In a shocking new revelation, a former computer expert from North Korea has exposed the role played by Pyongyang’s spy agency in some of the most successful cyber attacks.
In the wake of the WannaCry attack that rattled the world, affecting over 150 countries, security experts had raised doubts about North Korea’s intelligence agency Reconnaissance General Bureau (RGB) being behind the attack.
Now, Kim Heung-kwang, a former computer science professor in North Korea has stated in an interview with Reuters that the cyber attacks allegedly by North Korea were masterminded by Unit 180.
Unit 180 is a special cell that is part of North Korea’s elite cyber warfare group, the Reconnaissance General Bureau.
The attacks, Heung-kwang believes, were aimed at raising money as dozens of countries impose sanctions on North Korea due to its ever-expanding nuclear weapons program, which has not only threatened peace on the Korean peninsula but has become a global threat.
According to Heung-kwang, “Unit 180 is engaged in hacking financial institutions (by) breaching and withdrawing money out of bank accounts.”
He further added, “The hackers go overseas to find somewhere with better internet services than North Korea so as not to leave a trace.”
He explained that the hackers might be heading to other countries as employees of trading firms or overseas branches of North Korean companies or joint ventures in China and Southeast Asia.
Also read: The US is amping up its cyber war force
Meanwhile, James Lewis, an expert at the Centre for Strategic and International Studies, has said that Pyongyang has previously used hacking for espionage and political harassment against South Korea and U.S.
Lewis explained, “They changed after Sony by using hacking to support criminal activities to generate hard currency for the regime. So far, it’s worked as well or better as drugs, counterfeiting, smuggling — all their usual tricks.”
Further, in a report submitted to Congress, the U.S. Department of Defense said that North Korea likely “views cyber as a cost-effective, asymmetric, deniable tool that it can employ with little risk from reprisal attacks, in part because its networks are largely separated from the internet.”
The report added, “It is likely to use internet infrastructure from third-party nations.”
Some officials in South Korea even claim to have considerable evidence of North Korea’s cyber attacks.
Ahn Chong-ghee, South Korea’s vice foreign minister said in a statement, “North Korea is carrying out cyber attacks through third countries to cover up the origin of the attacks and use their information and communication technology infrastructure.”
According to a former South Korean police researcher, Yoo Dong-ryul, Malaysia has been a base for North Korean cyber operations.
Further, Michael Madden, an expert on the North Korean leadership, said Unit 180 was one among several elite cyber warfare groups in the North Korean intelligence community.
In June 2016, law enforcement officials in Seoul accused North Korea of hacking over 140,000 computers at 160 South Korean companies and government agencies and planting malicious code as part of a long-term plan to lay the groundwork for a massive cyber attack.