Monday October 14, 2019
Home World The Secrets O...

The Secrets Of The North Korean Hacker Army

The last component would be for governments to codify what measures would be employed as proportional responses, should additional cyberattacks

0
//
Hacking (representational Image), VOA

North Korean hackers continue to circumvent protections and compromise computer systems around the globe. Pyongyang’s cyber operatives, like the Lazarus Group, have been linked to computer system infiltrations like the 2014 Sony Pictures Studios hack prior to the release of the U.S. film “The Interview” and the attempted theft of close to $1 billion from the central Bangladesh bank using the SWIFT banking network in 2016.

But how did Pyongyang become so adept at hacking while not possessing rich resources and being under tough International sanctions?

Seungjoo Kim, a professor at Korea University’s Graduate School of Information Security says the answer, in part, is because North Korea’s computer hackers operate in China and Europe with easy access to the internet.

“North Korea practices their craft under real conditions, like hacking cryptocurrency sites or stealing information,” he said, “These repeated exercises help to improve their skills.”

As an instructor, Seungjoo Kim teaches his students how hackers invade other systems using traditional textbooks instruction. But without real-world trials, he says they can’t obtain the knowledge needed to test systems or prevent hostile attacks.

“Basically, you should teach basic computer knowledge, and then try to solve some hacking problems,” he said, adding that the best way to improve one’s computer infiltration skills is with real-time and real-world practice.

“North Korea acquires [their] knowledge by invading other systems,” said Kim.

He added that because North Korea can directly attack other countries, that effort has enabled Pyongyang to quickly develop their world-renowned hacking skills.

North Korea’s cyber army

Experts assert there are between 6,000 and 7,500 members of North Korea’s cyber army, split into a number of divisions to carry out cyberterrorism against state infrastructure, financial institutions, and the latest hijacking of defense technology.

Sony Pictures, North Korean, Computer
Pedestrians walk past an exterior wall of Sony Pictures Studios in Los Angeles, California, Dec. 4, 2014. That year, Sony became the victim of a cyber hack by North Korean operatives from the Lazarus Group. VOA

“North Korea was inspired by the Chinese cyberwar units and learned from them,” said NK Intellectuals Solidarity director Heung Kwan Kim, “Recognizing their power, North Korea set up the first unit within the central government in 1993.”

While Pyongyang’s Reconnaissance General Bureau is comprised of six divisions and overseas operations in South Korea, the United States, and Japan, it’s another bureau that is responsible for the bulk of North Korea’s cyber warfare.

“Unit 121 oversees Unit 180, Unit 91, and lab 110,” Heung Kwan Kim told VOA.

A 500-person strong Unit 121 was created in 1998, and in 2009 the group successfully carried out 77 attacks by overwhelming computer networks through unleashing an onslaught of Internet traffic.

This led Pyongyang to conclude that cyber-warfare was “the most suitable form of war” for North Korea in the modern era, according to Heung Kwan Kim.

Attacks continued throughout 2014, and in 2015. When North Korea reorganized their divisions, Unit 121 was given the mission of attacking a foreign nation’s infrastructure, such as transportation networks, telecommunications, gas, electric power, nuclear power, and aviation systems.

Bitcoin Price, Cryptocurrency surge, Computer
Bitcoins placed on dollar banknotes are seen in this illustration photo taken Nov. 6, 2017. Cryptocurrencies are attractive for North Korean hackers because they are difficult to trace back to their original owner. VOA

Unit 91’s focus was shifted to acquiring “advanced technologies needed for nuclear development and long-range missiles from developed countries.”

Finally, the role of Unit 180 was changed for it to target financial systems and to focus on block chain technology.

Cryptocurrency and blockchains

With international sanctions crippling Pyongyang’s coffers, Heung Kwan Kim said North Korea shifted their cyberattacks to private systems, rather than government networks, because the smaller entities weren’t as well protected.

“It’s a problem of North Korea’s high ability and low security,” he said.

The numerous attacks on small and private companies have led to allegations that Pyongyang is hacking into cryptocurrency exchanges to steal virtual money, like Bitcoin, said Seungjoo Kim. Stolen cryptocurrencies are attractive because they are difficult to trace back to their original owner.

In 2017, the North Korean hacking group Lazarus was accused of attacking South Korea cryptocurrency exchange Bithumb. The cyber thieves made off with nearly $7 million in digital currencies.

Bitcoin Price, Cryptocurrency surge, Computer
Experts: Cyber attacks Growing Increasingly Sophisticated. Pixabay

The hackers also obtained personal information of users stored on the compromised servers. The BBC reports North Korea was later able to ransom additional funds from the owners in exchange for deleting the data.

“Cryptocurrency is easy to steal because it moves in cyberspace,” said Seungjoo Kim.

He added, “To earn cryptocurrency in a legitimate way, cutting-edge computers are required, but North Korea doesn’t have them, so they attack computers abroad and hack mining programs.”

The hacked computers then send any virtual coins it uncovers to North Korean digital wallets they can convert to hard currency.

