The Monument to Party Founding, Pyongyang, North Korea. Photo by Flicker user (stephan).
There have been bank robbers for just about as long as there have been banks, but there has never been a bank robber who came equipped with nuclear weapons – until now.
North Korea and its dictator-by-birthright Kim Jong Un are widely believed to be behind a series of digital heists that have sparked alarm across the global banking system. Symantec, a major digital security firm, has linked North Korea to three major heists: an $81 million theft from Bangladesh’s central bank, a smaller attack targeting a Vietnamese bank and one targeting an unnamed Filipino bank. Whether hackers actually succeeded at stealing anything from this last target is murky, since the Philippines’ central bank has said none of the country’s banks have reported money lost to hackers, but it did not rule out the possibility that such a theft could have happened. Researchers confirmed that, at a minimum, the bank’s security was breached. The targeted banks are all members of the Society for Worldwide Interbank Financial Telecommunication, usually abbreviated SWIFT, and it seems the network was the hackers’ point of entry.
The computer code used in the attacks is evidently distinctive, and it has been identified in only two previous instances. The first was a series of attacks on South Korean banks and media back in 2013. The second was the high-profile breach at Sony Pictures in 2014. While North Korea did not officially take credit for either, experts in the U.S. and elsewhere attributed both attacks to North Korean hackers, further bolstering Symantec’s findings.
As The Wall Street Journal pointed out, the thefts could have been worse from a purely monetary perspective; the hackers attempted to transfer nearly $1 billion out of Bangladesh, but suspicious bank employees stepped in to stem the outflow. Prospects of recovering the $81 million that hackers did manage to steal are not good.
The implications of the theft, however, are even more unsettling than the missing cash. Eric Chien, a security researcher at Symantec, confirmed that the bank robberies were committed by the same party that hacked Sony and South Korea. “We’ve never seen an attack where a nation-state has gone in and stolen money,” he told The New York Times. “This is a first.”
North Korea has been uniquely audacious before. The big question now is what, if anything, Kim’s sponsors in Beijing will do about it.
As ever, China is trying to have things both ways, providing economic and diplomatic cover to Pyongyang while also discouraging it from doing the things that provoke international outrage. But short of giving Kim a hefty increase in his allowance, China is apparently unable to satisfy all his wants and needs. Thus Kim and his minions have seemingly turned to large-scale electronic theft from the rest of the world, which refuses to do business with him.
The theft is certainly not going to make countries any more eager to deal with Kim’s regime. Nor are stepped-up American sanctions. The Wall Street Journal reported last week that the Treasury Department invoked a provision of the Patriot Act to declare North Korea a “primary money laundering concern,” and warned foreign banks that if they do business with Pyongyang, they too could face U.S. sanctions as a result.
The American sanctions on Kim’s bankers are likely to add new strains to the Sino-American relationship. That’s OK by me. At some point China needs to make a choice: Does it want to be part of a law-abiding global economic order, or is its strategic imperative of preventing North Korea’s collapse and potential absorption into American-allied South Korea reason enough to bear the consequences of aiding and abetting the world’s number-one outlaw?
China is not the only one that has to make a choice, however. The rest of the world benefits from trade with China. Steps that might restrict Chinese access to the international banking system will not be cost-free to everyone other than China. But it still ought to be a price worth paying.
We will see what happens. Plugging gaps in the SWIFT network’s security is important, but it is not the fundamental change that the situation warrants. That fundamental change would be to cut off Kim’s allowance outright and get rid of the globe’s most odious regime before something truly catastrophic happens.
China remains Kim’s enabler for now. It shows no sign of changing unless the rest of the world takes costly steps to demand such change.