- North Korea’s huge crypto hack marks a new era in cybersecurity threats.
- “If there was ever a doubt that hacks were not tied to national security, that’s been resolved,” a blockchain expert told Insider.
- Ari Redbord of TRM broke down how the hack signifies the emergence of a new kind of cyber warfare.
US authorities this week tied North Korean hackers to the historic $625 million Axie Infinity crypto swindle, with the massive hack signifying the emergence of a new type of national security threat, according to a blockchain expert.
On Thursday, the US Treasury Department added an Ethereum wallet address to its sanction list after the wallet facilitated transfers for more than $86 million of the stolen funds.
The hacking outfits Lazarus and APT38, both linked to North Korea, were behind the theft, the FBI said in a statement, and the funds are generating revenue for Kim Jong Un’s regime.
Ari Redbord, head of legal and government affairs at blockchain research firm TRM, says the attack shows that even a nation as isolated as North Korea can participate in new-age cyber-warfare.
“Over the last few years many hacks have been perpetrated by North Korea,” Redbord told Insider. “But the magnitude of this one shows things have moved from small exploits to true national security concerns. It’s staggering — bank robbery at the speed of the internet.”
For years, North Korean actors have been responsible for cyberattacks, including a high-profile hit against Sony in 2014. But groups like Lazarus have grown increasingly sophisticated and ambitious.
Meanwhile, businesses within the nascent crypto sector are still finding their footing when it comes to cybersecurity, which makes them vulnerable to hacking groups which are continuously honing their tactics.
“North Korea realized a hack against an online retailer was one thing, but going after crypto exchanges is a more effective way to fund destabilizing activity at a very low cost to them,” Redbord said.
The country was an early adopter of cryptocurrency money laundering, he added, and there’s no sign it’s bad actors will slow their efforts since it’s proven to be extremely profitable.
What’s more, Redbord noted that social engineering attacks, such as the Axie Infinity infiltration, are becoming more advanced.
These hacks aren’t a consequence of simple, mass-
phishing
emails, he explained, but nuanced and targeted strikes on specific individuals.
The new digital battlefield
While North Korea has an extremely small economy and limited infrastructure, it has proven it can participate in cyber-warfare at a scale similar to global superpowers like the US and China.
The Axie Infinity hack in particular reinforced Redbord’s belief that the scale of digital attacks are climbing at such a rate that a new type of warfare is emerging.
“Over the last year or so, we’ve moved from a post 9/11 world into a new digital battlefield,” Redbord said. “Nation-state actors know to go after crypto businesses to fund real weapon proliferation, it’s not just some hackers trying to fund a lifestyle.”
North Korea’s use of the group Lazarus confirms that the country’s isolated status and lack of modern infrastructure doesn’t hold it back from participating in cyber warfare on the world stage, Redbord explained.
The cryptocurrency industry is an excellent target for these attacks because of the volume of transactions and funds being moved every day, but also because the businesses aren’t fully mature and may still be developing their own cyber security protocols.
Unfortunately, this means many firms often do not have the most up to date security measures in place, Redbord said.
“It comes down to hardening cyber defenses. We’re still in a world where these companies are learning how to protect themselves, and now we’ve seen that a small group is responsible for crypto’s largest hack.” he said. “If there was ever a doubt that hacks were not tied to national security, that’s been resolved.”
