The National Intelligence Service told lawmakers on Monday that in December last year North Korea hacked at least two domestic cryptocurrency exchanges and stole virtual currency worth 26 billion won ($23.96 million).
The service also said North Korean hackers may have stolen 58 million yen ($5.2 million) in cyber currency from one of Japan’s largest cryptocurrency exchanges on Jan. 26. It is the largest cryptocurrency heist to date.
The North is seen stealing virtual currency as it finds it increasingly difficult to earn hard currency due to the international community’s sanctions.
This issue is serious in that North Korea is likely to fund its nuclear and missile development programs by changing cryptocurrency it stole into cash at exchanges in a third country.
The North even disabled well-known vaccine programs to hack into the Korean cryptocurrency exchanges.
This reaffirmed it has outstanding hacking capabilities.
It is deplorable that for all the concerns about North Korea’s hacks, the network security of domestic virtual currency exchanges is so porous, though they deal with transactions worth hundreds of millions of dollars each day.
An inspection by the Korea Communications Commission last year found that none of the 10 largest domestic cryptocurrency exchanges passed security standards.
Considering that North Korea’s hacking was not something that just started yesterday, they cannot avoid criticism that they are too much bent on making money while turning their faces away from the need to invest in their computer networks.
Sigal Mandelker, undersecretary of the US Treasury for terrorism and financial intelligence, met with Kim Yong-beom, vice chairman of the Financial Services Commission, in Seoul on Jan. 26.
It was belatedly known that Mandelker told Kim that North Korea was suspected of having attempted to launder money at Korean cryptocurrency exchanges.
She asked him about the South Korean government’s related measures.
After her meeting with Kim, the commission said they discussed international cooperation against money laundering, without elaborating. It did not disclose their discussion was related to North Korea’s illicit trade in virtual currency. The government apparently wanted to avoid putting Pyongyang on edge ahead of the PyeongChang Winter Olympic Games.
Mandelker is responsible for working-level affairs related to financial sanctions on North Korea in the Donald Trump administration.
Her discussion of the South’s measures with Kim reflects Washington’s determination to block the flow of hard money into Pyongyang by strengthening Seoul-Washington cooperation.
That North Korea stole cyber currency from the South’s exchanges and attempted to launder cryptocurrency it stole overseas in the South is as good as a provocation in the form of taking assets from people in the South.
It is absolutely imperative that a president and his or her administration protects the life and property of the people.
If they sat on their hands as the people’s property was taken by North Korean hackers, it is a gross dereliction of duty.
The history of the North’s cyberattacks is not short.
It mounted a DDoS attack in 2009 and hacked computer networks of the National Agricultural Cooperative Federation in 2011, news media in 2013 and the Ministry of National Defense in 2016. Pyongyang was singled out as the originator of the worldwide “WannaCry Ransomware” cyberattack in May 2017.
More worrisome is that it hacked into the defense ministry and stole its classified secrets “OPLAN 5015,” its war operation plan, and another plan to remove the North’s leadership.
These incidents show how lax the South has been to increasingly aggressive North Korean hacks. The intelligence authorities need to ask themselves if they eventually aided the North’s cyber attacks while managing political comments online. A bill to prevent cyber terrorism has gathered dust in the National Assembly for five years.
North Korea will never stop hacking South Korea’s cryptocurrency exchanges as well as major institutions. Its hacking tries will become more blatant.
It is important to trace the North’s cyber attacks, but more important is to prevent them by beefing up the nation’s computer networks.