Podcasts
Caveat
Ep 283
Caveat 10.23.25
Ep 283 | 10.23.25

How North Korea strikes and survives.

Show Notes
Transcript

[ Music ]

Dave Bittner: Hello everyone, and welcome to "Caveat," N2K's CyberWire's Privacy Surveillance, Law and Policy podcast. I'm Dave Bittner and joining me is my co-host Ben Yelin from the University of Maryland's Center for Cyber Health and Hazard Strategies. Hey there, Ben.

 

Ben Yelin: Hello Dave.

 

Dave Bittner: And on today's show we are once again joined by our N2K colleague and editor of the weekly "Caveat" newsletter, Ethan Cook. This week we are tackling the global impact of North Korean hacking. Ethan, welcome.

 

Ethan Cook: Good to be back, guys.

 

Dave Bittner: While this show covers legal topics and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. [ Music ] All right, gents, it is great as always to have Ethan joining us here today. And why don't you lead us off here, Ethan? What is our Deep Dive topic this week?

 

Ethan Cook: So, we are diving into the spicy, spicy world of state-sponsored hacking, looking specifically at North Korean hacking, which, you know, maybe not the first thing or first nation that people think of when we talk about state-sponsored hacking, but is certainly one of the most impactful ones.

 

Dave Bittner: Well, let's dig in with some of the background here because, in my mind, when I think of North Korea's place on the global hacking stage, they kind of stand alone for their goals, what they're after, why they do the things they do. I mean, can you give us a little of -- of that back history, Ethan?

 

Ethan Cook: Yes, so I think when we look at, let's say the typical state sponsored hacker, whether that be a Russia, a China, an Iran, a US, etcetera, a lot of the goals that we're kind of looking at for the most part are politically motivated. Right? We're trying to destabilize another nation. We're trying to disrupt critical infrastructure, we're trying to degrade services, you know, maybe influence political, public opinion, things along those lines. That's the standard. While there are more -- while there's way more nuance on the -- nuance than that, I think that's a good summary.

 

Dave Bittner: Yes.

 

Ethan Cook: North Korea is a little different. They, well, some of those goals do apply to what they do. They have a whole other side of their hacking, which is profit generation, which we don't see. America doesn't need money, right? Like China doesn't need money. Like, they -- they'll take it, but that's not a goal. >> Right. North Korea, it's driven by schemes that make money and year over year they're innovating in that.

 

Dave Bittner: And that is because?

 

Ethan Cook: They are cut off from the world. You know, and I think them being -- it -- it's really, you know, I -- I was trying to think of when I was -- when we were writing -- writing this up, what -- how to summarize them. And I honestly, the best -- the thing that comes to mind is innovative. You know? And that sounds weird to just give North Korea a compliment, but when you read and look into what they've been doing for the better part of over a decade, they have been at the forefront of developing schemes and attacks that just increase profit generation at levels that other nations maybe don't bother with, but for such a small isolated nation that is completely cut off from the -- from like 95% of the world and is hit with some of the hardest sanctions by everybody on the world, they are able to have some of the most successful hacking programs for -- and -- and generate billions. And that's not an understatement. Billions of dollars.

 

Ben Yelin: Game recognized game.

 

Ethan Cook: Exactly.

 

Dave Bittner: Necessity is the mother of invention and all that kind of stuff. Ben, you have any to add there from your point of view?

 

Ben Yelin: Yes, I mean I kept thinking of the Shaq meme when I was reading Ethan's summary of like, "I wasn't familiar with your game. Like, I'm pretty impressed." Obviously, it's bad. I mean hacking is bad and stealing information from other countries and holding it hostage and forcing countries to pay ransom is something that we should frown upon. But if you are going to be isolated from the international community to the point that you can't really build up any wealth if you're not trading with world partners, it's a tiny country, they can't really produce much. Everybody's seen those viral maps of the Korean peninsula at night where South Korea is very well lit up and North Korea is nearly completely dark. I mean it's a -- it's a poor country. So, this is -- I agree with you, an innovative way for them to bring in revenue, even though it's immoral. Like --

 

Ethan Cook: Absolutely

 

Ben Yelin: I can understand it from their perspective as a revenue generator. I -- I think you're right though that it's just something that doesn't apply to any other country in the world who do it for geopolitical reasons. You know, hacking back for defense purposes. It's -- or to gain some type of diplomatic leverage. It's just -- it's -- this is a different game entirely and I think that has really important implications.

