Farlina Said was quoted in Bernama 10 April 2023
By Nabilah Saleh – 8 April
In February this year, a United Nations (UN) Security Council committee report stated that North Korea stole more cryptocurrency assets in 2022 than in any other year, and targetted the networks of foreign aerospace and defence companies.
North Korea’s cybercrime spree is nothing new, and an alarming reality for the rest of the world. How come this nation that keeps itself isolated from the rest of the world has honed its unenviable skills in committing cybercrimes across the world?
North Korea’s nemesis, South Korea, recently revealed that top long-established freelancing sites are the most common platforms for North Koreans to recruit their information and technology (IT) workers, bid on projects well as generate revenues in foreign currencies, especially using cryptocurrency.
Institute of Strategic & International Studies (ISIS) Malaysia Senior Analyst in the Foreign Policy and Security Studies programme, Farlina Said, told Bernama that North Korea’s proficiency and sophistication in cyber-crime have indeed developed over the years.
“Based on some basic observations that I could tell here, some of the methods used can be something as simple as clicking on a file from an unknown sender, which activates malware into the system.
However, some of the cyber activity issues are not as direct, as addressing them involves various parties. For instance, criminal activity has been stopped by eagle-eyed IT personnel, which places burden in the process to ensure cybersecurity is consistently upheld,” she said.
Therefore, she opined that Southeast Asia’s growing yet vulnerable cryptocurrency sector is still highly exposed to such threats.
“North Korea’s development of cyber capacity may be tied to the nation’s attempt to leverage on an asymmetrical, low-cost and high-impact capability; especially if the asymmetry in developed South Korea or the United States is taken into account.
“The ASEAN region, with a matured and maturing digital environment, are vulnerable as processes and cooperation mechanisms are in stages of development to stay one step ahead of the crime or criminals,” she added, noting that it would be useful for Malaysians to know of the North Korean challenge which drives sophistication.
She further highlighted that it would be relevant for Malaysians to also understand that cyber risks can have detrimental consequences and could be exploited for criminal purposes.
Director of Centre for ASEAN Regionalism Universiti Malaya (CARUM) Dr Rahul Mishra, meanwhile, said Malaysia could take precautionary measures accordingly despite the vulnerability of such North Korean threats in the region.
“I think it’s still a bit early for Malaysia to devise a comprehensive policy on how to go about cryptocurrency but it’s never too late.
“For the common people of Malaysia, keeping a balanced, cautious approach on cryptocurrency is the only way as of now,” he said.
Mishra also pointed out that it is also vital for Malaysians to get to know the risks imposed by understanding the geopolitical challenges impacting the world today, in order know better about why cybersecurity threats occurred.
“Indeed, it is critically important for Malaysia and the Malaysian government to keep a close eye on challenges posed by cybersecurity threats.
“Thankfully, Malaysia is not leaning on to either side on the Korean Peninsula matters and follows a neutral stance which helps it steer clear of any conventional challenges posed by a hostile North Korea,” he noted.
Concurring with Farliana and Mishra, Senior Fellow Dr Azmi Hassan of the Nusantara Academy for Strategic Research (NASR), who is also a defence analyst, agreed that all challenges could be defeated by holistic, collective efforts at the regional bloc level.
Azmi said ASEAN governments through its ASEAN Secretariat need to work together to increase awareness regarding such cyber-attacks and the cryptocurrency theft that is funding illegal and military activities.
“To better enhance the law and with any particular strategies, cooperation with private sector would be vital as well,” added Azmi.
As ASEAN member states have endorsed the UN Norms of Responsible State Behaviour, Farliana said all nations could consider enhancing collaboration mechanisms and setting goals.
“It may be useful to set aims that could address illegal cyber activity; among which could focus on building awareness and cyber hygiene.
“As the private sector would have jurisdiction over their channels of authority, investing in cybersecurity should increase trust in their systems, especially financial systems. Fine-tuning this process for improved collaboration, regulations and obligations would be useful.”
For Mishra, creating specialised task forces to map these challenges and then exchange notes with other ASEAN and regional partners to learn from regional and global best practices is the most effective way out.
According to the data provided by the South Korean government, the total amount of cryptocurrency stolen by Pyongyang since 2017 is over US$1.2 billion – with approximately around US$626 million of it is for this year alone.
This article first published in Bernama, 10 April 2023