North Korea ramps up cyberattacks to save economy

South Korea's National Intelligence Service (NIS) claims that North Korean authorities are the mastermind behind large-scale cybercrimes. Seoul warns of more attacks in 2023.

A South Korean spy agency said North Korean hackers stole $1.2 billion (1.5 trillion won). According to the NIS report, they have launched large-scale cyberattacks to steal cryptocurrency and other virtual assets in the past five years.

The intelligence service claims that hackers stole $626 million last year alone, while $78 million of the total stolen funds came from South Korean assets. They often use ransomware to steal funds.

Cyberattacks are becoming more and more advanced and sophisticated, so we can only respond to them through cooperation between the public and private sectors and between the countries,

said Baek Jong-wook, third deputy director of the NIS.

The spy agency is currently prioritizing tracking virtual asset thefts by North Korean hackers, their trends, and money laundering routes. Seoul also announced joint investigations with the CIA and FBI.

According to the NIS, North Korea has probably the world's best capacity to steal digital assets. Harsh economic sanctions resulting from missile and nuclear tests have forced the state to improve its cybercrime capabilities. With large-scale thefts, the country gains foreign currency to prevent the collapse of the economy and continues to invest in military programs.

Seoul is not only analyzing previous cybercrimes, but also preparing for new ones. Intelligence experts have no doubt that in 2023, South Korea will face massive cyberattacks. The NIS says the hackers are targeting data on South Korea's advanced technology and sensitive information related to national security. North Korean cybercriminals are primarily focused on South Korea's nuclear energy industry, defense industry, and foreign policy programs.

Marking the third year under its five-year economic development plan in 2023, the North is expected to be bent on stealing key technologies, and collecting diplomatic and security intelligence in a bid to meet its policy goals.