 

Dave Bittner: Yes, we should mention overtly, espionage as well is a huge part of --

 

Ben Yelin: Oh, yes. Yes.

 

Dave Bittner: -- what, you know, everybody else is up to and North Korea does some of that. But this is -- is it fair to say Ethan that the -- the bulk of their activities involve revenue generation?

 

Ethan Cook: Yes, I would say -- and, you know, that dates back a while now. Right? We, you know, I think the first major hack that North Korea had was, you know, its SPE or the Sony Pictures hack, you know, back in the early 20-teens, where they got very upset over the, you know, I'm not sure if people remember this, but the movie, the comedic movie, known as "The Dictator," which was, I believe, Seth Rogan and James Franco maybe, who went on --

 

Ben Yelin: It was the two of them, but I don't think that was "The Dictator," Ethan.

 

Ethan Cook: Not "The Dictator." Why am I blanking on the name? I -- I mean, I even looked this up.

 

Dave Bittner: To the internet.

 

Ethan Cook: "The Interview." "The Interview." "The Interview."

 

Ben Yelin: "Interview." That's what it was. Okay.

 

Ethan Cook: "The Interview," where they go in and, you know, they're assassinating North Korea's dictator. And, you know, there's a whole -- it's a comedy movie. And obviously Pyongyang took a lot of personal offense at that. And that one was that, you know, that standard politically motivated attack. You know, "You're doing something we don't like. We're going to shut it down. We're not targeting your nation, but we're going to deploy nation state resources to target a company." And I think that was the last time where it felt -- I guess the best way to describe it was personal to North Korea. After that, it felt a lot more like, "Okay, what can we do to get the most amount of money or hit the most amount of things as possible and just break in revenue?" Whether that was the Bangladesh bank heist in 2016, whether that was WannaCry or the modern crypto scandal -- scandals and scams that they are running now.

 

Dave Bittner: Well, I mean, let's dig into some of the details of -- of these so that we can have a sense for the scale. In 2016, you had the Bangladesh bank heist. What -- what's the underpinnings of that, Ethan?

 

Ethan Cook: Yes, so in 2016, they targeted the Bangladesh Central Bank, going and you know, specifically targeting the SWIFT Global payment system, where they attempted to siphon off just over $950 million. While they did not end up actually getting $950 million, I think the estimated was around 81-ish million dollars. That's still a substantial amount of money, as they were trying to basically just drain out the -- the bank's New York fed account, and siphon that all out. And that was like a very clear shift of a nation going after banking services and -- and using it as a way to generate money. And it was this kind of was this shift and this pivot to use cyber-attacks as a revenue generating system to help both avoid international sanctions, as well as start using these funds to help support its military programs and its economic goals as a way to kind of harvest and make money and you know, in the lack of a, you know, traditional GDP. From there, while they, you know, we have WannaCry, which WannaCry wasn't as major of a revenue generator. They only made about 100K estimate. The damages from WannaCry was pretty substantial. I mean while it was, you know, in and out like you know, less than a two-week period while it was here, was probably one of the most well-known cyber incidents for the average person to be aware of.

 

Ben Yelin: It's also something that, yes, like the -- it -- it infiltrated our news environment in a way that previous hacks from foreign adversaries have not, just because it affected so many services that all of us use. And I -- I, kind of the canary in the coal mine on this because I'm not as much in this world as I think either the two of you are. And I certainly was aware of what was going on with WannaCry.

 

Ethan Cook: Yes. And that was when I was just entering college for -- for undergrad and I at the time was not touched with cyber at all.

 

Ben Yelin: God, we're old, Dave.

 

Dave Bittner: I know.

 

Ethan Cook: Sorry to date you guys. But you know, and I think from there they have only continued to become more sophisticated and advanced. Now, we're seeing them deploy attacks that target crypto exchanges. You know, crypto has a lot of benefits and while I think there is a ton of risk associated with crypto as we still try to navigate this new system, there's a lot of lack of regulation. Financial -- the crypto exchanges are relatively new, meaning that they don't have the years and years and teams that can help secure them from just a technical standpoint. And I think that North Korea has identified that both by the crypto exchanges, especially some of the newer smaller ones, as well as people who trade in crypto, are vulnerable. They are vulnerable to both phishing and other social engineering and they're also vulnerable to just technical attacks. And year over year, they've been putting up and earning more money through these attacks than ever before.

