North Korea might be at odds with countries like the US and South Korea, but it’ll gladly use their technology.
Researchers from Recorded Future, a threat intelligence company, said in a report Wednesday that North Korean hackers have used technology from Microsoft, Apple and Samsung to carry out cyberattacks. The isolated country has been, including the 2017 WannaCry ransomware assault, which locked up thousands of computers across 150 countries and ensnared hospitals, universities and airports with its malware.
That nation’s government was also behind the 2014 Sony hack, which was considered one of the most destructive attacks on a company on US soil at the time.
Microsoft and Samsung didn’t immediately respond for a request for comment.
Priscilla Moriuchi, Recorded Future’s director of strategic threat development, said the team discovered an “overwhelming presence of American software” on North Korea’s network. Despite decades of trade sanctions, North Korean hackers have used workarounds and loopholes to get hold of US and South Korean technology for its attacks, she said.
“North Korea has pretty much professionalized working around sanctions for the past 30 years,” Moriuchi said. “For decades, they’ve conducted and run these illicit networks around South East Asia, East Asia, China.”
US technology isn’t supposed to find its way to North Korea, but several loopholes in trade sanctions have allowed electronics to pass through. According to the report, North Koreans have used fake addresses and names to get through sanctions, including a shell company called Glocom.
Recorded Future researchers said Glocom has used a network of fake companies in Asia to purchase US parts from resellers, and even cleared payments through US bank account at one point.
“These are gaping holes we’re allowing rogue regimes like North Korea to exploit,” Moriuchi said. “We don’t want American technology victimizing American businesses and government.”
Companies that have been caught sending US technology to North Korea have faced the consequences, like.
Technology found on North Korea’s network includes Apple’s iPhone X and Microsoft’s Windows 10. Through a partnership with a third-party metadata collection service, Recorded Future said it also found devices like Samsung’s Galaxy S7 and S8 Plus on North Korea’s network.
The researchers used five separate data sources to confirm their findings, including Shodan, a search engine for finding internet-connected devices.
Because of changing policies over the last two decades, North Korea has also been able to legally purchase many US computers and phones, Moriuchi said.
Since 2002, US exporters have sent $ 483,543 worth of electronics, much of it outdated devices, to North Korea. In some years, such as 2006, total bans prevent any sales. In other years, policies change and North Korea has been able to purchase US electronics.
Another loophole is the absence of a definitive standard for sanctions across the world. While electronics fall under “luxury goods” in the US sanctions restrictions, they don’t in China. In the EU, the luxury goods definition only applies to products that are worth more than 50 euros (about $ 58).
“The problem is that each country is allowed to interpret the term ‘luxury goods’ however they feel,” Moriuchi said.
Blockchain Decoded: CNET looks at the tech powering bitcoin — and soon, too, a myriad of services that will change your life.
Follow the Money: This is how digital cash is changing the way we save, shop and work.