FireEye revealed that groups that appear to be sponsored by North Korea have targeted South Korean cryptocurrency exchanges and service providers. At least three attacks on these orgs have been conducted since May, the security company said, and more could be planned for the future. Those fears pale in comparison to North Korea testing nuclear weapons, but cryptocurrency owners should probably still be concerned.
It's no surprise that someone has been trying to steal cryptocurrency. Bitcoin, Ethereum, and other "coins" have all surged in popularity in recent months, at least for short periods of time. That rise prompted many people to buy graphics cards so they can mine their own cryptocurrency, which has in turn created a shortage of GPUs that makes it next to impossible for gamers to find low-end or mid-tier cards at reasonable prices.
North Korea doesn't seem interested in mining, but that doesn't mean the country's leadership wants to ignore the money it can make by acquiring and selling cryptocurrency. According to FireEye, it would rather steal those funds, as evidenced by the company's timeline of attacks:
April 22 – Four wallets on Yapizon, a South Korean cryptocurrency exchange, are compromised. (It is worth noting that at least some of the tactics, techniques, and procedures were reportedly employed during this compromise were different than those we have observed in following intrusion attempts and as of yet there are no clear indications of North Korean involvement).April 26 – The United States announces a strategy of increased economic sanctions against North Korea. Sanctions from the international community could be driving North Korean interest in cryptocurrency, as discussed earlier.Early May – Spearphishing against South Korean Exchange #1 begins.Late May – South Korean Exchange #2 compromised via spearphish.Early June – More suspected North Korean activity targeting unknown victims, believed to be cryptocurrency service providers in South Korea.Early July – South Korean Exchange #3 targeted via spear phishing to personal account.
FireEye didn't mince words in its report. The company said North Korea is a "pariah nation" that "operates in many ways like a criminal enterprise" and has been forced to find new ways to make money by various economic sanctions. The relative lack of regulation and lax security of some cryptocurrency service providers makes them a prime target for a "Hermit Nation" looking to make a quick buck.
Cryptocurrency might also be easy for the attackers to launder into more established currencies. The whole purpose of these exchanges is to convert a cryptocurrency into something like U.S. dollars or South Korean won. Unless those companies are honest and diligent, it probably wouldn't be particularly hard for someone to sell off their ill-gotten cryptocurrency with no one being the wiser.
"Cryptocurrency: funding all our nuclear needs"
Hopefully this issue gets tackled soon.
Unfortunately, cryptocurrencies are resilient against counterfeiting, meaning they have to resort to tactics akin to that of a high-tech pickpocket or con artist. Since mining is highly energy-intensive and requires good connectivity, it would be a bad move for them.
Even without ICBMs and H-bombs, the only way anyone can do anything about North Korea is to make it more painful and costly for China to keep coddling them. Their conventional weapons deterrent is already quite effective. For decades, they've had the capability to flatten Seoul, without using a single nuke. That's already a price no one wants to pay.
So, besides sanctions (which only seem to make them mad), the only things you can do are to use cyberwarfare and go after China. Cyber is tricky, because by virtue of being so far behind the rest of the world, they have the tactical advantage of a very small attack surface. China is tricky because if you're not careful, they'll hurt you worse.
Taking him out isn't the hard part. It's the global backlash that would come from it that's the hard part. Unless Kim actually does attack something, the US invading would look seriously bad in the eyes of the world. The other bad thing is if NK is nuke capable, even a successful invasion on them will be retaliated by a possibly innocent area getting nuked in spite.