 

Ben Yelin: They're also investing in these attacks, which I think is really interesting. Like, it's become kind of a stimulus program. Sixty-thousand North Koreans are employed in offensive hacking operations, which is really substantial. I mean it's -- it's like a driver of economic growth when there just aren't that many drivers of economic growth in North Korea.

 

Dave Bittner: Yes. Can you talk some, Ethan, about their weapons of mass destruction programs here, because it -- I mean, those are really enabled by these activities.

 

Ethan Cook: Yes. So, I mean, obviously, you know, the long discourse around North Korea has been, you know, them trying to get access to WMDs. Right? To develop their intercontinental -- intercontinental ballistic missile program. There, I've said it.

 

Dave Bittner: Well done.

 

Ethan Cook: And their -- and their nuclear program. And like, we can all remember, I mean, I think during Trump's first term, we had Rocketman and that whole kind of tension point that was there where it was very clear that, you know, America and many other nations were very adamant that North Korea could never gain access to these very sophisticated weapons. And North Korea, like many other smaller nations that feel the need to develop themselves, were adamant that it was critical. And the sanctions that have been imposed on them have -- make it both incredibly hard to just one, get access to these raw materials that they need to develop, you know, the program and also just the money, the raw money, to develop and, you know, support these programs, whether it be from a technical standpoint, from a teaching people how to, you know, become nuclear scientists, etcetera. And these funds have been instrumental. I think, you know, I can't -- I can't undersell them enough how -- how important these activities have been to evading these sanctions and getting in programs. There are -- getting and supporting these programs. There have been people at the UN who have mentioned how these efforts have been -- they are so low cost and their yields are so high, if they hit -- if they hit, right, that it's incredibly profitable for the [inaudible 00:12:12], and it's really hard for us to deter them because, one, they're going after other companies and they're kind of going after everyone across the world. So, it's not like they're just targeting one nation. They're targeting everyone. And it's really hard to -- how do we get them back? Right? We're not going to invade North Korea and get their side cyber team. Right? They can just kind of launch the attacks as often as they want, pretty frequently and continue to garner these money. And because now that they've transitioned to crypto, it's even harder to track and make sure that, you know, there's transparency regarding these things. And enforcing crypto is really hard compared to, you know, traditional schemes where, like, we have the SWIFT banking system, which makes it a little easier to prevent funds from being stolen.

 

Dave Bittner: Now, one of the things that strikes me about North Korea's efforts in both with cryptocurrency but then also, as you mentioned, their -- their initial forays into attacking the SWIFT banking system is how much the world relies on norms. And this is another example of if you have a one-nation state who says, "We're not playing by the rest of the world's rules," how that is just -- it -- it screws everything up because, you know, you have these vulnerabilities, let's say, in the SWIFT banking system that all the other good faith participants wouldn't exploit because it's not in anyone's best interest. But if you have one bad actor like North Korea, they can go at that. And so, the -- the norms get taken advantage of.

 

Ben Yelin: It's a different incentive structure when they have no interest in being part of the international community.

 

Ethan Cook: Yes.

 

Ben Yelin: Because you don't have to worry about any blowback. I mean, and I think that's been the backdrop of US-North Korea relations over the past 70 years is, it's not really a detente because we're still enemies, but it's like we've kind of learned to live with them and their belligerence and like, they're a problem to be managed and not an existential threat, I think in the -- in the minds of most U.S. political and foreign policy officials.

 

Ethan Cook: And it's not worth pissing off China for, right? Like, that's the -- I think that's kind of what gives North Korea this freeway to do what they do because they -- China will never allow that to happen. Right? They're never going to allow North Korea to be like for -- like, taken over or to be the -- the regime to be replaced because they view that as a one, a nice buffer in the region and an ally who can they support. And you know, it's no secret that China supports a lot of North Korea through its foreign aid. So, you know, they're putting all this money, this -- this food, etcetera, trade into North Korea to support the regime and they're never going to let that go, which kind of gives North Korea this free pass, because to your point, we have these social norms about not attacking certain things, or at least we had these social norms about not attacking these things. And now, we are -- we have one country who doesn't want to play by the rules and no one's really going to invest the time and certainly the potential risk of irritating China and this, you know, in this kind of matter.

