December 22, 2021

What Will North Korean Cybercrime Look Like in 2022?

The international community often incorrectly correlates North Korea’s lack of public access to modern computer hardware within its borders with its inability to successfully execute software-reliant cyberattacks.

Over the years, however, North Korea has demonstrated remarkable growth in the breadth, success, and sophistication of its cyberattacks, ranging from hacking government websites and cryptocurrency exchanges to crippling national healthcare services and global financial networks. However, the most unique aspect of North Korean hacking is its focus on targeting financial institutions, a likely result of sustained U.S. and U.N. economic sanctions on the country.

North Korean hackers will likely continue to employ more phishing campaigns in the future while tailoring their level of obfuscation based on the target’s sophistication.

The United Nations Panel of Experts on the DPRK assessed in its March 2021 report that North Korea-sponsored cybercrime both directly and indirectly supports the country’s weapons of mass destruction programs, which signals an urgent need for responsible nations to cooperate on mitigating this cyber-enabled global security threat. For 2022, recent analysis and developments in North Korean hacking suggest that Pyongyang will expand its cyber operations with increased focus in the following areas: phishing campaigns, ransomware attacks, foreign OTC brokers, and decentralized finance (DeFi) platforms.

Most North Korea-sponsored hacks begin with some form of an email phishing campaign that targets untrained employees and vulnerabilities in a network’s operating system. Despite calls for greater company-wide cyber hygiene practices, Pyongyang continues to enjoy tremendous success in gaining access to financial networks by sending infected links in emails. Given its proven success across a wide range of platforms, North Korean hackers will likely continue to employ more phishing campaigns in the future while tailoring their level of obfuscation based on the target’s sophistication.

Read the full article from The Diplomat.

Congressional Testimony
- December 3, 2021
Duyeon Kim testifies before European Parliament's Committee on Foreign Affairs
Chairman McAllister, Vice Chairs, DKOR Chairman Mandl, and distinguished Members of the Committee on Foreign Affairs and the European Parliament, thank you for the opportunity...

By Dr. Duyeon Kim
- Commentary
- The Diplomat
- October 29, 2021
China’s New Land Borders Law Is a Nightmare for North Korean Refugees
A combination of high-level pressure from foreign governments and steady support for grassroots refugee resettlement organizations and programs is the most practical way to as...

By Jason Bartlett
Commentary
- World Politics Review
- October 21, 2021
The Two Koreas’ Recent Arms Displays Are Sending Very Different Messages
North Korea has announced that it successfully tested a new, smaller submarine-launched ballistic missile, or SLBM, on Tuesday. State media claimed the missile—launched from t...

By Dr. Duyeon Kim
Commentary
- The Diplomat
- October 12, 2021
Unpacking Claims of Secret North Korean Intelligence Operations
Cyberspace remains a viable domain for infiltration and information collection for highly trained North Korean agents....

By Jason Bartlett