North Korea 's hugecrypto hack marks a new era in cybersecurity threats.- "If there was ever a doubt that hacks were not tied to
national security , that's been resolved," ablockchain expert told Insider.
US authorities this week tied North Korean hackers to the historic $625 million Axie Infinity crypto swindle, with the massive hack signifying the emergence of a new type of national security threat, according to a blockchain expert.
On Thursday, the US Treasury Department added an Ethereum wallet address to its sanction list after the wallet facilitated transfers for more than $86 million of the stolen funds.
The hacking outfits Lazarus and APT38, both linked to North Korea, were behind the theft, the FBI said in a statement, and the funds are generating revenue for Kim Jong Un's regime.
Ari Redbord, head of legal and government affairs at blockchain research firm TRM, says the attack shows that even a nation as isolated as North Korea can participate in new-age cyber-warfare.
"Over the last few years many hacks have been perpetrated by North Korea," Redbord told Insider. "But the magnitude of this one shows things have moved from small exploits to true national security concerns. It's staggering — bank robbery at the speed of the internet."
For years, North Korean actors have been responsible for cyberattacks, including a high-profile hit against Sony in 2014. But groups like Lazarus have grown increasingly sophisticated and ambitious.
Meanwhile, businesses within the nascent
"North Korea realized a hack against an online retailer was one thing, but going after crypto exchanges is a more effective way to fund destabilizing activity at a very low cost to them," Redbord said.
The country was an early adopter of
What's more, Redbord noted that social engineering attacks, such as the Axie Infinity infiltration, are becoming more advanced.
These hacks aren't a consequence of simple, mass-phishing emails, he explained, but nuanced and targeted strikes on specific individuals.
The new digital battlefield
While North Korea has an extremely small economy and limited infrastructure, it has proven it can participate in cyber-warfare at a scale similar to global superpowers like the US and China.
The
"Over the last year or so, we've moved from a post 9/11 world into a new digital battlefield," Redbord said. "Nation-state actors know to go after crypto businesses to fund real weapon proliferation, it's not just some hackers trying to fund a lifestyle."
North Korea's use of the group Lazarus confirms that the country's isolated status and lack of modern infrastructure doesn't hold it back from participating in cyber warfare on the world stage, Redbord explained.
The cryptocurrency industry is an excellent target for these attacks because of the volume of transactions and funds being moved every day, but also because the businesses aren't fully mature and may still be developing their own cyber security protocols.
Unfortunately, this means many firms often do not have the most up to date security measures in place, Redbord said.
"It comes down to hardening cyber defenses. We're still in a world where these companies are learning how to protect themselves, and now we've seen that a small group is responsible for crypto's largest hack." he said. "If there was ever a doubt that hacks were not tied to national security, that's been resolved."