 

Dave Bittner: Well, I -- I'm thinking of, you know, President Trump is famously using missile strikes against Venezuelan boats that he claims are being used for drugs. Is the China thing what keeps some targeted drone strikes from making their way into North Korea?

 

Ethan Cook: I think so. You know, obviously, relations with China over the past, and this is not just under Trump, but under Biden, have not been the best in the past, you know, five to six years. Things are tense. The South China Sea is intense. Year over year, it feels like we have these rollercoaster of emotions where it's like, oh, you know, we've calmed down, everyone seems cool, and then suddenly we look in the news and there's more tensions again. So, I think there's this kind of weird stalemate in -- in East Asia where people don't really know where it's going. And I think there's a -- no one wants -- I don't think anyone wants North Korea to be the kickoff point. Though I do think there is this kind of interesting concept when we talk about norms. You know, we said that they're, you know, traditionally we were not -- there was no deterrence methods to North Korea hacking. Right? Because there were -- a lot of nation states were not willing to use offensive cyber measures to go after people. Right? You know, it was kind of opening Pandora's box where once you start that whole process, we see where does that logically end up. And we talked about this when we did a deep dive, or past couple Deep Dives, where we looked at cyber operations and how the global world, from the EU to the US, etcetera, are becoming a little bit more open to saying, though, maybe offensive cyber operations are the solution. Trump has been no secret that he -- he is investing in offensive cyber measures. The EU and the UK have both developed plans to support and to put money behind offensive cyber units. So, I think that's something to keep an eye out on over the next, you know, year or two, as these things get the funding, they get stand up, and how that looks as maybe that shifts how North Korea needs to kind of engage with the world with its offensive measures.

 

Dave Bittner: What do you make of that, Ben?

 

Ben Yelin: Yes, I think that -- I think there's a lot to that. I do think so much of that -- our relationship with North Korea is through their role as an agent of China, or as a recipient of China's foreign aid. And I think, like, we have to be very measured in how we attack North Korea, both kinetically and through cyber tools, with China in mind. I think we'd be far less concerned about offending the North Koreans or hurting the North Koreans one way or another without the implications of this really fraught relationship we have on a number of different fronts with China. So, I do think like that changes the way that we engage with North Korea, where if they were just the small rogue state that wasn't supported by the other major global superpower, I think we could more safely ignore them. But I'd say two factors, China and nuclear weapons, make them difficult to ignore. [ Music ]

 

Dave Bittner: Is my perception correct that, as opposed to his first administration where President Trump, you know, sort of famously talked about his relationship with North Korea and how he and Kim Jong Un fell in love, right? I mean, there -- there was a lot of rhetoric about how good a relationship he felt he personally had. I don't recall it being that overt this second time around with President Trump. Is -- is my perception there aligned with what you guys feel like we've been hearing?

 

Ben Yelin: I just think he's involved in too many other things at this point.

 

Dave Bittner: Yes.

 

Ben Yelin: Like we haven't had a North Korean news cycle, and I feel like if there were some saber rattling and that could be through a cyber-attack, then we'd get like the new 2025 take on Trump's relationship with North Korea. I just think like, it became a cause of his in his first term because he did the whole Rocketman thing and then it was a major diplomatic breakthrough when he started having this friendly relationship with Kim Jong Un, and there was at least the potential for us to settle this 70-year long dispute. I mean, I was never particularly optimistic, but I certainly supported engaging in that kind of diplomacy. I just think like with what's going on in Gaza and what's going on with Ukraine and Russia, it's just kind of been off the radar. I don't know if -- if you have a different take, Ethan.

