Security leaders discussed North Korean crypto heists

By Dain Oh, The Readable
Mar. 31, 2023 7:50PM GMT+9

Heads of national cybersecurity in South Korea convened on Thursday to discuss strategies to deter the escalating hacking attacks carried out by the North Korean regime.

The National Security Research Institute (NSR) and the National Intelligence Service (NIS), the two core government agencies that defend South Korea from cyberattacks, held a half-day convention in Seoul on March 30. In the Cybersecurity Policy Forum, officials and researchers from the National Cybersecurity Center (NCSC), the Institute for National Security Strategy (INSS), and the Korean National Police Agency participated and shared their analysis on North Korean hacking techniques, which have become more sophisticated through cryptocurrencies and their mixers.

“It has become a serious concern for all of us that North Korean state-sponsored hacking groups have stolen hundreds of billions of won (tens of millions of dollars) worth of cryptocurrencies and have used the illicit assets to fund their nuclear and missile development, which threatens traditional security,” said Choi Hyo-jin, the Head of NSR, while referring to the National Cyber Power Index 2022 that ranked North Korea at the top under the finance objective. The NCPI scores nations under eight objectives to show which nation holds the most comprehensive and effective cyber power to achieve individual goals.

The NCSC chief, who asked that their name not be exposed due to security reasons, emphasized the close collaboration between the private and public sectors, as well as between international societies. “It is not possible to ward off cyberattacks with the capacity of one nation,” asserted the chief during the forum.

Han Suk-hee, the President of INSS, highlighted cybersecurity empowerment across Asia. “Recent cyberattacks are not only targeting individuals and companies, but also picking out infrastructure and financial assets,” said Han. “Asia, including South Korea, is not a safe zone when it comes to these threats because North Korean hackers pass through this region.”

Lee Byung-kil, the senior inspector at the Korean National Police Agency, right, is speaking at the Cybersecurity Policy Forum on March 30. Photo by Dain Oh, The Readable

Chainalysis, the blockchain data platform company, also participated in the discussion to give the audience detailed information about the volume and trends of North Korean cryptocurrency heists. According to the 2023 Crypto Crime Report published by the company, around $20 billion worth of cryptocurrencies were unlawfully transmitted last year, while $3.8 billion worth of cryptocurrencies were stolen by hacking attacks. Furthermore, $7.8 billion worth of cryptocurrencies were discovered to have been laundered through mixers, which refer to services that blend the cryptocurrencies of different users together to obfuscate the owners of the assets.

North Korean hackers started to use mixers in 2019 until they primarily focused on mixers in 2021 for encashment of cryptocurrencies, according to the firm. “While it was called a crypto winter, the amount of the stolen cryptocurrencies reached the highest level on record last year, with total damages of $3.8 billion,” said the company representative. “North Korea was the major actor that drove the surge of cryptocurrency heists, amounting to 40% of the entire cryptocurrency hacks,” added the representative.

Lee Byung-kil, the senior inspector at the Korean National Police Agency, stressed the promptness of private-public collaboration to track down cybercriminals. “If private vendors can collaborate with law enforcement in a fast-paced manner, cryptocurrency markets in general will become much clearer because we will be able to catch the bad guys much faster and more conclusively,” said Lee.

The cover image of this article was designed by Sangseon Kim.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.