’s Korean Service on condition of anonymity, the source said that the North Korean hackers access banking networks in “hostile” countries and disable their security software to steal money from individual or corporate accounts.
The source said that regime leader Kim Jong Un had recently brought hackers of the North Korean military’s special Unit No. 3 back from China, where they had been operating, posing as researchers and businessmen in major cities like Beijing, Dalian, Tianjin, and Shanghai.
The source said he was informed that the Reconnaissance Directorate General “had achieved success in sourcing foreign currency for the revitalization of the economy.”
“The Reconnaissance Directorate General is being tasked with making money directly.”
The source said that young leader Kim, who has made threats to attack U.S. bases and South Korea, had expressed great confidence in the North’s cyberespionage capabilities, saying, “I am not afraid of the U.S. sanctions against North Korea.”
“As long as I have the Reconnaissance Directorate General, building a strong country is not a problem.”
Last month, the United Nations imposed sanctions in response to Pyongyang's defiant third nuclear test in February, targeting the illicit activities of North Korea's diplomats, banking relationships, and illicit transfers of bulk cash.
“Kim has expressed self-confidence because the Reconnaissance Directorate General earned a lot of foreign currency online last year,” the source said.
“The North Korean government rewarded several cybercombatants with luxury homes and U.S. dollars, while promoting regular operatives to the ranks of lieutenant colonel or colonel,” he said.
Source of pride
The source said that North Koreans are proud of their cyberespionage units, which they consider to be just as important as nuclear weapons and rocket technology in fighting against South Korea and the U.S.
He said that the North Korean hackers also feel pride because they see their illicit financial activity as an essential contribution to sustaining the impoverished North Korean economy.
A source in China’s Shenyang city, located in Liaoning province along the border with North Korea, said that the North’s cyberhackers also believe that they are taking revenge on hostile countries, such as South Korea and the U.S., rather than committing illegal acts.
He called the cyberunits “well-organized” and said they had “significantly increased their range of activities.”
“In the past, North Korea was under observation internationally due to drug-trafficking and counterfeiting, but now they can safely make money via their computers,” he said.
On Wednesday, a spokesman for South Korea’s Internet and Security Agency said an official investigation into a cyberattack in March traced the malicious codes used to six computers in the North.
The March 20 attack on around 48,000 PCs and servers severely affected several broadcasters and operations at the Shinhan, Nonghyup, and Jeju banks.
Last month, James Lewis, Director of the Technology and Public Policy Program at the Washington-based Center for Strategic and International Studies, told RFA that North Korea is among a handful of Asian nations that is developing its cyber infrastructure for military capabilities and doctrine.
Reported by Jungyoung for RFA’s Korean Service. Translated by Goeun Yu. Written in English by Joshua Lipes.