 

Ethan Cook: Yes, I think I do agree that there's just too much going on right now and they haven't done anything that's worth -- they haven't done anything to a nation state that is worth noting. I think that's also kind of the ingenious part of what they do by going after businesses and -- and specifically crypto, which is already kind of not really connected to nation states, they can hit companies that don't have a lot of like, connections to -- to politicians. And they don't deny -- hitting these major groups. whereas like WannaCry 2017, that impacted the UK massively. Right? Like, there's no way that doesn't irritate the UK government because it shut down the NHS, right, for -- for days. As governments become more involved in crypto, I think that could be a tipping point where, you know, we're no longer now just hitting random crypto exchanges that no one's really talking about. We're now starting to hit major crypto reserves that could impact the money that is tied to, or -- or partners that are tied to both state and federal governments, etcetera. And I think there is a -- I think a thing that I will be curious about that how it develops between the two nations, especially with Trump, I think there could be, given the tensions that are in the South China Sea and East Asia, I see it kind of turning into a, "This is an excuse to get angry about it." Like, this is like North Korea is an excuse for us to kind of have this conversation and launch it off is. Is -- is like, "Oh, we're going to take an incident, make it a central focus as a part of a larger conversation or to get a larger conversation more incident going."

 

Dave Bittner: A la Venezuela.

 

Ethan Cook: Exactly.

 

Dave Bittner: Yes. How much is this all empowered by cryptocurrency?

 

Ethan Cook: I would say pretty substantially. I mean, they have more scams. They have another -- another -- a system going with a fake IT worker program, which is also worth noting. But I mean, just earlier this year, they stole $1.4 billion from Bybit, during -- which is a cryptocurrency exchange. The infamous Lazarus group, who was behind WannaCry, and the SBE attack, stole 40 Ethereum, of which roughly 89% of it as of, you know, a week ago, is -- has gone dark, meaning it will almost likely never be recovered. And while some has been covered, some has been -- some has been -- is still kind of out there. They -- they have -- that is probably their largest single haul ever and has already surpassed -- they've already surpassed how much they've made in 2022 by an -- almost an additional, 0.7 billion. And we still have what, three, two and a half months left to go of the year? So, I think, you know, them getting $2 billion of untrackable currency year-over-year is going to be really impactful for them. And I think also -- also on top of that, like I mentioned, they have other scams going, with the fake IT worker scam, where they -- what they do is they have been, you know, speaking of innovation, they have developed this program pretty much in response to COVID and the remote work -- remote worker programs that have developed, especially in the IT world where they have postings, they have someone pretend to be someone from another place, right? And they get access to Fortune 500 companies as a remote IT worker. And some of them are just doing legitimate IT work and sending portions of their check to -- to this Pyongyang. Right? To this, you know, siphon off, you know, if they make, let's say $5,000 a month, they send $4,000 back to Pyongyang. And then on top -- and then on the other side of it, there have been instances where these fake IT workers have stolen company secrets, they've gone through and been able to steal company funds, etcetera. So, I think there's also that other more insidious side of that program as well. And innovation, again.

 

Ben Yelin: So, if your online IT guy seems a little too nice --

 

Ethan Cook: Yes, yes.

 

Ben Yelin: -- it could be a North Korean hacker.

 

Dave Bittner: Now, one of our colleagues, who spun off his own business here from N2K, an unrelated business, had two incidents of people trying to apply in tech positions who he pretty quickly established were fake North Koreans, trying to get jobs. And this -- and this is a small startup, right? So, it is out there and -- and active.

 

Ethan Cook: I was reading an article, and there was kind of this commentary of it's just a dark known secret that within these major companies you absolutely have a North Korean infiltrated. It's just like an accepted reality, with these fake IT scams and fake IT worker scams. And I think that is again, speaks to this, which is, you know, I -- before diving into this, you know, I've heard about it, but I'm like, "Oh, you know, it can't be this major program, right?" Like, there's no way. And then the more you dive into it, it's more like, "No, they -- they've developed a system that is -- they're -- they're everywhere." And I think that kind of speaks to this sophistication where, you know, an advancement using -- using systems and programs and point staying ahead of the times. Right? They're on this and what COVID, was a couple years ago, and they've already developed and fully built out the sophisticated program.

 

Dave Bittner: How deliberate are they about staying right on their side of the line? In other words, keeping their activities more at a nuisance level than you know, turning the lights off here in the US? You know where I'm going with this?

 

Ben Yelin: I think that's -- yes, I mean, I think that's a great question because they know that turn the lights off, attacking our critical infrastructure, like, that's when we start to care and there might be blowback. But like, if they do it at a nuisance level -- I mean, 2 billion for them through 2025 is a lot of money. You know, for us, in the context of our full GDP, it's not that big of a deal -- I mean, it's a huge deal for the companies that are impacted, but it's just -- it's not at the same scale. And I think they know that. You know, it's like in the movie "Office Space," where they have this whole scheme to steal money from the company and that's -- they -- the scheme is to just shave off a few cents of every transaction so that it becomes less noticeable. This is a far less extreme example of that.

