US accuses Pyongyang for cyber crime wave

The Department of Justice has prepared charges regarding the WannaCry attack, Sony hack and the theft of the Bangladesh central bank.

Background

A cyber threat is deemed to be any malicious act that attempts to gain access to a computer network without authorization or permission from the owners. In 2017, there were multiple cyber threats that manifested into large scale attack on systems worldwide. The WannaCry attack alone ended up affecting hundreds of systems across the world - including hospitals and large organizations. Internet connectivity brings great benefit, but is also exploited by those wishing to cause harm.

In addition, it was revealed that financial systems like Equifax had been breached and the data of millions of people became vulnerable. In November, Uber confirmed that it had been hacked and 57 million customers and drivers were affected.

Nation states also develop cyber capabilities that can be weaponized. Countries like Russia and North Korea have been linked to cyber breaches of other nations. Cyber warfare has become a legitimate force to be reckoned with as a cyber-attack can destabilize important structures vital to a nation.

Read more of our extensive analysis on North Korea and the WannaCry attack here

Analysis

US prosecutors have accused the North Korean regime of orchestrating a global cybercrime wave that included robbing $81m from Bangladesh’s central bank and spreading the global WannaCry malware attack last year.

Criminal charges prepared by the US Department of Justice alleged Park Jin Hyok, a North Korean hacker, was ordered by Kim Jong Un’s regime to carry out the attacks. The filing includes unnamed co-conspirators, and a Department of Justice (DoJ) official said the investigation was continuing. The 179-page criminal complaint alleges Mr. Park hacked on behalf of the North Korean regime from 2014 through 2018 in a spree that included attacks on financial institutions from the US to south-east Asia.

In addition to the Bangladesh and WannaCry attacks, federal prosecutors accused Mr. Park of hacking corporate emails at Sony Pictures in 2014 and a failed attempt to break into Lockheed Martin, the American defence contractor that built an anti-missile defence system deployed in South Korea.

“Working for a foreign government does not immunise criminal conduct,” said John Demers, assistant attorney-general in the DoJ’s national security division.

North Korea has long been the primary suspect behind the Sony, Bangladeshi and WannaCry incidents — three of the most sophisticated cyber-attacks ever to be made public.

The DoJ’s move is a significant escalation in Washington’s campaign against the regime’s clandestine cyberwarfare efforts. This comes even as President Donald Trump has tried to re-establish his diplomatic rapport with Kim Jong Un. 

The complaint said the North Korean hackers typically sought to move deep into a bank’s network until they controlled a terminal that could send messages on Swift, the interbank messaging network used to send wire transfer orders between financial institutions.

The US Treasury also announced sanctions against Mr. Park and Chosun Expo Joint Venture, the company he worked for. The DoJ claimed the company was a front, designed to generate currency for Pyongyang intelligence.

Counterpoint

One of the main challenges of punishing cyber crimes is the lack of a clear jurisdiction. The DoJ may have charged a North Korean National with the cyber attacks but it lacks a uniform jurisdiction to apprehend the individual without foreign support.

In effect, unless the United States and North Korea sign an extradition treaty, the charges on Park Jin Hyok are an unproductive effort. This is clearly just a message for North Korea ahead of any potential negotiations regarding its nuclear program.

Assessment

Our assessment is that the US is finally ready to pin the blame on the source of the attacks without worrying about the impacts. We feel that the DoJ will look into more recent attacks from Chinese and Russian hackers with the same intention. However, we believe that the existing global frameworks on cybersecurity need more depth to hold cyber criminals legally responsible for their actions. We also feel that the internet should be governed with laws akin to those framed for Nuclear weapons.