Also Read: $571 Mn In Cryptocurrency Stolen By North Korean Hacker Group

To curtail North Korea’s cyberattacks, he advocates a detente in the virtual world that’s similar to the easing of tensions taking place on the peninsula. However, that may be difficult, as it would require Pyongyang to admit it committed acts of cyberwarfare.

In addition, it would require “Russia and China not only participating in current real-world sanctions, cyber sanctions at the same time,” said Seungjoo Kim.

The last component, he said, would be for governments to codify what measures would be employed as proportional responses, should additional cyberattacks take place and prepare for those events. (VOA)

Next Story

Cyber Experts: Indian Government Needs to Speed Up Necessary Changes in Domestic Laws on Internet Taxation

India has not yet crystal clearly defined its holistic national approach and perspectives on taxation on the Internet

0
Cyber, Experts, Indian
The Indian approach on the Internet taxation has left much to be desired. Pixabay

With the Organisation of Economic Co-operation and Development (OECD) proposing an overhaul in the taxation system for digital companies, cyber experts on Thursday urged the Indian government to speed up necessary changes in domestic laws on internet taxation so that tech giants like Google, Facebook and Amazon can be asked to shell out taxes they have been evading for years.

The OECD on Wednesday published a proposal to advance international negotiations to ensure large and highly profitable multinational enterprises, including digital companies, pay tax wherever they have significant consumer-facing activities and generate their profits.

According to cyber experts, given the fact that India is not yet a part of OECD, it is imperative that India must be mindful of the way how things are evolving.

“The Indian approach on the Internet taxation has left much to be desired. India has not yet crystal clearly defined its holistic national approach and perspectives on taxation on the Internet,” Pavan Duggal, the country’s leading cyber law expert and privacy advocate, told IANS.

Cyber, Experts, Indian
The OECD on Wednesday published a proposal to advance international negotiations to ensure large and highly profitable multinational enterprises, including digital companies. Pixabay

However, it is essential that India is mindful of the global developments that are taking place in this regard and must come up with its own taxation approaches, which are in sync with the global trends that are emerging.

“Further, India needs to distinctly be walking in the path of ensuring that legal entities who are offering their services via the internet in India, whether they are physically present in India or not, would be subject to Indian taxation,” Duggal elaborated.

The new OECD proposal is based on the work of the OECD/G20 Inclusive Framework on base erosion and profit shifting (BEPS), which groups 134 countries and jurisdictions on an equal footing, for multilateral negotiation of international tax rules, making them fit for purpose for the global economy of the 21st century.

“We’re making real progress to address the tax challenges arising from digitalisation of the economy, and to continue advancing toward a consensus-based solution to overhaul the rules-based international tax system by 2020,” said OECD Secretary-General Angel Gurria.

Also Read- Adding Tomatoes in your Daily Diet could Keep your Virility Up and Running

According to advocate Virag Gupta, in the K.N. Govindacharya petition before Delhi High Court in 2012, taxation of Internet companies was first raised when the government of India gave “Double Tax Avoidance Agreement: as reason to not tax foreign Internet companies.

The OECD proposal “may strengthen the case for taxation where these companies are having huge business or presence. But how can tax haven countries can be compelled to follow the OECD guidelines?” Gupta told IANS.

Countries like China, France and Germany have shown political will-power to tax Internet companies but India has miserably failed to tax Internet giants despite being the biggest market.

“India’s Parliament is supreme and sovereign to tax these companies for which necessary amendments are to be made in the Income Tax Act, Companies Act and Information Technology (IT) Act etc,” he suggested.

Cyber, Experts, Indian
According to cyber experts, given the fact that India is not yet a part of OECD, it is imperative that India must be mindful of the way how things are evolving. Pixabay

According to him, India was always free to tax these companies.

“In this current economic slowdown, OECD decision may enable government to bring new tax regime by which digital companies may be taxed,” Gupta added.

At the moment, the said OECD “Public Consultation Document” is only indicative of the consultation process wherein stakeholders have been asked to give their comments by November 12, 2019.

However, the approach could form the basis for subsequent evolution of jurisprudence concerning taxation in the context of the Internet.

Also Read- UNICEF Accepting Donations in Cryptocurrencies Ether and Bitcoin

“The fact remains is that today, most of the companies offering services on the Internet are not paying their share of taxation in different jurisdiction. This is despite them taking the benefit and advantage of the markets of the said jurisdictions,” informed Duggal.

“Further, India needs to distinctly be walking in the path of ensuring that legal entities who are offering their services via the internet in India, whether they are physically present in India or not, would be subject to Indian taxation,” added Duggal, who is also a senior Supreme Court advocate.

There are immense amount of challenges in this regard.

New changes would be required in the existing Income Tax laws but more significantly as a nation, “we need to make up our mind as to in what manner, we want to contribute to the evolving taxation jurisprudence on the Internet”, Duggal emphasized.

“The top 15 Internet companies alone have amassed a value of over Rs 20 lakh crore due to their Indian users. The companies’ value could be a major chunk of the Indian economy but is serving no purpose to Indians,” informed Gupta. (IANS)