 

Dave Bittner: Yeah. What do you think, Ethan? Yes, I would say that that hits the nail on the head. I think their goal is not to create tsunamis. It's to create ripples, right? They're not trying to take down -- you know, let's take, you know, Solar Winds, right, these major hacks or the, you know, these incidents that shut down major services for -- for days or weeks. Like, they've done that before with WannaCry, but that's not their goal anymore. If it happens, I don't think they're going to be that upset, but that's not the goal. I think their goal is to look at it and say, "How can we poke the bear enough where the bear -- and to get our fill, but the bear doesn't feel the need to turn around and, you know, swipe at us?" Yes. I -- I suppose part of this is that they don't want to lose their global sponsor, you know, China. They don't want China to -- to think of them as not being worth it anymore.

 

Ethan Cook: Yes. I think that's -- that's 100% an aspect of it. I think their value to China is very transparent. You know, I think, you know, going back to the Korean War, right? When everything's at the 50/50 line, you know, the -- the -- the parallel, everything's okay. That's -- as long as that's happened. But the minute it starts getting a little too beyond that, that gets a little uncomfortable. Things are not where we want them to be. And I think China still holds the mentality that that buffer zone is -- is important, but they're not willing to do everything to support this state if it's not in their incentive. And I think for them, they see North Korea as, "Hey, they can stand on their own. They have a sophisticated technology program that I'm sure they have some access to." Don't -- you know, we don't know that, obviously, but I would be shocked if they don't and if they aren't supporting it to some degree. But that is a valuable tool for them and I think for -- it is a -- it is a proxy state of sorts for them.

 

Dave Bittner: Where do you suppose we're headed long term? I mean, is -- do the people who study these sorts of things think that North Korea's situation is sustainable over the long term?

 

Ethan Cook: I think the answer is a tentative yes. Yes. You want to go, Ben?

 

Ben Yelin: Yes, I mean, I just think like, it's working out for them right now. It is a way to bring in revenue. It's not inviting international blowback and they're getting better at finding our vulnerabilities. That's what's so interesting about them going after crypto is it's like these are our most poorly regulated transactions and so, they're getting more sophisticated in finding things like obscure blockchains where they can go in and -- and steal money. I just think they're -- if you look at the -- the pure incentive structure, I think we have to take seriously that this is going to continue and it's going to expand.

 

Dave Bittner: They're like global rodents, right?

 

Ethan Cook: Yes.

 

Ben Yelin: Yes.

 

Ethan Cook: I think that's a really good description of them.

 

Dave Bittner: A certain amount of your -- your foodstuffs you have to calculate are going to be eaten by rodents. And, you know, you can try -- you can fight them, but -- you can keep them at bay, but you know, anybody who's ever run a restaurant knows, you're not going to get rid of them completely.

 

Ben Yelin: Right.

 

Ethan Cook: Yes. And as long as they don't become so much of a problem where you need to do a full clean house and -- and it's just not worth inviting that kind of -- and investing that kind of both, you know, diplomatic cost, monetary cost, military cost, etcetera, into a nation that just -- it's not enough of a problem. There are bigger fish to fry and they are eating up a -- a substantial amount of more attention. Like, we talk about how, you know, we haven't had that North Korea Trump kind of butting heads moment yet. And it's because we have two major conflicts going on, both within Europe with, you know, Ukraine-Russia, and within the Middle East with, you know, Palestine and -- and Israel. And those are taking up so much space and so much time right now that we're, you know -- resources are -- need to be put forward for them, for US interests and, you know, European interests, etcetera. It's just not worth devoting the millions of dollars that it would take to really address this problem.

 

Dave Bittner: And I suppose the North Koreans are smart enough or politically savvy enough to recognize this moment and just keep their heads down and keep bringing in that revenue.

 

Ethan Cook: Absolutely. And I think the only reason why I said tentative yes is, and again, I don't think this is anything in the -- in the next year or two, is this pivot to offensive cyber, I -- I think could change some of those things, but it's certainly not going to be a rapid oh, tomorrow kind of situation. It's a, does that change -- I think what it would more likely do is change the tactics that are used or the targets that they go after, rather than necessarily what they're doing now.

