Hacking Scale, North Korea's Export Amount 8.8 Times Higher
Estimated Use for Missile Development Funding
Security Limits Despite Japan's Payment Law Revision
Need for International Security Cooperation Emerges
North Korea is reported to have hacked Japanese cryptocurrency worth 98 billion yen (9.635 trillion won) to alleviate economic difficulties caused by international sanctions and to secure funds for missile development.
According to a joint analysis by the Nihon Keizai Shimbun and the UK blockchain analysis firm Elliptic on the 16th, North Korea's hacker group 'Lazarus' has hacked Bitcoin worth 98 billion yen in Japan since 2017.
[Image source=Yonhap News]
Elliptic classified the businesses from which cryptocurrency was drained using electronic wallets employed by Lazarus by country, and Japan was identified as having the largest scale of hacking. The amount of cryptocurrency stolen by North Korea from Japan is 8.8 times the country's export value in 2021 (81.96 million dollars). Following Japan, the countries with the largest hacking damages were Vietnam (540 million dollars), the United States (497 million dollars), Hong Kong (281 million dollars), and South Korea (158 million dollars). This is the first time the scale of hacking damages has been revealed by country.
Lazarus's main cyberattack methods are ransomware and server hacking, and this time it is understood that they carried out hacking by stealing Bitcoin from cryptocurrency exchanges.
The Nihon Keizai Shimbun explained, "Lazarus most frequently uses the method of embedding viruses through emails," adding, "As the cryptocurrency market rapidly expanded, identity verification procedures were lax, and prioritizing quick responses to customers' deposit and withdrawal orders caused security issues by not disconnecting electronic wallets from the internet."
It is presumed that North Korea used the hacked cryptocurrency funds for missile development. Last year, North Korea launched 65 missiles, including eight intercontinental ballistic missiles (ICBMs), and the cost of launching a single short-range missile exceeds 4 billion won. Security experts believe it would be impossible for North Korea, under international sanctions, to raise such funds solely through foreign trade. The U.S. White House claimed in January that North Korea stole over 1 billion dollars from the cryptocurrency market to fund its missile development.
As hacking damages caused by North Korea spread, Japan amended the Payment Services Act in 2020 to strengthen cryptocurrency security. At that time, the Japanese government enacted a bill mandating that customers' cryptocurrencies be managed in electronic wallets operating only offline, known as 'cold wallets.' Hot wallets, which allow real-time transactions online, have the disadvantage of being vulnerable to security breaches due to potential leakage of private keys.
However, there are criticisms that the bill alone was insufficient to prevent hacking in advance. The Nihon Keizai Shimbun stated that additional measures beyond the Payment Services Act are necessary, noting, "Responses to new technologies such as decentralized finance (DeFi) and support for domestic operators' countermeasures are inadequate."
Furthermore, it emphasized the need for international cooperation to prevent hacking. Hiroki Iwai, president of Signet and a cybersecurity expert, advised, "Threat information such as attack routes and malware should be shared among public and private sectors and industry organizations worldwide to enhance the defense capabilities of various industries, including finance."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
