Forget The Nukes: Cyber Warfare Is North Korea’s Most Powerful Weapon

Image credits: Sydney Kim

LOS ANGELES — In September 2021, North Korea launched two ballistic missiles, marking its first missile test since March. The ICBMs landed in the Sea of Japan and produced a mild international outcry, but no substantive action was taken by South Korea, the United States or the United Nations. Although the DPRK’s nuclear capabilities pose a significant threat to global security, western powers no longer seem willing or interested in reacting strongly to the North’s military provocation. 

In March, President Biden called North Korea’s missile test “business as usual,” citing the missiles not being ballistic as a reason to effectively ignore the launch. The United States seems to recognize that continued escalation of the security situation in Korea is inevitable – decades of sanctions and threats have failed to prevent the country’s development of nuclear weapons.

Although North Korea’s nuclear program receives a great deal of media attention, the situation has long been stagnant. The DPRK will never give up its nuclear missiles regardless of harsh sanctions or international pressure. During negotiations between former President Trump and Kim Jong Un, Trump’s recently fired national security advisor, John Bolton, claimed, “North Korea will never give up the nuclear weapons voluntarily.” Those talks in Hanoi quickly stalled as it became clear a hardline approach from the United States would not produce results that President Trump had hoped. 

Nukes may be the most dangerous weapons possessed by Kim Jong Un, but they aren’t the weapons causing the most damage. While widely unrecognized, North Korea’s cyber warfare capabilities have grown at an astounding rate in the past decade. 

A congressional briefing on North Korea’s cyber capabilities stated, “The North Korean government has devoted significant resources to develop its cyber operations and has grown increasingly sophisticated in its ability to attack targets. Among governments that pose cyber threats to the United States, some analysts consider the North Korean threat to be exceeded only by those posed by China, Russia, and Iran.” While the aforementioned nations tend to use cyber operations to steal information or interfere with elections, North Korea uses its abilities almost exclusively to make money.  

The types of cyberwarfare attacks launched by North Korea have had various goals but are primarily used to steal foreign currency. In 2016, the Lazarus Group, a hacking organization with strong ties to North Korea, attempted a one billion US dollar electronic heist on the National Bank of Bangladesh. The group previously gained access to Bangladesh’s banking system in 2015 and spent months plotting a complicated cyber operation. By disabling a backup printer that recorded all transactions, the Bangladeshi financial reserves were drained overnight without alerting bank employees. 

The Lazarus Group hackers timed their actions so that the Federal Reserve in New York, which oversaw the transactions, was closed once Bangladesh’s National Bank became aware of the theft. The hackers used a bank located on Jupiter Street in Manila to receive the stolen funds. Coincidentally, “Jupiter” is also the name of a sanctioned Iranian shipping vessel, resulting in holds on the majority of the wire transfers. 81 million US dollars was still successfully stolen from the Bank of Bangladesh. The amount was less than the originally planned one billion, but was still a devastating loss for the South Asian nation where 20% of the population lives below the poverty line. 

North Korea is desperate to obtain foreign currency due to the harsh sanctions placed upon it by the UN and international community. Foreign currencies are used to funnel money into North’s nuclear weapons program and to fund decadent luxuries for Kim Jong Un and his group of elites. 

Research by the Center for Advanced Defense Studies used satellite imagery to determine how two luxury Mercedes-Benz limousines, worth up to 1.6 million dollars each, were shipped to North Korea in blatant defiance of UN sanctions. The money used to purchase such foreign luxuries, in a country where an estimated 40% of people are undernourished, was likely derived from cyber-theft operations.

Unlike physical warfare, North Korea uses cyberwarfare primarily because the costs of human life and equipment are low and the risk of sparking a larger conflict is virtually nonexistent. In May 2016, a massive Ransomware attack locked thousands of users of the UK’s national health service, NHS, out of their computers. The Ransomeware named “WannaCry” was identified to contain code linked to the Lazarus Group. Despite the damages, the international community took little substantive action, beyond accusing the DPRK of these attacks, to hold Kim Jong Un responsible. 

The DPRK has recently begun targeting cryptocurrency held by financial institutions and companies. In February 2021, the US federal government indicted three North Korean hackers who are accused of stealing $1.3 billion in cash and crypto. “North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” said Assistant Attorney General John Demers of the Justice Department’s National Security Division. The indictment also described how North Korean hackers spend time in Russia and China, which both offer safety and training in computer hacking. 

While an increasingly long list of sanctions has tried and failed to topple the Kim Dynasty for over half a century, North Korea has been experimenting and finding new ways to commit cyberwarfare against foreign entities – simultaneously continuing its nuclear weapons program. The lesson is clear: economic sanctions are relatively ineffective in preventing North Korea from pursuing its nuclear ambitions. Future sanctions are unlikely to destabilize the Kim regime. 

If the international community wants to make meaningful headway against the North Korean threat, an emphasis should be placed on holding the country accountable for its cyber crimes. Outside nations could exert less diplomatic energy on nuclear weapons and instead, attribute sanctions and rhetoric to the North’s damaging cyber operations. 

North Korea has proven to value nuclear weapons over punitive sanctions, but the same sentiment might not hold true regarding cyber crimes. These crimes often provide a mechanism to reel in foreign currency, which is necessary because of sanctions. If the international community were to offer incentives such as reduced sanctions in exchange for an end to North Korea’s cyber crime operations, there could finally be tangible change on the Korean peninsula. 

Comments

Jacob Wisnik

Jacob Wisnik is a senior majoring in International Relations (Global Business). Having spent a year of high school living abroad outside of Paris and his first year of college in Madrid, Jacob has developed a deep passion for international relations firsthand. On campus he is a member of the Phi Beta Kappa Honor Society, the Foreign Service Society, and spent this summer in South Korea interning as a USC Global Fellow. Jacob is specifically interested in the global economy, transportation, infrastructure, and defense. While Jacob is proud to have developed as a writer at Glimpse, it’s the close friendships with fellow authors that has made this organization feel like home.

wisnik@usc.edu