 

Dave Bittner: Are there any indications who the likely people would be to go after North Korea? I mean, would the -- would the US go in, you know, cyber guns ablaze or would we --

 

Ben Yelin: Can we get a coalition of the willing?

 

Dave Bittner: Well, that's what I'm saying.

 

Ethan Cook: Yes.

 

Dave Bittner: Would we rely on our friends who from Europol or folks who are geographically closer to do things on our behalf, perhaps with our support?

 

Ethan Cook: I think -- I think it would make sense to have both South Korea and Japan kind of lead that charge. We are pouring -- you know, we talked about this in the last -- in the last Deep Dive when we went over the Big Beautiful Bill. We -- we just put a billion dollars to supporting cyber offensive work and development in -- in the Indo Pacific command. I think that, while some of that's going to go to support, some of that will go to, you know, developing bases out more, etcetera, I -- I think it would not be shocking to me to find out that some of that money has gone to supporting and further developing allies in the region, whether that be Australia, whether that be Japan, whether that be South Korea -- their capabilities to act similar to, you know, how China views North Korea, act as a way for us to have insight and deter actions in the region without having to get ourselves directly involved.

 

Dave Bittner: For our listeners, other than the IT worker scams, are there any day-to-day things that folks need to be concerned about? Does -- does North Korea need to be on their defensive radar?

 

Ethan Cook: Yes, I think, you know, there's been this other scam that has been kind of, I guess popped up in the past year or two that has becoming -- and it's -- it's a form of crypto scam. But it's a little different than some of the blockchain attacks that we've been seeing where you know, they're going after a crypto exchange where, for lack of a better word, they're called pig butchering scams, where the whole point of them is they are going to find you on a connection, whether that be through a social media thing, a dating app, etcetera. And they are going to pose as someone and develop a relationship with you for -- and some of these relationships last weeks, some of them have gone months and they are basically trying to become your friend. And they're not -- they're not even bringing up the scam right away. They're just trying to make you feel connected. And after whatever the set amount of time is where they feel like they have you, they will provide you an investment opportunity through crypto, and sometimes they'll even send you to legitimate crypto exchange sites, and they'll have you convert money into legitimate coins, and then through that process will basically get your -- say -- get you to a -- put money into a fake wallet or a -- a compromised wallet and then siphon off funds. And these have become another scam where they're not just targeting major businesses, but they're also targeting individuals, as well.

 

Dave Bittner: Yes. Need to look out for your loved ones.

 

Ethan Cook: Exactly.

 

Dave Bittner: Yes. Ben, any final thoughts?

 

Ben Yelin: I just think, like, this has to be part of people's full suite of measures for cyber defenses is consideration of North Korean hacking. I think it is just under the radar, and I think Ethan just did a really good job summarizing how big of a threat it is to us and why this is something that's going to continue in the future, just because it's an economic benefit to North Korea, it's a jobs program, and they are getting more sophisticated at exploiting our vulnerabilities.

 

Dave Bittner: Yes, absolutely. All right, well, Ethan Cook, thank you so much for joining us once again. Fascinating discussion and we appreciate you digging in and sharing all the fine details with us and our listeners. Where can folks find the "Caveat" newsletter?

 

Ethan Cook: You can find the "Caveat" newsletter on our website@thecyberwire.com [ Music ]

 

Dave Bittner: That is caveat brought to you by N2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to caveat@n2k.com. This episode is produced by Liz Stokes. Our executive producer is Jennifer Eiben. The show is mixed by Tre Hester. Peter Kilpe is our publisher. I'm Dave Bittner.

 

Ben Yelin: And I'm Ben Yelin.

 

Ethan Cook: And I'm Ethan Cook.

 

Dave Bittner: Thanks for listening. [ Music ]

Caveat
Podcast Info
HOST(S):
Dave Bittner
Ben Yelin
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Ben Yelin, JD, is the Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, where he consults public and private entities on homeland security, cybersecurity and emergency management policy. He is also an adjunct faculty member at the University of Maryland Francis King Carey School of Law, where he teaches courses on electronic surveillance and the Fourth Amendment.
Schedule: Wednesdays
Creator: N2K Networks, Inc.